last executing test programs:

18m0.321484304s ago: executing program 32 (id=41):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000110001"], 0xd0}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x109}], {0x14}}, 0x3c}}, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r5, 0x29, 0x17, 0x0, 0x0)

16m37.407828921s ago: executing program 33 (id=145):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00')
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0802, 0x0)
syz_open_dev$vim2m(&(0x7f0000000280), 0x1, 0x2)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff]})

14m47.604983437s ago: executing program 34 (id=320):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
timerfd_create(0x0, 0x0)
syz_clone(0x20083500, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20080e, &(0x7f0000000540)={[{@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@block_validity}, {@lazytime}, {@nombcache}, {@usrjquota}]}, 0x3, 0x446, &(0x7f0000000ec0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQuFWp26AmSLSqICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dae2Z3nJmvd8ee2YkDGFjj6UMSsSsifo+I0Vq2scB47enm8uXZv5cvzyZRqbz5V1Itd2P58mxeNH/dzjwzFFH4NIkDLepduHgpLVG6kOUnF8+9N7lw8dKzZ87NnC6dLp2fPnHi2NGp549PP9eTONO4buz/cP7gvlffvvr67Mmr7/z8bZLH3xRHj4x3Ovh4pdLj6vqjkD3vrtuXDPWpMXStWOumMVzt/6NRjNWTNxqvfNLXxgGbqlKpVO5rf3ipAtzFkuh3C4D+yL/o0/lvvm3R0OOOcP3F2gQojftmttWODK3MbYeb5re9NB4RJ5f++SrdYnPuQwAANPg+Hf8802r8V4j6+0L/z9ZQxiLinojYExHHI2JvRNwbUS17f0Q80GX9zYska8c/hWsbCmyd0vHfC9naVuP4Lx/9xVgxy+2uxj+cnDpTLh3J3pPDMbwtzU91qOOHl3/7vN2x+vFfuqX152PBrB3XhrY1vmZuZnHmdmKud/3jiP1DreJPVlYCkojYFxH7N1jHmae+Odju2K3j76AH60yVryOeqJ3/pWiKP5d0Xp+c/F+US0cm86tirV9+vfJGu/pvK/4eSM//jpbX/0r8Y0ltvfbsTLlcurDQzV//8sn08cofn7Wd02z0+h9J3mrY98HM4uKFqYiR5LVao+v3TzeVm14tn8Z/+FDr/r8nVt+JAxGRXsQPRsRDEfFw1vZHIuLRiDjU4V346aXH3t14/JsrjX+uq/O/mhiJ5j2tE8WzP37XUOlYN/Gn5/9YNXU427Oez7/1tKvbqxkAAAD+qwoRsSuSwsRKulCYmKj9D//e2FEozy8sPn1q/v3zc7XfCIzFcCG/0zVadz90KpvW5/nppvzR7L7xF8Xt1fzE7Hx5rt/Bw4Db2ab/p/4s9rt1wKbzey0YXPo/DC79HwaX/g+Dq0X/396PdgBbr9X3/0d9aAew9Zr6v2U/GCDm/zC4NtL/fWbA3aFjXx7ZunYAW2phe9z6R/ISEmsSUbgjmiGxSYl+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xr8BAAD//4kK5gE=")

12m57.881245703s ago: executing program 35 (id=455):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x33}}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x51}]}}}]}, 0x40}}, 0x0)

11m16.544288322s ago: executing program 36 (id=605):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ad060000", 0x4)
sendmsg$alg(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000024c0)="438dc77642449e6e17553493f7aeb57e36", 0x11}], 0x1, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4008011}, 0x4040004)

10m4.760606557s ago: executing program 37 (id=731):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000007800)=0xffffffff00000041, 0x8)
bind$vsock_stream(r0, &(0x7f0000000940), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

9m23.351538722s ago: executing program 38 (id=771):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x4, 0x400, 0xfffffffe, 0x35b}, &(0x7f0000000380)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r2, 0xfffffffffffffffd, 0x0, 0x40000})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9m23.141120937s ago: executing program 39 (id=770):
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e24, @private=0xa010100}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000018c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000480))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640), 0x121040, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001680))

7m50.972908258s ago: executing program 40 (id=902):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000480))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640), 0x121040, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001680))

7m36.947887643s ago: executing program 41 (id=919):
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r5, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1)

6m48.582197945s ago: executing program 2 (id=1021):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
request_key(0x0, &(0x7f0000002780)={'syz', 0x3}, &(0x7f00000027c0)=',*[\\/&)\x00', 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
preadv(r4, 0x0, 0x0, 0x4, 0x9)
shutdown(r4, 0x2)

6m48.173055179s ago: executing program 6 (id=1022):
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x7aad, 0x0, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r3, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1)

6m46.795371704s ago: executing program 2 (id=1024):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$FITHAW(r0, 0xc0045878)

6m45.344525458s ago: executing program 6 (id=1026):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/77, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x8080000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000180))
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000600)={0x17})

6m44.510061167s ago: executing program 2 (id=1027):
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
chdir(0x0)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180), 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x7ffc, 0x7}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, 0x0, 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$admmidi(0x0, 0x2, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40000)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000008c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d48001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008000001800b6fcf1a22796e736574000008000340000001"], 0xd4}, 0x1, 0x0, 0x0, 0x20040000}, 0x8000)

6m43.207535915s ago: executing program 6 (id=1029):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000440), 0x2)
r2 = memfd_create(&(0x7f00000009c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3)
ftruncate(r2, 0xffff)
close(0x3)
fcntl$addseals(r2, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000001c0)={r2, 0x1, 0x0, 0x8000})
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x180000}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
socket$inet(0x2, 0x3, 0x2)
syz_emit_ethernet(0x0, 0x0, 0x0)
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

6m42.537333822s ago: executing program 2 (id=1030):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$FITHAW(r0, 0xc0045878)

6m41.359126237s ago: executing program 6 (id=1032):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r4, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)

6m38.567814279s ago: executing program 2 (id=1043):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

6m38.188838243s ago: executing program 2 (id=1035):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x4, 0x400, 0xfffffffe, 0x35b}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r3, 0xfffffffffffffffd, 0x0, 0x40000})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)

6m38.188726362s ago: executing program 6 (id=1036):
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x7aad, 0x0, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r3, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1)

6m36.955196781s ago: executing program 6 (id=1038):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000018c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000480))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640), 0x121040, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001680))

6m21.974629423s ago: executing program 42 (id=1035):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x4, 0x400, 0xfffffffe, 0x35b}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r3, 0xfffffffffffffffd, 0x0, 0x40000})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)

6m21.853654586s ago: executing program 43 (id=1038):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000018c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000480))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640), 0x121040, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001680))

5m19.451289176s ago: executing program 1 (id=1107):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = gettid()
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x4, 0x0, 0x0, {{@in=@empty, @in=@remote, 0x0, 0x2400, 0x1000, 0x0, 0x2, 0x20, 0x20, 0x84, 0x0, 0xee01}, {}, {}, 0x7}}, 0xb8}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
rt_sigqueueinfo(0x0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

5m16.659730152s ago: executing program 1 (id=1111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x1, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
utime(0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$snapshot(0xffffff9c, 0x0, 0x80, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

5m13.564478415s ago: executing program 1 (id=1115):
socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[], 0x10)
rename(&(0x7f0000000180)='./file0/../file0\x00', 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04"], 0x1d)
r3 = open(0x0, 0x101800, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, 0x0)

5m12.419503606s ago: executing program 1 (id=1116):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r5, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r5, 0x8004745a, 0x0)

5m10.031299084s ago: executing program 1 (id=1120):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/66, 0x42}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

5m8.171617698s ago: executing program 1 (id=1122):
open(&(0x7f00009e1000)='./file0\x00', 0x100, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x13, &(0x7f0000000200)=0x1, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x44, 0x30, 0x80d, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000004c00)=""/102392, 0x18ff8)
chroot(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
socket$netlink(0x10, 0x3, 0x4)
pwrite64(0xffffffffffffffff, &(0x7f00000011c0), 0x0, 0x7)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="24000000200001030000000040000000020000000000001d25ce19bbe7da926bc60400000000080018004e244e245aba82bd517f474b3726ef0f7db399b5d7281be630415136bb439eba53ab6526a73fb9e16777bfbe8ed9c550c2c6a6c70560815398c6f14c35b02d549bd840d9a494702daed59151ba3e3ac6d713e004e5bcefc396faf403d774bb3f469f83c3830e63f4b52f2268153ac0f321d4633e9400cea25737516cf2820c273430208b86abcc267cf7dd825559d2602050eac3d51a2c90fec44d19c1af674a5dec1bb2e4ef38"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4044004)

4m51.596918465s ago: executing program 44 (id=1122):
open(&(0x7f00009e1000)='./file0\x00', 0x100, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x13, &(0x7f0000000200)=0x1, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x44, 0x30, 0x80d, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000004c00)=""/102392, 0x18ff8)
chroot(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
socket$netlink(0x10, 0x3, 0x4)
pwrite64(0xffffffffffffffff, &(0x7f00000011c0), 0x0, 0x7)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="24000000200001030000000040000000020000000000001d25ce19bbe7da926bc60400000000080018004e244e245aba82bd517f474b3726ef0f7db399b5d7281be630415136bb439eba53ab6526a73fb9e16777bfbe8ed9c550c2c6a6c70560815398c6f14c35b02d549bd840d9a494702daed59151ba3e3ac6d713e004e5bcefc396faf403d774bb3f469f83c3830e63f4b52f2268153ac0f321d4633e9400cea25737516cf2820c273430208b86abcc267cf7dd825559d2602050eac3d51a2c90fec44d19c1af674a5dec1bb2e4ef38"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4044004)

4m50.691207447s ago: executing program 9 (id=1145):
socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[], 0x10)
rename(&(0x7f0000000180)='./file0/../file0\x00', 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04"], 0x1d)
r3 = open(0x0, 0x101800, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, 0x0)

4m47.116531074s ago: executing program 9 (id=1149):
r0 = getpid()
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x74c920689c38ea7e)
r2 = syz_pidfd_open(r0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x2400)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), r3)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x2c, r4, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xe42}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4010044)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2010042, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
pivot_root(&(0x7f0000000200)='./file0\x00', &(0x7f0000000480)='./file1\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x28011, r5, 0x0)
ftruncate(r5, 0x796c)
ioctl$VIDIOC_QBUF(r2, 0xc058ff0b, 0x0)

4m42.9780067s ago: executing program 9 (id=1154):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xabd0, 0x400, 0x0, 0x349})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000340)=[{0x0}], 0x1)
r3 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x3dcc, 0x40, 0x0, 0xf7, 0x0, r2})
io_uring_register$IORING_REGISTER_FILES(r3, 0x1e, &(0x7f0000000000)=[r2], 0x1)

4m39.686127741s ago: executing program 9 (id=1158):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$alg(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x5ce, &(0x7f0000000240)={0x0, 0x6734, 0x80, 0x40000, 0x34f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x20000)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x3, 0x6, 0x448, '\x00', 0x400}, 0x1, [0x7, 0xd5, 0x5, 0x9, 0x6, 0xa, 0x2, 0x2005, 0xfffffffffffffffb, 0xbd, 0x80000000, 0x102d, 0x8, 0x1, 0x3, 0xffffffffffffffff, 0x1, 0x1ed40, 0x6, 0x1ff, 0x80, 0x7, 0x7, 0x7, 0xc, 0x2, 0x9, 0x7, 0xffffffffffffffff, 0x3, 0x8fffffffe, 0x403, 0x1, 0x4, 0x1, 0x3, 0x3, 0x1, 0x0, 0x6, 0x9, 0x4, 0x8a, 0x50f, 0x9ac2, 0x6fe5, 0xffffffffba36ba58, 0x6, 0xa, 0x9, 0x6, 0xe000000000000000, 0xfffffffffffffffd, 0x403, 0x3, 0xfffffffffffff8f6, 0x4, 0xfffffffffffffff9, 0x0, 0xf9800000, 0x8, 0xd, 0x1800000, 0x4, 0x82b, 0x8, 0x5, 0x0, 0x4, 0xfffffffffffffffa, 0x5, 0x100000000000006, 0xca4f, 0x2f, 0x1, 0x7, 0x40, 0x2, 0x42843379, 0x1, 0x6, 0x201, 0x77d, 0xb3, 0x5, 0x539, 0x623b, 0x6, 0x0, 0x7, 0x4, 0x7fffffffffffffff, 0x7, 0x8, 0x0, 0x9, 0x93, 0x5, 0x3ff, 0x2, 0x2775e12f, 0x680000000000, 0x5, 0x40007, 0xe88, 0x80000004, 0x0, 0xfffffffffffffffa, 0x10001, 0x5, 0x8, 0x1000, 0x0, 0x5, 0x7, 0xfffffffffffff000, 0x8, 0x7ffd, 0xfffffffffffffff7, 0x6, 0x100000001, 0x8, 0x80000000005, 0x6, 0x20000000004, 0xc3, 0x7f, 0x3]})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r2, 0x57de, 0x0, 0x0, 0x0, 0x0)

4m36.757395909s ago: executing program 9 (id=1161):
syz_io_uring_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r5, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1)

4m36.039363326s ago: executing program 9 (id=1163):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f00000001c0)='.\x00', 0x4000423)
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0xa, 0x3, 0x1, {0x5, 0x17d, 0x8, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x20000000, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080)=0x2, 0x7f03)

4m20.010771446s ago: executing program 45 (id=1163):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f00000001c0)='.\x00', 0x4000423)
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0xa, 0x3, 0x1, {0x5, 0x17d, 0x8, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x20000000, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080)=0x2, 0x7f03)

49.163466098s ago: executing program 5 (id=1442):
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e24, @private=0xa010100}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000018c0))
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f00000002c0)={&(0x7f0000ffd000/0x3000)=nil, 0x6, 0x2})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='smbus_result\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x50, 0xffffffffffffffff, 0x0)
timer_create(0x2, 0x0, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640), 0x121040, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001680))
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

46.026493176s ago: executing program 5 (id=1450):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r4, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

43.172029991s ago: executing program 5 (id=1454):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYRES64], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xfc}}, 0x0)

40.588996591s ago: executing program 5 (id=1459):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
r0 = getpid()
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x14, r1, 0x1}, 0x14}}, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
syz_emit_ethernet(0x22, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7820fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

39.000068329s ago: executing program 7 (id=1461):
syz_open_dev$vim2m(0x0, 0x1, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r3, &(0x7f0000000300)="f7b920e4", 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=[0x1, 0x7], 0x0, 0x0, 0x2}}, 0x40)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, 0x0, &(0x7f0000000240))

36.802198113s ago: executing program 5 (id=1464):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
set_mempolicy(0x1, 0x0, 0x3ff)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x441c2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
recvmmsg(r1, &(0x7f00000034c0), 0x0, 0x10720, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x3}, @in=@empty, 0x0, 0x0, 0x1, 0x4, 0xa}, {0xbd1, 0x0, 0x40000003}, {0x81, 0x2}, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x8000, 0x33}, 0x0, @in=@private=0xa010102, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0xffe0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

33.213141986s ago: executing program 7 (id=1469):
syz_open_dev$swradio(0x0, 0x0, 0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x804008, &(0x7f0000000100)=ANY=[], 0x5a, 0x212, &(0x7f0000000440)="$eJzs3D1v00Acx/Gf40BIQTyKBzFVQkIsJNBWqrLRhY03gMRQtaGqcKE0LI2QoG+CnZWJl8A7YWVoBzYmDp19AcdJ8cUhcYS/H6mNY9/P/3Pbs32NEgGorEfx90Bn3HNjzLtlSU+fSKqV2jUAM2bc408DoHpChj5QUScbYXz9/xJIX7+/3Tp2X+c87x9ONpJJgp0/HKfyzdMCzzL5oyB+vF0fzi9JOj8Sro/ev3xM8ncz9S/49t/VX8rkG9755Pjv3RnOX5R0SdJlSVckXZV0TYp3e11uQ6r+dqb+rWTzkWc3AAAAAAD4Kzv7bA2e+E76s/mWT8sHY9fa2fPz3ag7fquHWpJ/6NV49ADPuvorBcsP8quZPuVyL7g2XL619SraLtgHoKhaevznGxlA/uNfY/+dFU45/utx/kPBNFBtvcP+i80o6h7MbUGaNGUvlcWLNgcL33Ibf7IL+pG8MjL7n8bgZGrXLPukAtd4br8v5bd5n9OmqYOe8djP3BdeP07u3mZQwl6U0mv60+4wyI7T+tAg+pz6Q4oiE/b2/8Fx2R2a8PeJIizj7ARgltpv9vbbvcP+/d29zZ3uTvfl2nqns762utJpx7fl7akm5wAW2Z+Lftk9AQAAAAAAAAAAAAAARd2QdHPy2Kkf7wEAAABgcU3+xqDGxG8nKvsYAQAAAAAAAAAAAAD43/0KAAD//3hpPUA=")
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r1, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
close_range(r1, r1, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000240)={0x20, 0x30, 0xf0, 0x640, 0x0, 0x1f, 0x32, 0x0, {0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x200}, {}, 0x0, 0x40, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
r2 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r2, 0x0, 0x0)

32.138881408s ago: executing program 5 (id=1471):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/66, 0x42}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r3, 0x3312, 0x374b)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

29.902336222s ago: executing program 4 (id=1475):
syz_open_dev$radio(0x0, 0x2, 0x2)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r4, 0x0, <r5=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r5})
keyctl$session_to_parent(0x12)

28.91965229s ago: executing program 3 (id=1476):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f00000010c0))
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'team_slave_0\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001100), 0x40000, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@dev, @in6=@mcast2}}, {{@in=@multicast2}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8)
sendmsg$nl_generic(r0, 0x0, 0x2000c000)
r4 = fsopen(&(0x7f0000000a40)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB='+cpuset'], 0x8)

26.781268262s ago: executing program 3 (id=1478):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r3, 0x8004745a, 0x0)

26.472977604s ago: executing program 4 (id=1480):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x400040, 0x0)
r0 = fsopen(0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
fsmount(r0, 0x1, 0x2)
r1 = socket$kcm(0x21, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r3}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)

25.948044371s ago: executing program 3 (id=1481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0xc0086202, &(0x7f0000000080)=0x2)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, 0x0, 0x41)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), 0xffffffffffffffff)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

22.610404272s ago: executing program 4 (id=1483):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r3, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

22.412361432s ago: executing program 7 (id=1485):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000240)={0x2008})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, 0x0)
mount(&(0x7f00000000c0)=@sr0, 0x0, &(0x7f0000000200)='pstore\x00', 0x400, &(0x7f0000000280)='-#\x00')
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa08, &(0x7f0000000340)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
sendfile(r1, r1, 0x0, 0x40008)

21.047808487s ago: executing program 3 (id=1486):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
write(0xffffffffffffffff, &(0x7f0000000200), 0x0)
listxattr(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x7}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r3, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})

18.834792147s ago: executing program 8 (id=1487):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
lsetxattr$security_capability(0x0, &(0x7f0000000180), 0x0, 0x0, 0x1)

18.480493882s ago: executing program 0 (id=1488):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
syz_open_procfs$namespace(0x0, 0x0)
socket(0x14, 0x2, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000740)={0x0, @in6={{0xa, 0x4e24, 0x1, @remote, 0x1}}, 0x6, 0x8, 0x2, 0x7f, 0x10, 0x5, 0x6}, 0x9c)

16.627044814s ago: executing program 46 (id=1471):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/66, 0x42}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r3, 0x3312, 0x374b)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

15.188138584s ago: executing program 8 (id=1490):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$udf(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00a49ecdde7828e1aafa4aca170f7ab2cadbac60175f6ab85d2709542d6960b11a2a387e69774fc920c6b622ab30e803008bc0b2e6a4c58d6b38dba9cdb8dcb30c313386e9ed22acbd604ca4b0616853f87e31f5645e7db06b93c9ec5a32d1fdae209ccffc5ce2b6ebbdff24f4fcef831998129a4918191c4ac59d8a62741133927809ebb2a83ef939019b38cbc6a3cbcbcb0acc4157e4ab6d55ec3d50fe6615d0f540baffeb5fd79b3072aee3af551a61ef5aeb982740385618720a66b0df6be665fc801fb63db5fabf38a9f9701068db705aff83cab3f3c72f49eeadc56a8b23ec6ea5dd271efdc94b6eceedb11b5b7a95448537"], 0x1, 0x5bd, &(0x7f0000000680)="$eJzs3U9sHFcdB/Dfm3jtdRonmzR1CwR1paoqCiKKHdomNhKYGFeIqLFwHBFOmHgTlvpPZCfIqQD1BgckxIEDBySEhBSBQIgj4kBPcEDcgXt74OIDEhIHhGZ21ruxt8Sqs3Fdfz5SvLNvfvPmzRwifffNvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOLzX5g6P5b2exQAAABAP70+9+Xz4/I/AAAAfKhdM/8PAAAAAAAAAAddiiy+Fym+NLmZjhXvW6pXmiv3NuanZ3ofNpyKI48U9fm/6tj4hU+//MqrF9uv///4x+0jcXXu2lT98urynbXG+npjsT6/0ry5utjYdQ97PX67s8UNqC+/cW/x1q31+vi5Cw/t3qi9M/TUaG3y4sSNWrt2fnpmZq6rZqDyvs++gyc8AAAADrfByOL1SPH2n3+TRiIii71n4Ud8dtBvw1HL83dxEfPTM8WFLDUXVu7mO2fbQbhWXmtpsJ2Rn0AW35OfRZzKxzoo0QMAALB7lSIFp3jtd5vpeEQcaefgTxYLA773gfUnOMge8nGeiYgX4gBkdgAAANhnQ5HFTyPF8olqnMgz834PCAAAAHjsBiKLVyPFvyY3U614HiAizs5Pz9SvXK9/ceXWalftbCpn1A/69wOeJM8mAAAA8AFQjSxGiif+N9PJ/R4MAAAA0BfDkcVfI8XHnv9Wsa5cFOvSn5i8NDg+1r3C3LOP6CevPRcRz+zyO/mVcq3B2TSbUvb4rwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDZShl8d9I8Z3r9U5jLUUWkdpvq/mf2fS54/szRAAAAAAAAADgUVIWP44UP6lspiwiNmrvDD01Wpu8OHGjdiSOFA8BpO76q3PXpuqXV5fvrDXW1xuL9fmV5s3VxcZuT1e90ly5tzE/PdOXi3mk4T6Pf7h6efXO/bXm7W/c7bn/aHXq6+t31xZu9t4dw1GPONLdcrYY8Pz0TDHopebCSnHobNrtiAEAACCikrL4T6R4sf4gbeXO1vP/A603nTT6i89E3l6obs+fxecGx4vPDVrbJyYvVcZf6t7uGVnPFoE6D7gzc13NA5Wdpfk5U8piKlK8O/FcMbIUR2NHZo5W3Uik+OFXz5R12WDUItrd1lo93mouNc7ntT+KFKdvtGujqK2WtU93asfy2qG832sP1w6Xtac7teN57Uyk+MdrvWuf6dReyGs3IsWDB/V27dG8dqSsHe3Unru5urTY61YCAAAAAAAAcHhVUha/ihR//EM9tefGB1rzzzvn/7/d+S7AW9s7eo85/73O/9e62t4q5/V/kI/im88Vc/nF/H+t9/z/VKT4y9UzZV1r7n2w3H+y+NuZ/78eKd5efbh2qKw91akd2/WNBQAAgA+QPP+fiRTf/9PvB9rZuMz/ZQLvnf8/OrCtoz7l/5Ndbfk51++/+cbC0lJjzYYNGza2Nvb+fyEAAHzY5fm/ESl+/re/b813l/n/WOtdJ///+7ud/D+xvaM+5f9TXW0T5VqElYGI6t3lO5XRiOr6/Tc/1VxeuN243VgZu/TK+MXx82MvVwbbc/udrT3fKgAAADiw8vw/Fyl+/c9fbq13t5v5/6PbO+pT/n+6qy0/Z2fSb8+XDgAAAIdGnv8vRYqvPP/brXXpH87/ndSe5//2+v+feKH12vnNgP7k/9NdbbXyvDs+ewAAAAAAAAAAAAAAAAAAAIADrpKyeClSvPjuQBop23az/t/i9o769P3/0a62xXgyv/+355sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcSllk0YwUH392M302b/haxLHuVwAAAODA+18AAAD//0qnGWg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000100)=0x3)
setresuid(0x0, 0xee00, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0xfece)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000100)="1d", 0x1}], 0x1)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100001)

15.163018174s ago: executing program 7 (id=1491):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f00000010c0))
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'team_slave_0\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001100), 0x40000, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@dev, @in6=@mcast2}}, {{@in=@multicast2}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8)
sendmsg$nl_generic(r0, 0x0, 0x2000c000)
r4 = fsopen(&(0x7f0000000a40)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB='+cpuset'], 0x8)

14.881778455s ago: executing program 3 (id=1492):
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$xfs(&(0x7f0000000800), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0xb95a, &(0x7f0000017a80)="$eJzs3Q1sXWX9wPHTru1W+P9lEY1GJJQNNhBGaTvX8aK0ZWyUQUEmUB1vA8qYDGbYojCIFI0BJWQq8S3EyJuIgfiCM76AYWpgIIGNIAxEBRMZYMK7AdRAzek99669axv6bM/TjH0+yXruObe/s9v7vc+51tC1d/6iriyry0r6s2rXrTz6mebrO3/wzRn3HLr06prXSkc7phR3NxXbvYvttGzwZB357drSobrvrP1Fbb5TO/S8uzQ21rwny95X7HYU2/bS5tKW8ucNVCkOTy3fX1t5GDVfLf2paMw/fHnetHOGnif/xCzLDt7qC91J9XYumF88J9mQbpOKu2u23De4rSv9OeKPWXbE+mzU10flBTUR8sc59bQ1X3h8Ah/DDqO3c0F3Vf+Ool9NsR6bqtfgzqj6dX726S0riqewZuj1aEfT2zn/2Gz0dZz98y/f6B8oXTfrsyxryLJscpZlUya6B9tHZ1dbV37NL+8X2cvrf+pIr4vb/3vlz7Is+//ifeKQ8nsBsGPp7Go7coT13zDW+r/jmI03WP+w4+vu7GrL13rV+p8y1vqfcedRi4tvuttLU29P7BcBAAAAAIxo5SWrz1+yfHnfRW644YYblRsTfWUCYtuy6Cf6kQCppfifExP9NQIAAMDOrrun84VJNcMOTRq6s+eDfYPb2W/0nrf6znnHlbfF3QtHOOWwn/MfGBgYWHvq8rOK3clVPy87pXo4P/+ye5ZcXOw2Vf/8Qf3g0frszHOXLe87OP+rptdnF+c7Lfl5Z9RnX8t3WvOdmfXZrflO2+BOY7Yu3zno7BXLz8kP7Bf4jL27dPf0Z5OGFcuGvRqG9l92T/+vytsxTlk+2+C/AZD3f73lpjuq7isbpX/l/HuP9nPJbB/j63/VVeXtGKfcav1vXDqnZaT7Ru9fOf80/eMa4fo/rFH1db/q+t80wikr878+5evP5P1n/XTD1cWhundy/R9y/unV/QdPXrn+56fap3z9z99b9t2mJ2Mn1N1zxQtjrf+x+9d9qPi02iGzlbO1Ddzymbz/Xdd0PFocqh9n/33GWv81TVtdTxin7p4bBqrW/zj6ZzNHOGWlyf/N616b93/lrYceHnLfePrvW92/edUFn21eecnqWcsuWLK0b2nfhW2tc9pb21vmzp3TPHhJKH3ctidlJ7Jt6z/bpWqmJsv2rczPveyoTXn/P9948s3FoSnj7D9jzPV/5vDHyhDTarOGhuziJatWXdRS+ljebS19LH3aCP3H8f4/vfxNVGOxrcmyD1bm97/8tQPz/rdvevWm4lDDOPvPHKt/w5a/l0DbuP7PqZoZ1v+Bh/puzPuvPODD5xeHxvv+v9+Y67/f+t9W3T1V/4fPdpb3P/H1wzYHju/v+7+4UvRv3Ny+JnD8I/rHlaL/uufbbg0cP0D/uFL0v/ve5tMCxw/UP64U/T93/wGrA8dn6R9Xiv6znpi5e+D4QfrHlaL/Px6bPjtwvFn/uFL0P+Hp868MHD9Y/7hS9P/uSyuuDxxv0T+uFP1/P3D2/YHjrfrHlaL/ri8vfTFwvE3/uFL0X/XUpXsEjs/WP64U/X+78fLDA8c/qn9cKfpvXrfypMDxOfrHlaJ/84bPXxQ43q5/XCn6P//cD38TOD5X/7hS9G969qbvBY4fon9cKfpf+sZP/hU4fqj+caXof8ebtz0SOH6Y/nGl6P/gpl/OCBw/XP+4UvSve/znof+d5sf0jytF/zPuu/u8wPGP6x9Xiv7fWn/n8YHjR4zefyJ/xfi7R4r+A08f/3TgeIf1H1eK/nNeWhj6+2E79Y8rRf8LBhb8OHC8S/+4UvS/+eUjvxI4fqT+caXo/+RTZ1wWOD5P/7hS9H/vxsWLA8eP0j+uFP27153SGjg+X/+4UvTv37Do/YHjC/SPK0X/+c996a+B40frH1eK/muevfI/gePd+seVov+f3rj62sDxY/SPK0X/Pd9cszZwfKH+caXof9amazsDx4/VP64U/W97/NvnBo4fp39cKfq/fN91uwWO9+gfV4r+h6z/fug/tn68/nGl6H/NK5uuCxw/Qf+4UvSf9/YjdwWOf0L/uFL03+vFpx4NHD9R/7hS9H/s70++Gji+SP+4UvT/0UPrJweOf1L/uFL0P/N3fxjp94S8EyfpH1eK/oc9vKE7cPxk/eNK0f/Vvz1wYeD4KfrHlaL/7H/vcUvgeK/+caXo/9bre10ROP4p/eNK0f+Wzbs/Fzj+af3jStF/xfMf2BA4vlj/uFL0n3rvrocGjp+qf1wp+j9x/257Bo6fpn9cKfp/8YlJqwLHT9c/rhT9Fz42eVHg+Bn6AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLencBrOhb+H39mZYSQSkJjp+zKksqStbTYQmTJLlvIXmiRpYWkSGVfokWhQpaKFJE1lUopLUqSpLLM/zVmRmN8Z5r692s03/f79ZrzbPc8rnN9nus+j3Ofcw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATI82W3ujNQaD4eNvHfa0x0/eZ917lj519bNOWOSal+90zJAHx9272ozjHx49ZhKDJ55stbGPDR23yfATLzpr6NgbQyd+3plGjRoy62DInHlUB2/1T4Y924Qr45509GAwGHL0uD9PGjX2w6p33337P3muaputvs7aYydv3J8nuw0b//D4+5+8Pnzcn1W2HgxW2XIw2dfHtLfhvXc+NK3H8L9gs9XXWW+S/oPxnZ/oPun6bjXp6/ySW3ZbZZqG+w/ZbPW11x/benLr+JxNVztrzBP79eGnDgbDTxsMhp8+GAw/Y1r34D9j9TWWX2PsPn/C7XHVD5vwhiDt34fMv9HmMw0GgxHjvk4MP3PC1wLgf8vqayz/6rD+R054PK3/Ve+edW7rH/73rbf6GssPJnqfP+7ewyb8/31c//cM2+C4aTdiAAAA4F/1+H2XXjH+WN/QwWC+wSTHe58w/vsCQy646qabptlAnxnCcbKn/8zE/5ixnWc8b/RgsMcm03ooTANDpvUAmKb076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9ikzn+P9uEy9WP3/hV4zddeMU5N71o0r8/9r4Z/+uj/j/xj19/mLzp9fj/YJch41qObb7LYDB4/eobbrzYYDC4aNM5V1xg8ORjK419bJU5ho0/QcBiT3xceDJPPHriy5mefI4Lnnj+9cacNmzIJIOYyOvWvOygnTd7+KWTXi46+c/jyfNLXLTemjNPiDl0ko0m91qd8PwTPpdJO48f+2Jjx770vrvvtfQ+Bx605C67b7vTDjvtsMfyy62w4nIrLrvSSissveMuu+2wzLiPk5mzcbOy4NTM2chJ5+y+1Sees0k/t8nN2egpz9kTz3jPcZteMmHOhv+Lc7bglOds9C4Txjp6xGCbJ6Zm7H9yoRGDA8beWHaGifYtc43d9hVzDB0Mjv3HJzr22gxPvgaHHLbLf+C8JeMv5x9/uUA8b8nFkztvyWDCeUsmnDBh5XEX+14+YbtJf896/N1Tfd6S/dd4dIHB034v6//Ev/X1/2m9Vhry5ERNOGnI+G3G9frHeSYmTNtqE51nYsV0Lpn/pKeNd/TQJ1/Xabzjfy9uyCTzP6XfixvstOMhC4+PuuK4v/X4vx0l7zvWf+Lj5Nbz6Ekup7TvGPaPq/+4d4cb5p103/HayQ/xKetiwhzNMMlGk9t3HLDtNbtMvG+azL5j/V3G/6LxP/YdY/+zC07Yd4wd+yIjBseOvbHc2BuLjhicO/bG8k/cGDW4auyNpbbbc7fthzzx9eppr4PFhjzlBx7D63btSV63U3F+nFWvGwxWvTZ9XpOfziy9bkdOYbz597kHU/x97iu3nf/CwWAwy/jPa+UJY/93pPEOn/J4w/knBlM6/8TgtJv2O+M/PN4n19kTr7Xxu+nFJvN3nrLOZnvaOjt82EQrY2rf12wfth93fa4nn+30HW68fsIcjZjkef/Z1+gJn0vqP+E938SGHDYYMqW5mdz7sKfMzaxTnpupff+y2Pg3GKOmMDdLPHjo4hPmZuS/ODeLTmZuJn4/PLGRg8Gop87N8MFaY9/RjJ+bRaZmbmb+z7xuZgrbj7u+8JN33bHWIStNmJswF/Hr/4TnX+RfnJsh2zz5ulnoiccWGDoYOXJwwLb77rv3suM+Tri53LiPU16DC03NXM74n5nLucfvdYY+fXKevGvXs8cs/++uwYX+1bkcPRg64f+5d5l0sfzn+P5PN/276d9N/276d9O/m/7d9C82meP/oyd8X/CoIWduNP6bMSOufnj2faf1eKex6fr4//i+Tzn+v+/sD189dPDkY1M8Pjtum2fk8dkVx10cvOyE7SY9Pjj+7qk+PvvQMdduPvjvHJ/9t0xYq1PxfUP7/276d9O/m/7d9O+mf7d/tf+q/0fjYNqw/rvp303/bvp307+b/t30LzaZ4//LTPg5gJv3efTM8QdCR+yz8SqPTOvxTmPT9fH/8X2fcvz/kVU23mfo4MnHpnj8f9w2Hcf/V7nrpCMGz+Dj/xPWquP//BP6d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn+xyRz/X23CzwGM2GPBBSf8PMCt9x85bFqPdxqbXo//+/f/e9n/d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/YuNP/4/mOSfPXyj10UUjv//b5tM/w30j1r6b6h/1NJ/I/2jlv4b6x+19N9E/6il/5v0j1r6b6p/1NJ/M/2jlv6b6x+19H+z/lFL/y30j1r6b6l/1NL/LfpHLf230j9q6b+1/lFL/230j1r6b6t/1NL/rfpHLf230z9q6b+9/lFL/x30j1r676h/1NJ/J/2jlv476x+19N9F/6il/676Ry3936Z/1NJ/N/2jlv676x+19N9D/6il/576Ry3999I/aun/dv2jlv576x+19N9H/6il/776Ry3936F/1NJ/P/2jlv776x+19D9A/6il/4H6Ry39D9I/aul/sP5RS/9D9I9a+r9T/6il/7v0j1r6H6p/1NL/MP2jlv6H6x+19H+3/lFL//foH7X0f6/+UUv/9+kftfQ/Qv+opf/79Y9a+h+pf9TS/yj9o5b+R+sftfQ/Rv+opf8H9I9a+n9Q/6il/4f0j1r6f1j/qKX/sWX9R07ldi39jyvrP7Va+n9E/6il//H6Ry39P6p/1NL/BP2jlv4f0z9q6f9x/aOW/ifqH7X0P0n/qKX/J/SPWvqfrH/U0v+T+kct/T+lf9TS/9P6Ry39T9E/aul/qv5RS//T9I9a+p+uf9TS/wz9o5b+Z+oftfQ/S/+opf/Z+kct/c/RP2rpf67+UUv/z+gftfQ/T/+opf/5+kct/T+rf9TS/3P6Ry39P69/1NL/C/pHLf0v0D9q6f9F/aOW/l/SP2rpf6H+UUv/i/SPWvpfrH/U0v/L+kct/b+if9TS/6v6Ry39L9E/aul/qf5RS//L9I9a+n9N/6il/+X6Ry39r9A/aul/pf5RS/+r9I9a+n9d/6il/zf0j1r6f1P/qKX/1fpHLf2v0T9q6f8t/aOW/tfqH7X0/7b+UUv/7+gftfS/Tv+opf/1+kct/b+rf9TS/wb9o5b+N+oftfT/nv5RS/+b9I9a+t+sf9TS/xb9o5b+t+oftfS/Tf+opf/t+kct/b+vf9TS/w79o5b+P9A/aun/Q/2jlv4/0j9q6X+n/lFL/x/rH7X0/4n+UUv/n+oftfS/S/+opf/P9I9a+v9c/6il/936Ry39f6F/1NL/l/pHLf3v0T9q6f8r/aOW/r/WP2rp/xv9o5b+v9U/aul/r/5RS//f6R+19P+9/lFL//v0j1r6/0H/qKX//fpHLf3/qH/U0v8B/aOW/n/SP2rp/6D+UUv/P+sftfR/SP+opf9f9I9a+j+sf9TS/6/6Ry39/6Z/1NL/7/pHJf1HDfSPSvoPHtU/aun/mP5RS//H9Y9a+o/RPyrpP2Sgf9TSf4j+UUv/ofpHLf2H6R+19B+uf9TSf4T+UUv/kfpHLf1n0D9q6T+j/lFL/1H6Ry39Z9I/aun/LP2jlv4z6x+19J9F/6il/6z6Ry39n61/1NJ/Nv2jlv6z6x+19J9D/6il/3P0j1r6z6l/1NL/ufpHLf2fp3/U0v/5+kct/efSP2rp/wL9o5b+c+sftfR/of5RS/959I9a+s+rf9TSfz79o5b+L9I/auk/Wv+opf/8+kct/RfQP2rpv6D+UUv/hfSPWvovrH/U0n8R/aOW/ovqH7X0X0z/qKX/4vpHLf1frH/U0v8l+kct/ZfQP2rpv6T+UUv/pdr7PzJmnEnubum/dHv/yWjpv4z+UUv/ZfWPWvovp3/U0n95/aOW/i/VP2rp/zL9o5b+K+gftfRfUf+opf9K+kct/VfWP2rp/3L9o5b+q+gftfR/hf5RS/9X6h+19H+V/lFL/1X1j1r6r6Z/1NJ/df2jlv5r6B+19H+1/lFL/zX1j1r6r6V/1NJ/bf2jlv7r6B+19F9X/6il/3r6Ry39X6N/1NL/tfpHLf3X1z9q6f86/aOW/q/XP2rp/wb9o5b+b9Q/aum/gf5RS/8N9Y9a+m+kf9TSf2P9o5b+m+gftfR/k/5RS/9N9Y9a+m+mf9TSf3P9o5b+b9Y/aum/hf5RS/8t9Y9a+r9F/6il/1b6Ry39t9Y/aum/jf5RS/9t9Y9a+r9V/6il/3b6Ry39t9c/aum/g/5RS/8d9Y9a+u+kf9TSf2f9o5b+u+gftfTfVf+opf/b9I9a+u+mf9TSf3f9o5b+e+gftfTfU/+opf9ek+8/6r8yrmeolv5vt/6jlv576x+19N9H/6il/776Ry3936F/1NJ/P/2jlv776x+19D9A/6il/4H6Ry39D9I/aul/sP5RS/9D9I9a+r9T/6il/7v0j1r6H6p/1NL/sLb+U/lTDS39D2/rP5Va+r9b/6il/3v0j1r6v1f/qKX/+/SPWvofoX/U0v/9+kct/Y/UP2rpf5T+UUv/o/WPWvofo3/U0v8D+kct/T+of9TS/0P6Ry39P6x/1NL/WP2jlv7H6R+19P+I/lFL/+P1j1r6f1T/qKX/CfpHLf0/pn/U0v/j+kct/U/UP2rpf5L+UUv/T+gftfQ/Wf+opf8n9Y9a+n9K/6il/6f1j1r6n6J/1NL/VP2jlv6n6R+19D9d/6il/xnN/ccMm+xDLf3PbO4/BS39z9I/aul/tv5RS/9z9I9a+p+rf9TS/zP6Ry39z9M/aul/vv5RS//P6h+19P+c/lFL/8/rH7X0/4L+UUv/C/SPWvp/Uf+opf+X9I9a+l+of9TS/yL9o5b+F+sftfT/sv5RS/+v6B+19P+q/lFL/0v0j1r6X6p/1NL/Mv2jlv5f0z9q6X+5/lFL/yv0j1r6X6l/1NL/Kv2jlv5f1z9q6f8N/aOW/t/UP2rpf7X+UUv/a/SPWvp/S/+opf+1+kct/b+tf9TS/zv6Ry39r9M/aul/vf5RS//v6h+19L9B/6il/436Ry39v6d/1NL/Jv2jlv436x+19L9F/6il/636Ry39b9M/aul/u/5RS//v6x+19L9D/6il/w8Gg8HIaTWmZ7CW/j+0/qOW/j/SP2rpf6f+UUv/H+sftfT/ybj+Y2aYVuN6hmrp/1PrP2rpf5f+UUv/n+kftfT/uf5RS/+79Y9a+v9C/6il/y/1j1r636N/1NL/V/pHLf1/rX/U0v83+kct/X+rf9TS/179o5b+v9M/aun/e/2jlv736R+19P+D/lFL//v1j1r6/1H/qKX/A/pHLf3/pH/U0v9B/aOW/n/WP2rp/5D+UUv/v+gftfR/WP+opf9f9Y9a+v9N/6il/9/1j1r6P6J/1NL/Uf2jlv6P6R+19H9c/6il/xj9o5L+T1zV/+la+g/RP2rpP1T/qKX/MP2jlv7D9Y9a+o/QP2rpP1L/qKX/DPpHLf1n1D9q6T9K/6il/0z6Ry39n6V/1NJ/Zv2jlv6z6B+19J9V/6il/7P1j1r6z6Z/1NJ/dv2jlv5z6B+19H+O/lFL/zn1j1r6P1f/qKX/8/SPWvo/X/+opf9c+kct/V+gf9TSf279o5b+L9Q/auk/j/5RS/959Y9a+s+nf9TS/0X6Ry39R+sftfSfX/+opf8C+kct/RfUP2rpv5D+UUv/hfWPWvovon/U0n9R/aOW/ovpH7X0X1z/qKX/i/WPWvq/RP+opf8S+kct/ZfUP2rpv5T+UUv/pfWPWvovo3/U0n9Z/aOW/svpH7X0X17/qKX/S/WPWvq/TP+opf8K+kct/VfUP2rpv5L+UUv/lfWPWvq/XP+opf8q+kct/V+hf9TS/5X6Ry39X6V/1NJ/Vf2jlv6rTab/HEv/twb2zNTSf3XrP2rpv4b+UUv/V+sftfRfU/+opf9a+kct/dfWP2rpv47+UUv/dfWPWvqvp3/U0v81+kct/V+rf9TSf339o5b+r9M/aun/ev2jlv5v0D9q6f9G/aOW/hvoH7X031D/qKX/RvpHLf031j9q6b+J/lFL/zfpH7X031T/qKX/ZvpHLf031z9q6f9m/aOW/lvoH7X031L/qKX/W/SPWvpvpX/U0n9r/aOW/tvoH7X031b/qKX/W/WPWvpvp3/U0n97/aOW/jvoH7X031H/qKX/TvpHLf131j9q6b+L/lFL/131j1r6v03/qKX/bvpHLf131z9q6b+H/lFL/z31j1r676V/1NL/7fpHLf331j9q6b+P/lFL/331j1r6v0P/qKX/fvpHLf331z9q6X+A/lFL/wP1j1r6H6R/1NL/YP2jlv6H6B+19H+n/lFL/3fpH7X0P1T/qKX/YfpHLf0P1z9q6f9u/aOW/u/RP2rp/179o5b+79M/aul/hP5RS//36x+19D9S/6il/1H6Ry39j9Y/aul/jP5RS/8P6B+19P+g/lFL/w/pH7X0/7D+UUv/Y/WPWvofp3/U0v8j+kct/Y/XP2rp/1H9o5b+J+gftfT/mP5RS/+Pl/U/bCq3a+l/Yln/qdXS/yT9o5b+n9A/aul/sv5RS/9P6h+19P+U/lFL/0/rH7X0P0X/qKX/qfpHLf1P0z9q6X+6/lFL/zP0j1r6n6l/1NL/LP2jlv5n6x+19D9H/6il/7n6Ry39P6N/1NL/PP2jlv7n6x+19P+s/lFL/8/pH7X0/7z+UUv/L+gftfS/QP+opf8X9Y9a+n9J/6il/4X6Ry39L9I/aul/sf5RS/8v6x+19P+K/lFL/6/qH7X0v0T/qKX/pfpHLf0v0z9q6f81/aOW/pfrH7X0v0L/qKX/lfpHLf2v0v8p5ht/2dL/6/pHLf2/oX/U0v+b+kct/a/WP2rpf43+UUv/b+kftfS/Vv+opf+39Y9a+n9H/6il/3X6Ry39r9c/aun/Xf2jlv436B+19L9R/6il//f0j1r636R/1NL/Zv2j6bj/xLmH3qJ/NB33f8r6v1X/qKX/bfpHLf1v1z9q6f99/aOW/nfoH7X0/4H+UUv/H+oftfT/kf5RS/879Y9a+v9Y/6il/0/0j1r6/1T/qKX/XfpHLf1/pn/U0v/n+kct/e/WP2rp/wv9o5b+v9Q/aul/j/5RS/9f6R+19P+1/lFL/9/oH7X0/63+UUv/e/WPWvr/Tv+opf/v9Y9a+t+nf9TS/w/6Ry3979c/aun/R/2jlv4P6B+19P+T/lFL/wf1j1r6/1n/qKX/Q/pHLf3/on/U0v/hsv7Dp3K7lv5/Les/tVr6/03/qKX/3/WPWvo/on/U0v9R/aOW/o/pH7X0f1z/qKX/GP2jkv7DBvpHLf2H6B+19B+qf9TSf5j+UUv/4fpHLf1H6B+19B+pf9TSfwb9o5b+M+oftfQfpX/U0n8m/aOW/s/SP2rpP7P+UUv/WfSPWvrPqn/U0v/Z+kct/WfTP2rpP7v+UUv/OfSPWvo/R/+opf+c+kct/Z+rf9TS/3n6Ry39n69/1NJ/Lv2jlv4v0D9q6T+3/lFL/xfqH7X0n0f/qKX/vPpHLf3n0z9q6f8i/aOW/qP1j1r6z69/1NJ/Af2jlv4L6h+19F9I/6il/8L6Ry39F9E/aum/qP5RS//F9I9a+i+uf9TS/8X6Ry39X6J/1NJ/Cf2jlv5L6h+19F9K/6il/9L6Ry39l9E/aum/rP5RS//l9I9a+i+vf9TS/6X6Ry39X6Z/1NJ/Bf2jlv4r6h+19F+pt/8MU3qwpf/Kvf2nqKX/y/WPWvqvon/U0v8V+kct/V+pf9TS/1X6Ry39V9U/aum/mv5RS//V9Y9a+q+hf9TS/9X6Ry3919Q/aum/lv5RS/+19Y9a+q+jf9TSf139o5b+6+kftfR/jf5RS//X6h+19F9f/6il/+v0j1r6v17/qKX/G/SPWvq/Uf+opf8G+kct/TfUP2rpv5H+UUv/jfWPWvpvon/U0v9N+kct/TfVP2rpv5n+0bj+Mw6m9/6b6x+1rP836x+19N9C/6il/5b6Ry3936J/1NJ/K/2jlv5b6x+19N9G/6il/7b6Ry3936p/1NJ/O/2jlv7b6x+19N9B/6il/476Ry39d9I/aum/s/5RS/9d9I9a+u+qf9TS/236Ry39d9M/aum/u/5RS/899I9a+u+pf9TSfy/9o5b+b39K/1P+++N6hmrpv7f1H7X030f/qKX/vvpHLf3foX/U0n8//aOW/vvrH7X0P0D/qKX/gfpHLf0P0j9q6X+w/lFL/0P0j1r6v1P/qKX/u/SPWvofqn/U0v8w/aOW/ofrH7X0f7f+UUv/9+gftfR/r/5RS//36R+19D9C/wnGjJnoRkv/9+sftfQ/Uv+opf9R+kct/Y/WP2rpf4z+UUv/D+gftfT/oP5RS/8P6R+19P+w/lFL/2P1j1r6H6d/1NL/I/pHLf2P1z9q6f9R/aOW/ifoH7X0/5j+UUv/j+sftfQ/Uf+opf9J+kct/T+hf9TS/2T9o5b+n9Q/aun/Kf2jlv6f1j9q6X+K/lFL/1P1j1r6n6Z/1NL/dP2jlv5n6B+19D9T/6il/1n6Ry39z9Y/aul/jv5RS/9z9Y9a+n9G/6il/3n6Ry39z9c/aun/Wf2jlv6f0z9q6f95/aOW/l/QP2rpf4H+UUv/L+oftfT/kv5RS/8L9Y9a+l+kf9TS/2L9o5b+X9Y/aun/Ff2jlv5f1T9q6X+J/lFL/0v1j1r6X6Z/ND33X+0f9w77mv7R9Nx/4vV/uf5RS/8r9I9a+l+pf9TS/yr9o5b+X9c/aun/Df2jlv7f1D9q6X+1/lFL/2v0j1r6f0v/qKX/tfpHLf2/rX/U0v87+kct/a/TP2rpf73+UUv/7+oftfS/Qf+opf+N+kct/b+nf9TS/yb9o5b+N+sftfS/Rf+opf+t+kct/W/TP2rpf7v+UUv/7+sftfS/Q/+opf8P9I9a+v9Q/6il/4+e7D9s2ozrGaql/53Wf9TS/8f6Ry39f6J/1NL/p/pHLf3v0j9q6f8z/aOW/j/XP2rpf7f+UUv/X+gftfT/pf5RS/979I9a+v9K/6il/6/1j1r6/0b/qKX/b/WPWvrfq3/U0v93+kct/X+vf9TS/z79o5b+f9A/aul/v/5RS/8/6h+19H9A/6il/5/0j1r6P6h/1NL/z/pHLf0f0j9q6f8X/aOW/g/rH7X0/6v+UUv/v+kftfT/u/5RS/9H9I9a+j+qf9TS/zH9o5b+j+sftfQfo39U0n/4QP+opf8Q/aOW/kP/af/O8wJO7/1Hjrs6fJj1H03v/ccbPlz/qKX/CP2jlv4j9Y9a+s+gf9TSf0b9o5b+o/SPWvrPpH/U0v9Z+kct/WfWP2rpP4v+UUv/WfWPWvo/W/+opf9s+kct/WfXP2rpP4f+UUv/5+gftfSfU/+opf9z9Y9a+j9P/6il//P1j1r6z6V/1NL/BfpHLf3n1j9q6f9C/aOW/vPoH7X0n1f/qKX/fPpHLf1fpH/U0n+0/lFL//n1j1r6L6B/1NJ/Qf2jlv4L6R+19F9Y/6il/yL6Ry39F9U/aum/mP5RS//F9Y9a+r9Y/6il/0v0j1r6L6F/1NJ/Sf2jlv5L6R+19F9a/6il/zL6Ry39l9U/aum/nP5RS//l9Y+m4/6jJrp3+Ev1j6bj/k9Z/y/TP2rpv4L+UUv/FfWPWvqvpH/U0n9l/aOW/i+v6T/jv7R1S/9Vavr/a1r6v0L/qKX/K/WPWvq/Sv+opf+q+kct/VfTP2rpv7r+UUv/NfSPWvq/Wv+opf+a+kct/dfSP2rpv7b+UUv/dfSPWvqvq3/U0n89/aOW/q/RP2rp/1r9o5b+6+sftfR/nf5RS//X6x+19H+D/lFL/zfqH7X030D/qKX/hvpHLf030j9q6b+x/lFL/030j1r6v0n/qKX/pvpHLf030z9q6b+5/lFL/zfrH7X030L/qKX/lvpHLf3fon/U0n8r/aOW/lvrH7X030b/qKX/tvpHLf3fqn/U0n87/aOW/tvrH7X030H/qKX/jvpHY/ufP2r677+T/lHL+t9Z/6il/y76Ry39d9U/aun/Nv2jlv676R+19N9d/6il/x76Ry3999Q/aum/l/5RS/+36x+19N9b/6il/z76Ry3999U/aun/Dv2jlv776R+19N9f/6il/wH6Ry39D9Q/aul/kP5RS/+D9Y9a+h+if9TS/536Ry3936V/1NL/UP2jlv6H6R+19D9c/6il/7v1j1r6v0f/qKX/e/WPWvq/T/+opf8R+kct/d+vf9TS/0j9o5b+R+kftfQ/Wv+opf8x+kct/T+gf9TS/4P6Ry39P6R/1NL/w/pHLf2P1T9q6X+c/lFL/4/oH7X0P17/qKX/R/WPWvqfoH/U0v9j+kct/T+uf9TS/0T9o5b+J+kftfT/hP5RS/+T9Y9a+n9S/6il/6f0j1r6f1r/qKX/KfpHLf1P1T9q6X+a/lFL/9P1j1r6n6F/1NL/TP2jlv5n6R+19D9b/6il/zn6Ry39z9U/aun/Gf2j6bn/jP+4d/h5+kfTc/+J1//5T+8/4r86rmeolv6ftf6jlv6f0z9q6f95/aOW/l/QP2rpf4H+UUv/L+oftfT/kv5RS/8L9Y9a+l+kf9TS/2L9o5b+X9Y/aun/Ff2jlv5f1T9q6X+J/lFL/0v1j1r6X6Z/1NL/a/pHLf0v1z9q6X+F/lFL/yv1j1r6X6V/1NL/6/pHLf2/oX/U0v+b+kct/a/WP2rpf43+UUv/b+kftfS/Vv+opf+39Y9a+n9H/6il/3X6Ry39r9c/aun/Xf2jlv436B+19L9R/6il//f0j1r636R/1NL/Zv2jlv636B+19L+1rv/tY6Zmq5b+t9X1nzot/W/XP2rp/339o5b+d+gftfT/gf5RS/8f6h+19P+R/lFL/zv1j1r6/1j/qKX/T/SPWvr/VP+opf9d+kct/X+mf9TS/+f6Ry3979Y/aun/C/2jlv6/1D9q6X+P/lFL/1/pH7X0/7X+UUv/3+gftfT/rf5RS/979Y9a+v9O/6il/+/1j1r636d/1NL/D1PoP+y/Ma5nqJb+91v/UUv/P+oftfR/QP+opf+f9I9a+j+of9TS/8/6Ry39H9I/aun/F/2jlv4P6x+19P+r/lFL/7/pH7X0/7v+UUv/R/SPWvo/qn/U0v8x/aOW/o/rH7X0H6N/VNJ/xED/qKX/EP2jlv5D9Y9a+g/TP2rpP1z/qKX/CP2jlv4j9Y9a+s+gf9TSf0b9o5b+o/SPWvrPpH/U0v9Z+kct/WfWP3qy/xZDBoPpuP8s+kct639W/aOW/s/WP2rpP5v+UUv/2fWPWvrPoX/U0v85+kct/efUP2rp/1z9o5b+z9M/aun/fP2jlv5z6R+19H+B/lFL/7n1j1r6v1D/qKX/PPpHLf3n1T9q6T+f/lFL/xfpH7X0H61/1NJ/fv2jlv4L6B+19F9Q/6il/0L6Ry39F9Y/aum/iP5RS/9F9Y9a+i+mf9TSf3H9o5b+L9Y/aun/Ev2jlv5L6B+19F9S/6il/1L6Ry39l9Y/aum/jP7RdNl/+LirE/dfVv9ouuw//urE/ZfTP2rpv7z+UUv/l+oftfR/mf5RS/8V9I9a+q+of9TSfyX9o5b+K+sftfR/uf5RS/9V9I9a+r9C/6il/yv1j1r6v0r/qKX/qvpHLf1X0z9q6b+6/lFL/zX0j1r6v1r/qKX/mvpHLf3X0j9q6b+2/lFL/3X0j1r6r6t/1NJ/Pf2jlv6v0T9q6f9a/aOW/uvrH7X0f53+UUv/1+sftfR/g/5RS/836h+19N9A/2hs/9sGg8H03n9D/aOW9b+R/lFL/431j1r6b6J/1NL/TfpHLf031T9q6b9Za/+ZpvxwS//NW/v/Ey3936x/1NJ/C/2jlv5b6h+19H+L/lFL/630j1r6b61/1NJ/G/2jlv7b6h+19H+r/lFL/+30j1r6b69/1NJ/B/2jlv476h+19N9J/6il/876Ry39d9E/aum/q/5RS/+36R+19N9N/6il/+76Ry3999A/aum/p/5RS/+99I9a+r9d/6il/976Ry3999E/aum/r/5RS/936B+19N9P/6il//76Ry39D9A/aul/oP5RS/+D9I9a+h+sf9TS/xD9o5b+79Q/aun/Lv2jlv6H6h+19D9M/6il/+H6Ry39361/1NL/PfpHLf3fq3/U0v99+kct/Y/QP2rp/379o5b+R+oftfQ/Sv+opf/R+kct/Y/RP2rp/wH9o5b+H9Q/aun/If2jlv4f1j9q6X+s/lFL/+P0j1r6f0T/qKX/8fpHLf0/qn/U0v8E/aOW/h/TP2rp/3H9o5b+J+oftfQ/Sf+opf8n9I9a+p+sf9TS/5P6Ry39P6V/1NL/0/pHLf1P0T9q6X+q/lFL/9P0j1r6n65/1NL/DP2jlv5n6h+19D9L/6il/9n6Ry39z9E/aul/rv5RS//P6B+19D9P/6il//lV/dc9amq3bOn/2ar+U6+l/+f0j1r6f17/qKX/F/SPWvpfoH/U0v+L+kct/b+kf9TS/0L9o5b+F+kftfS/WP+opf+X9Y9a+n9F/6il/1f1j1r6X6J/1NL/Uv2jlv6X6R+19P+a/lFL/8v1j1r6X6F/1NL/Sv2jlv5X6R+19P+6/lFL/2/oH7X0/6b+UUv/q/WPWvpfo3/U0v9b+kct/a/VP2rp/239o5b+39E/aul/nf5RS//r9Y9a+n9X/6il/w36Ry39b9Q/aun/Pf2jlv436R+19L9Z/6il/y36Ry39b9U/aul/m/5RS//b9Y9a+n9f/6il/x36Ry39f6B/1NL/h/pHLf1/pH/U0v9O/aOW/j/WP2rp/xP9o5b+P9U/aul/l/5RS/+f6R+19P+5/lFL/7v1j1r6/0L/qKX/L/WPWvrfo3/U0v9X+kct/X+tf9TS/zf6Ry39f6t/1NL/Xv2jlv6/0z9q6f97/aOW/vfpH7X0/4P+UUv/+/WPWvr/Uf+opf8D+kct/f+kf9TS/0H9o5b+f9Y/aun/kP5RS/+/6B+19H9Y/6il/1/1j1r6/03/qKX/3/WPWvo/on/U0v9R/aOW/o/pH7X0f1z/qKX/GP2jkv4jB/pHLf2H6B+19B+qf9TSf5j+UUv/4fpHLf1H6B+19B+pf9TSfwb9o5b+M+oftfQfpX/U0n8m/aOW/s/SP2rpP7P+UUv/WfSPWvrPqn/U0v/Z+kct/WfTP2rpP7v+UUv/OfSPWvo/R/+opf+c+kct/Z+rf9TS/3n6Ry39n69/1NJ/Lv2jlv4v0D9q6T+3/lFL/xfqH7X0n0f/qKX/vPpHLf3n0z9q6f8i/aOW/qP1j1r6z69/1NJ/Af2jlv4L6h+19F9I/6il/8L6Ry39F9E/aum/qP5RS//F9I9a+i+uf9TS/8X6Ry39X6J/1NJ/Cf2jlv5L6h+19F9K/6il/9L6Ry39l9E/aum/rP7RdNp/nsEk/ZfTP5pO+z9h4v7L6x+19H+p/lFL/5fpH7X0X0H/qKX/ivpHLf1X0j9q6b+y/lFL/5frH7X0X0X/qKX/K/SPWvq/Uv+opf+r9I9a+q+qf9TSfzX9o5b+q+sftfRfQ/+opf+r9Y9a+q+pf9TSfy39o5b+a+sftfRfR/+opf+6+kct/dfTP2rp/xr9o5b+r9U/aum/vv5RS//X6R+19H+9/lFL/zfoH7X0f6P+UUv/DfSPWvpvqH/U0n8j/aOW/hvrH7X030T/qKX/m/SPWvpvqn/U0n8z/aOW/pvrH7X0f7P+UUv/LfSPWvpvqX/U0v8t+kct/bfSP2rpv7X+UUv/bfSPWvpvq3/U0v+t+kct/bfTP2rpv73+UUv/HfSPWvrvqH/U0n8n/aOW/jvrH7X030X/qKX/rvpHLf3fpn/U0n83/aOW/rvrH7X030P/qKX/nvpHLf330j9q6f92/aOW/nvrH7X030f/qKX/vvpHLf3foX/U0n8//aOW/vvrH7X0P0D/qKX/gfpHLf0P0j9q6X+w/lFL/0P0j1r6v1P/qKX/u/SPWvofqn/U0v8w/aOW/ofrH7X0f7f+UUv/9+gftfR/r/5RS//36R+19D9C/6il//v1j1r6H6l/1NL/KP2jlv5H6x+19D9G/6il/wf0j1r6f1D/qKX/h/SPWvp/WP+opf+x+kct/Y/TP2rp/xH9o5b+x+sftfT/qP5RS/8T9I9a+n9M/6il/8f1j1r6n6h/1NL/JP2jlv6f0D9q6X+y/lFL/0/qH7X0/5T+UUv/T+sftfQ/Rf+opf+p+kct/U/TP2rpf7r+UUv/M/SPWvqfqX/U0v8s/aOW/mfrH7X0P0f/qKX/ufpHLf0/o3/U0v88/aOW/ufrH7X0/6z+UUv/z+kftfT/vP5RS/8v6B+19L9A/6il/xf1j1r6f0n/qKX/hfpHLf0v0j9q6X+x/lFL/y/rH7X0/4r+UUv/r+oftfS/RP+opf+l+kct/S/TP2rp/zX9o5b+l+sftfS/Qv+opf+V+kct/a/SP2rp/3X9o5b+39A/aun/Tf2jlv5X6x+19L9G/6il/7f0j1r6X6t/1NL/2/pHLf2/o3/U0v86/aOW/tfrH7X0/67+UUv/G/SPWvrfqH/U0v97+kct/W/SP2rpf7P+UUv/W/SPWvrfqn/U0v82/aOW/rfrH7X0/77+UUv/O/SPWvr/QP+opf8P9Y9a+v9I/6il/536Ry39f6x/1NL/J/pHLf1/qn/U0v8u/aOW/j/TP2rp/3P9o5b+d+sftfT/hf5RS/9f6h+19L9H/6il/6/0j1r6/1r/qKX/b/SPWvr/Vv+opf+9+kct/X+nf9TS//f6Ry3979M/aun/B/2jlv736x+19P+j/lFL/wf0j1r6/0n/qKX/g/pHLf3/rH/U0v8h/aOW/n/RP2rp/7D+UUv/v+oftfT/m/5RS/+/6x+19H9E/6il/6P6Ry39H9M/aun/uP5RS/8x+kcl/WcY6B+19B+if9TSf6j+UUv/YfpHLf2H6x+19B+hf9TSf6T+UUv/GfSPWvrPqH/U0n+U/lFL/5n0j1r6P0v/qKX/zPpHLf1n0T9q6T+r/lFL/2frH7X0n03/qKX/7PpHLf3n0D9q6f8c/aOW/nPqH7X0f67+UUv/5+kftfR/vv5RS/+59I9a+r9A/6il/9z6Ry39X6h/1NJ/Hv2jlv7z6h+19J9P/6il/4v0j1r6j9Y/auk/v/5RS/8F9I9a+i+of9TSfyH9o5b+C+sftfRfRP+opf+i+kct/RfTP2rpv7j+UUv/F+sftfR/if5RS/8l9I9a+i+pf9TSfyn9o5b+S+sftfRfRv+opf+y+kct/ZfTP2rpv7z+UUv/l+oftfR/mf5RS/8V9I9a+q84Ff0fmPX/cmDPTC39V7L+o5b+K+sftfR/uf5RS/9V9I9a+r9C/6il/yv1j1r6v0r/qKX/qvpHLf1X0z9q6b+6/lFL/zX0j1r6v1r/qKX/mvpHLf3X0j9q6b+2/lFL/3X0j1r6r6t/1NJ/Pf2jlv6v0T9q6f9a/aOW/uvrH7X0f53+UUv/1+sftfR/g/5RS/836h+19N9A/6il/4b6Ry39N9I/aum/sf5RS/9N9I9a+r9J/6il/6b6Ry39N9M/aum/uf5RS/836x+19N9C/6il/5b6Ry3936J/1NJ/K/2jlv5b6x+19N9G/6il/7b6Ry3936p/1NJ/O/2jlv7b6x+19N9B/6il/476Ry39d9I/aum/s/5RS/9d+vqPmJqNWvrv2td/qrT0f5v+UUv/3fSPWvrvrn/U0n8P/aOW/nvqH7X030v/qKX/2/WPWvrvrX/U0n8f/aOW/vvqH7X0f4f+UUv//fSPWvrvr3/U0v8A/aOW/gfqH7X0P0j/qKX/wfpHLf0P0T9q6f9O/aOW/u/SP2rpf6j+UUv/w/SPWvofrn/U0v/d+kct/d+jf9TS/736Ry3936d/1NL/CP2jlv7v1z9q6X+k/lFL/6P0j1r6H61/1NL/GP2jlv4f0D9q6f9B/aOW/h/SP2rp/2H9o5b+x+oftfQ/Tv+opf9H9I9a+h+vf9TS/6P6Ry39T9A/aun/Mf2jlv4f1z9q6X+i/lFL/5P0j1r6f0L/qKX/yfpHLf0/qX/U0v9T+kct/T+tf9TS/xT9o5b+p+oftfQ/Tf+opf/p+kct/c/QP2rpf6b+UUv/s/SPWvqfrX/U0v8c/aOW/ufqH7X0/4z+UUv/8/SPWvqfr3/U0v+z+kct/T+nf9TS//P6Ry39v6B/1NL/Av2jlv5f1D9q6f8l/aOW/hfqH7X0v0j/qKX/xfpHLf2/rH/U0v8r+kct/b+qf9TS/xL9o5b+l+oftfS/TP+opf/X9I9a+l+uf9TS/wr9o5b+V+oftfS/Sv+opf/X9Y9a+n9D/6il/zf1j1r6X61/1NL/Gv2jlv7f0j9q6X+t/lFL/2/rH7X0/47+UUv/6/SPWvpfr3/U0v+7+kct/W/QP2rpf6P+UUv/7+kftfS/Sf+opf/N+kct/W/RP2rpf6v+UUv/2/SPWvrfrn/U0v/7+kct/e/QP2rp/wP9o5b+P9Q/aun/I/2jlv536h+19P+x/lFL/5/oH7X0/6n+UUv/u/SPWvr/TP+opf/P9Y9a+t+tf9TS/xf6Ry39f6l/1NL/Hv2jlv6/0j9q6f9r/aOW/r/RP2rp/1v9o5b+9+oftfT/nf5RS//f6x+19L9P/6il/x/0j1r6369/1NL/j/pHLf0f0D9q6f8n/aOW/g/qH7X0/7P+UUv/h/SPWvr/Rf+opf/D+kct/f+qf9TS/2/6Ry39/65/1NL/Ef2jlv6P6h+19H9M/6il/+P6Ry39x+gflfSfcaB/1NJ/iP5RS/+h+kct/YfpH7X0H65/1NJ/hP5RS/+R+kct/WfQP2rpP6P+UUv/UfpHLf1n0j9q6f8s/aOW/jPrH7X0n0X/qKX/rPpHLf2frX/U0n82/aOW/rPrH7X0n0P/qKX/c/SPWvrPqX/U0v+5+kct/Z+nf9TS//n6Ry3959I/aun/Av2jlv5z6x+19H+h/lFL/3n0j1r6z6t/1NJ/Pv2jlv4v0j9q6T9a/6il//z6Ry39F9A/aum/oP5RS/+F9I9a+i+sf9TSfxH9o5b+i+oftfRfTP+opf/i+kct/V+sf9TS/yX6Ry39l9A/aum/pP5RS/+l9I9a+i+tf9TSfxn9o5b+y+oftfRfTv+opf/y+kct/V8a+//Pf7b/31r6v8z6j1r6r6B/1NJ/Rf2jlv4r6R+19F9Z/6il/8v1j1r6r6J/1NL/FfpHLf1fqX/U0v9V+kct/VfVP2rpv5r+UUv/1fWPWvqvoX/U0v/V+kct/dfUP2rpv5b+UUv/tfWPWvqvo3/U0n9d/aOW/uvpH7X0f43+UUv/1+oftfRfX/+opf/r9I9a+r9e/6il/xv0j1r6v1H/qKX/BvpHLf031D9q6b+R/lFL/431j1r6b6J/1NL/TfpHLf031T9q6b+Z/lFL/831j1r6v1n/qKX/FvpHLf231D9q6f8W/aOW/lvpH7X031r/qKX/NvpHLf231T9q6f9W/aOW/tvpH7X0317/qKX/DvpHLf131D9q6b+T/lFL/531j1r676J/1NJ/V/2jlv5v0z9q6b+b/lFL/931j1r676F/1NJ/T/2jlv576R+19H+7/lFL/731j1r676N/1NJ/X/2jlv7v0D9q6b+f/lFL//31j1r6H6B/1NL/QP2jlv4H6R+19D9Y/6il/yH6Ry3936l/1NL/XfpHLf0P1T9q6X+Y/lFL/8P1j1r6v1v/qKX/e/SPWvq/V/+opf/79I9a+h+hf9TS//36Ry39j9Q/aul/lP5RS/+j9Y9a+h+jf9TS/wP6Ry39P6h/1NL/Q/pHLf0/rH/U0v9Y/aOW/sfpH7X0/4j+UUv/45/Wf4b/7rieoVr6f9T6j1r6n6B/1NL/Y/pHLf0/rn/U0v9E/aOW/ifpH7X0/4T+UUv/k/WPWvp/Uv+opf+n9I9a+n9a/6il/yn6Ry39T9U/aul/mv5RS//T9Y9a+p+h/yTGzUZL/zP1j1r6n6V/1NL/bP2jlv7n6B+19D9X/6il/2f0j1r6n6d/1NL/fP2jlv6f1T9q6f85/aOW/p/XP2rp/wX9o5b+F+gftfT/ov5RS/8v6R+19L9Q/6il/0X6Ry39L9Y/aun/Zf2jlv5f0T9q6f9V/aOW/pfoH7X0v1T/qKX/ZfpHLf2/pn/U0v9y/aOW/lfoH7X0v1L/qKX/VfpHLf2/rn/U0v8b+kct/b+pf9TS/2r9o5b+1+gftfT/lv5RS/9r9Y9a+n9b/6il/3f0j1r6X6d/1NL/ev2jlv7f1T9q6X+D/lFL/xv1j1r6f0//qKX/TfpHLf1v1j9q6X+L/lFL/1v1j1r636Z/1NL/dv2jlv7f1z9q6X+H/lFL/x/oH7X0/6H+UUv/H+kftfS/U/+opf+P9Y9a+v9E/6il/0/1j1r636V/1NL/Z/pHLf1/rn/U0v9u/aOW/r/QP2rp/0v9o5b+9+gftfT/lf5RS/9f6x+19P+N/lFL/9/qH7X0v1f/qKX/7/SPWvr/Xv+opf99+kct/f+gf9TS/379o5b+f9Q/aun/gP5RS/8/6R+19H9Q/6il/5/1j1r6P6R/1NL/L/pHLf0f1j9q6f9X/aOW/n/TP2rp/3f9o5b+j+gftfR/VP+opf9j+kct/R/XP2rpP0b/qKT/qIH+UUv/IfpHLf2H6h+19B+mf9TSf7j+UUv/EfpHLf1H6h+19J9B/6il/4z6Ry39R+kftfSfSf+opf+z9I9a+s+sf9TSfxb9o5b+s+oftfR/tv5RS//Z9I9a+s+uf9TSfw79o5b+z9E/auk/p/5RS//n6h+19H+e/lFL/+frH7X0n0v/qKX/C/SPWvrPrX/U0v+F+kct/efRP2rpP6/+UUv/+fSPWvq/SP+opf9o/aOW/vPrH7X0X0D/qKX/gvpHLf0X0j9q6b+w/lFL/0X0j1r6L6p/1NJ/Mf2jlv6L6x+19H+x/lFL/5foH7X0X0L/qKX/kvpHLf2X0j9q6b+0/tF01x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDEgAAAABB/1+3I1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG4KAAD//xgWBuA=")
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x185040, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x243082, 0x0, 0x1, 0x0, &(0x7f0000000000))
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x81000, 0x0, 0x0, 0x0, 0x0)
semop(0x0, &(0x7f0000000200), 0x53)

13.979249927s ago: executing program 7 (id=1493):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x593802, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000), 0x10)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000040), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mknod$loop(0x0, 0xfff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
brk(0xfffffffe)
syz_open_dev$tty1(0xc, 0x4, 0x3)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000280)={0x5, 0x0, 0x120000000000, 0x2, 0x500, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

13.616817523s ago: executing program 0 (id=1494):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket(0x2a, 0x2, 0x0)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0f000000040000000702", @ANYBLOB="80378e8deb77cf5309000000000000", @ANYRES32, @ANYBLOB], 0x50)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)

12.612422272s ago: executing program 3 (id=1495):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r3, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

11.232362542s ago: executing program 8 (id=1496):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
write(0xffffffffffffffff, &(0x7f0000000200), 0x0)
listxattr(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x7}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r3, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})

11.228847582s ago: executing program 7 (id=1497):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/66, 0x42}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x374b)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x1a}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

10.819410441s ago: executing program 0 (id=1498):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000000b0601020000000000000000030000000900020073797a30000000000500010007000000240007"], 0x4c}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@ipv6_getaddrlabel={0x24, 0x4a, 0x1, 0x0, 0x0, {}, [@IFAL_LABEL={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)

9.289303131s ago: executing program 0 (id=1499):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x840000000002, 0x3, 0xff)
setregid(0x0, 0xee01)
setresgid(0xffffffffffffffff, 0x0, 0x0)
r0 = memfd_create(0x0, 0x2)
pwritev(r0, 0x0, 0x0, 0x7fffff, 0x8)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_clone3(&(0x7f00000004c0)={0x101090200, &(0x7f0000000240), 0x0, &(0x7f0000000340)=<r2=>0x0, {0x4}, &(0x7f0000000380)=""/4, 0x4, &(0x7f00000010c0)=""/4096, &(0x7f00000003c0)}, 0x58)
syz_open_procfs(r2, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ptrace$ARCH_SET_CPUID(0x1e, 0x0, 0x1, 0x1012)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000000104010200000000000900000a0000050a000200000000ff050000000500010001"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x4044844)

9.241349192s ago: executing program 4 (id=1500):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r4 = socket$inet6(0xa, 0x3, 0x7)
syz_open_dev$vbi(0x0, 0x2, 0x2)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)

9.107474345s ago: executing program 8 (id=1501):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0x20002078)

6.249285874s ago: executing program 4 (id=1502):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140))
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r1, 0x0, 0x0)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
r3 = dup(r2)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r3, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000006480)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x6213, &(0x7f0000000240)="$eJzs3U9vHGcdB/Df7D//KW2jHqoSIeS2AVpK87eEQIG2Bzj0wgHlihK5bhWRAkoCSquIuMqFAy8ChMQREEdOvIAeuHLjBRApQQJ66qCxn8cZL96s43R31n4+H8md+c0z432m3x3vbmZmnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4u3v//BMFRGXfpEWHIv4XPQjehErTb0WEStrx/L6g4h4Lraa49mIGC5FVLnx6YjXIuLjpyLu3b+13iw6u89+fO9Pf//dj574wd/+MDz1nz/f6L8+ab2bN3/977/cPvj+AgAAQInquq6r9DH/ePp83+u6UwDAXOTX/zrJy9ULV28uWH/UarVafQjrtnpvt9tFRGy2t2neMzgdDwCHzGZ80nUX6JD8izaIiCe67gSw0KquO8BM3Lt/a71K+Vbt14O17fZ8Lciu/Dernfs7Jk2nGb/GZF7PrzvRj2cm9GdlTn1YJDn/3nj+l7bbR2m9Wec/L5PyH23f+lScnH9/PP8xRyf/3p75lyrnP3ik/PvyBwAAAACABZb//f9Yx+d/lx5/V/blYed/1+bUBwAAAAAAAAD4rD3u+H87KuP/AQAAwKJqPqs3fvPUg2WTvoutWX6xinhybH2gMOlmmdWu+wEAAAAAAAAAAAAAJRlsX8N7sYoYRsSTq6t1XTc/beP1o3rc7Q+70vcfStb1H3kAANj28VNj9/JXEcsRcTF9199wdXW1rpdXVuvVemUpv58dLS3XK63PtXnaLFsa7eMN8WBUN79subVd27TPy9Pax39f81ijur+Pjs1Hh4EDQERsvxrd84p0xNT109H1uxwOB8f/0eP4Zz+6fp4CAAAAs1fXdV2lr/M+ns7597ruFAAwF/n1f/y8gFqtVqvV6qNXt9V7u90uImKzvU3znsFw/ABwyGzGJ113gQ7Jv2iDiHiu604AC63qugPMxL37t9arlG/Vfj1I47vna0F25b9ZbW2Xt99rOs34NSbzen7diX48M6E/z86pD4sk598bz//SdvsorTfr/OdlUv7Nfh7roD9dy/n3x/Mfc3Ty7+2Zf6ly/oNHyr8vfwAAAAAAWGD53/+PLdT539FBd2eqh53/XZvZowIAAAAAAADAbN27f2s93/eaz/9/YY/13P95NOX8K/kXKeef7v/fufDmpbH1+q35u289yP9f92+t//7GPz+fp/vNfynPVOmZVaVnRJUeqRqk6QF3bII7w/6oeaRh1esP0jU/9fDduBJXYyNO71q3l46HB+1ndrU3PR1utdf97fazu9oHO+15+3O72ofpSqd6JbefjPX4aVyNd7bam7alKfu/PKW9ntKe8+87/ouU8x+0fpr8V1N7NTZt3P2o93/HfXu61+O8eeWLvzo9+92Z6k70d/atrdm/Fzroz9b/kydG8fPrG9dO3rx848a1M5Emu5aejTT5jOX8h+kn5//Si9vt+e9++3i9+9HokfNfFHdiMDH/F1vzzf6+POe+dSHnP0o/Of93Uvvex/9hzn/y8f9KB/0BAAAAAAAAAAAAAACAh6nreusW0Tcj4ny6/6erezMBgPnKr/91kpfPq+4fdPs/7t6PrvqvVs+5rhasP3OtP61n/XhvL9T+qg9U/3fB+rNwdVu9tzfaRUT8tb1N857hl3v9MgBgkX0aEf/ouhN0Rv4Fy9/310xPdN0ZYK6uf/Dhjy9fvbpx7XrXPQEAAAAAAAAADiqP/7nWGv/5RF3Xt8fW2zX+61ux9rjjfw7yzM4AoxMGqu4/+j49TC+i32sNN/58TBr/e7gz97DxvwdTHm84pX00pX1pSvvylPY9b/Royfk/3xrv/EREHB8bfr2E8V/Hx7wvQc7/hdbzucn/K2PrtfOvf3uY8+/tyv/Ujfd/dur6Bx++euX9y+9tvLfxk3Nnzpw+d/78hQsXTr175erG6e3/dtjj2cr557GvXQdalpx/zlz+Zcn5fynV8i9Lzv/LqZZ/WXL++f2e/MuS88+ffeRflpz/y6mWf1ly/l9NtfzLkvN/JdXyL0vO/2upln9Zcv6vplr+Zcn5n0y1/MuS8z+V6n3mvzLrfjEfOf98hsvxX5acf76yQf5lyfmfTbX8y5LzP5dq+Zcl5/9aquVflpz/11Mt/7Lk/M+nWv5lyfl/I9XyL0vO/0Kq5V+WnP83Uy3/suT8v5Vq+Zcl5/96quVflpz/t1Mt/7Lk/L+TavmXJef/3VTLvyw5/zdSLf+yPPj+fzNmzJjJM13/ZQIAAAAAAAAAAAAAxs3jcuKu9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLevcXIddd3AD+zN28cSAyE1ElN2DjGGGeTXV/iC62LCdeGW0kIhV6wXe/aLPiG1y6BRrWjQImEUVFF2/DQFhBq81JhVTzQClAeUKtKlaB9oC+ICpWHqAooIFWlFWSrmfP//3dmdnZm1zvenDnn85GSX3bmzJwzZ/4zu1873x0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmt35htlP1bIsq9Vq+QWbsuxF9XnDxKbGJa99YY8PAAAAWLtfNP793M3pgsMruFHTNv90x7e/urCwsJC9b/hPRz+3sJCumMiy0Q1Z1rguuvqD99eatwkez8ZrQ01fD/XY/XCP60d6XD/a4/qxHtdv6HH9eI/rl5yAJW7IaunOtjX+c1N+SrNbstHGdds63Orx2oah+rlLt81qjdssjJ7I5rJT2Ww23bJ9vm2tsf3X76zv661Z3NdQ07621FfITx49Ho+hFs7xtpZ9Ld5n9KPXZxM//cmjx//6wrO3dZo9T0PL/eXHuWNr/Tg/ES7Jj7WWbUjnJB7nUNNxbunwnAy3HGetcbv6f7cf53MrPM7hxcNcV+3P+Xg21Pjv7zTO00gt63CetoTLfnZXlmWXFw+7fZsl+8qGso0tlwwtPj/j+Yqs30d9Kb00G1nVOr1zBeu0Pme2ta7T9tdEfP7vDLcbWeYYmp+mHz021vS8/3zhWtZpVH/Uy71W2tdgv18rRVmDcV18p/Ggn+i4BreFx//o9uXXYMe102ENpsfdtAa39lqDQ2PDjWNOT0KtcZvFNbirZfvhxp5qjfnM9u5rcOrC6XNT8x/7+D1zp4+dnD05e2bPrl3Te/btO3DgwNSJuVOz0/m/r/FsF9/GbCi9BraGcxdfA69u27Z5qS58cWzJ+++1vg7Hu7wON7Vt2+/X4Uj7g6utzwty6ZrOXxvvqZ/08StD2TKvscbzs3Ptr8P0uJtehyNNr8OO31M6vA5HVvA6rG9zbufKfmYZafqn0zEs/71gbWtwU9MabP95pH0N9vvnkaKswfGwLr63c/nvBVvC8T4xudqfR4aXrMH0cMN7T/2S9PP++IHG6LQub69fceNYdnF+9vy9jxy7cOH8riyMdfGyprXSvl43Nj2mbMl6HVr1ej08d8cTt3e4fFM4V+P31P81vuxzVd9m773dn6vGd7fO57Pl0t1ZGH223uez03fz+vkcy7LPf+uxB7/x6OffsOz5rOfNT0yt/WfxlEub3n9Hl3n/jbn/+Xx/6a4eHx4dyV+/w+nsjLa8H7c+VSON965aY9/PTa3s/Xg0/LPe78e3dHk/3ty2bb/fj0fbH1x8P671+tOOtWl/PsfDOjk13f39uL7N5t2rXZMjXd+P7wqzFs7/a0JSSLmoae0st27TvkZGRsPjGol7aF2ne1q2Hw3ZrL6vp3Zf2zrdcVd+X8Pp0S1ar3U60bZtv9dp+rOv5dZprdefvl2b9udzPKyLW/Z0X6f1bZ7eu/b3zhvifza9d471WoOjw2P1Yx5Ni7Dxfp8t3BDX4L3Z8exsdiqbaVw71lhPtca+Ju9b2RocC/+s93vl5i5rcEfbtv1eg+n72HJrrzay9MH3QfvzOR7WxZP3dV+D9W3euL+/P7vuCJekbZp+dm3/87Xl/szr9rbTdL3Wykg4zm/t7/5ns/VtTh1Ybc7sfp7uDpfc2OE8tb9+l3tNzWTrc542h+N89sDy56l+PPVtPndwhevpcJZllz5yf+PPe8Pfr/zdxe9+teXvXTr9nc6lj9z/4xef+MfVHD8Ag+/5fGzMv9c1/c3USv7+HwAAABgIMfcPhZnI/wAAAFAaMffH/ys8kf8BAACgNGLuHwkzqUj+3/zGZ+eev5SlZv5CEK9Pp+GBfLvYcZ0OX08sLKpffv+XZ//7Hy6tbN9DWZb9/IE/6Lj95gficeUmwnFefVPr5Ut89Z4V7fvow5fSfpv7618I9x8fz0qXQacK7nSWZV+/+TON/Uy8/0pjPv3A0cZ88PITj9e3ee5g/nW8/TMvy7f/i1D+PXziWMvtnwnn4YdhTr+t8/mIt/vKldds2f/exf3F29W23tR42E9+IL/f+HtyPvt4vn08z8sd/zc+/dRX6ts/8qrOx39pqPPxPxXu98th/u8r8u2bn4P61/F2nwzHH/cXb3fvl77Z8fivfirf/tyb8+2Ohhn3vyN8ve3Nz841n69HasdaHlf2lny7uP/p7/5x4/p4f/H+249//MiVlvPRvj6e/rf8fqbato+Xx/1Ef9+2//r9NK/PuP+n/uhoy3nutf+rDz7zivr9tu//7rbtzn1kZ2P/i/fX+hub/vKTn+m4v3g8h//2XMvjOfzu8DoO+3/yA2E9huv/72p+f+2/XeHou1vff+L2X9h0qeXxRG/9ab7/q6872Zgbxm/YeOOLXnzT5VfWz12WfWdDfn+99n/yr862HP8Xb83PR7w+dvTb97+cuP/zH508c3b+4txMOquP3tz43Tlvz48nHu/N4b21/esjZy98cPb8xPTEdJZNlPdX6F2zL4X543xc7r71wpJ30J0Ph+fz9j//+sbt//rpePm/vye//Mrb8u9brw7bfTZcvik8f6vb/1JP3nlr4/Vdezoc4cLS3xe8Flu2/deBFW0YHn/7zwVxvZ97+Qcb56F+XeP7Rnxdr/H4vz+T38/XwnldCL+Zeeuti/tr3j7+boQrD+Wv9zWfv/A2F5/XvwnP9zt+mN9/PK74eL8ffo755ubW97u4Pr52aaj9/hu/xeNyeD/JLufXx63i+b7y3K0dDy/+HpLs8m2Nr/8k3c9tq3qYy5n/2PzUqbkzFx+ZujA7f2Fq/mMfP3L67MUzF440fpfnkQ/1uv3i+9PGxvvTzOy+vVnj3epsPq6zF/r4zz18fGb/9PaZ2RPHLp648PC52fMnj8/PH5+dmd9+7MSJ2Y/2uv3czKFduw/u2b978uTczKEDBw/uOTg5d+Zs/TDyg+ph3/SHJ8+cP9K4yfyhvQd33Xff3unJ02dnZg/tn56evNjr9o3vTZP1W//+5PnZU8cuzJ2enZyf+/jsoV0H9+3b3fO3AZ4+d2J+Yur8xTNTF+dnz0/lj2XiQuPi+ve+XrennOb/I/95tl0t/0V82bvu3pd+P2vdlx9b9q7yTdp+geiz4XfR/PNLzh1Yydcx94+GmVQk/wMAAEAVxNw/FmYi/wMAAEBpxNy/IcxE/gcAAIDSiLl/PMykIvm/dP3/zZdWtH/9f/3/5vOl/1+x/v9DRev/5+8X+v/9sdb+vf5/oP+v/6//r/+v/08fFK3/H3P/DVlWyfwPAAAAVRBz/8YwE/kfAAAASiPm/hvDTOR/AAAAKI2Y+18UZlKR/K//r/+v/6//r//fef/6/4NJ/787/f8e9P+nsmr1/y/38/j1//X/Wapo/f+Y+18cZlKR/A8AAABVEHP/TWEm8j8AAACURsz9N4eZyP8AAABQGjH3bwozqUj+1//X/9f/1//X/++8f/3/waT/353+fw/6/z7/X/9f/5++Klr/P+b+l4SZVCT/AwAAQBXE3P/SMBP5HwAAAIpn5NpuFnP/y8JMluT/a9wBAAAA8IKLuf+WrK0IXpG//9f/1/8vfv9/Q7pO/1//Pytk/3840/8vDv3/7vT/e9D/1//X/9f/p6+K1v9v5P5sPHt5mElF8j8AAABUQcz9t4aZyP8AAABQGjH3/1KYifwPAAAApRFz/+Ywk4rkf/1//f/i9/99/r/+f9H7/z7/v0j0/7vT/+9B/1//X/9f/5++Klr/P+b+28JMKpL/AQAAoApi7r89zET+BwAAgNKIuf+Xw0zkfwAAACiNmPu3hJlUJP/r/xe8/x+bo/r/+v/6//r/+v8rov/fnf5/D/r/+v/6//r/9FXR+v8x978izKQi+R8AAACqIOb+O8JM5H8AAAAojZj7XxlmIv8DAABAacTcPxFmUpH8r/9f8P5/3oMf8/n/+v/6//r/+v8ro//fnf5/D/r/+v996f8vXNL/1/8nV7T+f8z9d4aZVCT/AwAAQBXE3L81zET+BwAAgNKIuf+uMBP5HwAAAEoj5v5tYSYVyf/6/wPR/8/0//X/9f/1//X/V0b/vzv9/x70//X/ff6//j99VbT+f8z9rwozqUj+BwAAgCqIuX97mIn8DwAAAKURc/+rw0zkfwAAACiNmPt3hJlUJP/r/+v/6//r/+v/d96//v9g0v/vTv+/B/1//X/9f/1/+qpo/f+Y+18TZlKR/A8AAABVEHP/zjAT+R8AAABKI+b+u8NM5H8AAAAojZj7J8NMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+v/6//r/+P31VtP5/zP33hJlUJP8DAABAFcTcf2+YifwPAAAApRFz/1SYifwPAAAApRFz/3SYSUXyv/6//r/+v/7/qvr/r1y8X/3/nP5/sej/d6f/34P+v/7/C97/H9X/p1SK1v+PuX9XmElF8j8AAABUQcz9u8NM5H8AAAAojZj794SZyP8AAABQGjH37w0zqUj+1//X/9f/1//3+f+d96//P5j0/7vrf/8/PkT9f/1//X+f/6//z1JF6//H3H9fmElF8j8AAABUQcz9+8JM5H8AAAAojZj794eZyP8AAABQGjH3HwgzqUj+1//X/9f/1//X/++8f/3/waT/353P/+9B/1//X/9f/581eugPm78qWv8/5v6DYSYVyf8AAABQBTH3vzbMRP4HAACA0oi5/1fCTOR/AAAAKI2Y+381zKQi+V//v6V7Xn+4+v/6//r/+v8N+v+DSf+/O/3/HvT/9f/1//X/6atl+/8heq93/z/m/kNhJhXJ/wAAAFAFMff/WpiJ/A8AAAClEXP/68JM5H8AAAAojZj7D4eZVCT/6//7/H/9f/1//f/O+1/v/v9YvF/9/zXR/+9O/78H/X/9f/1//X/6qmif/x9z/+vDTCqS/wEAAKAKYu6/P8xE/gcAAIDSiLn/DWEm8j8AAACURsz9bwwzqUj+1//X/x+U/v+N+v/6/22Pp2z9f5//3x/6/93p//eg/6//r/+v/09fFa3/H3P/m8JMKpL/AQAAoApi7n9zmIn8DwAAAKURc/9bwkzkfwAAACiNmPvfGmZSkfyv/6//Pyj9/0z/X/+/7fHo/+v/d6L/353+fw/6//r/+v/6//RV0fr/Mff/ephJRfI/AAAAVEHM/Q+Emcj/AAAAUBox978tzET+BwAAgNKIuf/tYSYVyf/6//r/+v/6//r/nfev/z+Y9P+7G7D+/y9uCpfr/+f0/4t9/Kvt/4+0fX1d+v8/WK7/v7Ch/fb6/1wPRev/x9z/jjCTiuR/AAAAqIKY+98ZZiL/AwAAQGnE3P+uMBP5HwAAAEoj5v7fCDOpSP7X/68fx2J7Wf+/rP3/If1//X/9/4rQ/+9uwPr/Pv+/jf5/sY/f5//r/7NU0fr/Mfe/O8ykIvkfAAAAqiDm/gfDTOR/AAAAKI2Y+x8KM5H/AQAAoDRi7n9PmElF8r/+v8//r0b/3+f/Z/r/+v8Vof/fnf5/D/r/+v9F6///p/4/g61o/f+Y+x8OM6lI/gcAAIAqiLn/vWEm8j8AAACURsz9vxlmIv8DAABAacTc/74wk4rkf/3/Qen/Twxo//8x/f/r2P+/46Z8O/1//X8W6f93p//fg/6//n/R+v8+/58BV7T+f8z97w8zWXn+H1/xlgAAAMALIub+3wozqcjf/wMAAEAVxNz/22Em8j8AAACURsz9vxNmUpH8r/8/KP1/n/+f6f/7/P+2x6P/r//fyfr1/+M7j/6//r/+f6T/r/+v/0+7ovX/Y+7/3TCTiuR/AAAAqIKY+z8QZiL/AwAAwEDo9P9kt4u5/0iYifwPAAAApRFz/9Ewk4rkf/1//X/9/4L2//9s679879vvPLpL/1//X/9/Vdb18//rL36f/6//r/+f6P/r/+v/065o/f+Y+4+FmVQk/wMAAEAVxNz/e2Em8j8AAACURsz9x8NM5H8AAAAojZj7Z8JMKpL/9f/1//X/C9r/H+DP/4/nQ/+/Vd/6//FNV/+/o7x/n1bR9e3/v3exJ67/v9r+/1jHS/X/9f8H+fj1//X/Wapo/f+Y+2fDTCqS/wEAAKAKQu4fOpHPxSvkfwAAACiNmPtPhpnI/wAAAFAaMfd/MMykIvlf/1//X/9f/9/n/3fef7f+f23E5/8XVerf/6zxQtH/b1Oc/n9n+v/6/4N8/Pr/+v8sVbT+f8z9c2EmFcn/AAAAUAUx938ozET+BwAAgNKIuf/DYSbyPwAAAJRGzP2nwkwqkv/1//X/9f/1//X/O++/sJ//r//f1Vr79/r/gf5/tfv//6P/r/+v/09/FK3/H3P/6TCTiuR/AAAAqIKY+8+Emcj/8P/s3UmTXfV5x/HTiUCtIovsssgmVVnmJbBI1skLyCKbbFKVyiITSciMyDySQELmhEDm2GAbDMbYBs8D2MbYeAbbeJ4HPGFsSi5az/NI3X363G717b7n/P+fz0KPaau515RK4qfW1wcAAKAZuft/IW6x/wEAAKAZuft/MW7pZP/r/4/T/1+qlPX/u9//6v4/X/EE+/8f1f8f9Pr6f/1/y/T/0/T/K4z3/1cPw9BX/+/5//p//T9rMrf+P3f/L8Utnex/AAAA6EHu/l+OW+x/AAAAaEbu/uviFvsfAAAAmpG7/1filk72/57+f2vos//PjNfz/z3/X/+v/9f/L9zp9v83Pv8zn/7/0P3/XbesetmZ9v8tPv//6rEPbrqfP65Nv/9D9v9nD/p8/T8tmlv/n7v/V+OWTvY/AAAA9CB3/6/FLfY/AAAANCN3//Vxi/0PAAAAzcjd/+txSyf7f33P/z+38/GF9v9F/6//3/mA/l//r/9fLM//n9bT8/+ve/yan3/6vh+8/yiv31H/P2rT/fzS37/n/+v/2W9u/X/u/t+IWzrZ/wAAANCD3P2/GbfY/wAAANCM3P2/FbfY/wAAANCM3P2/Hbd0sv/X1/8v+vn/Rf+v/9/5gP5f/6//Xyz9/7Se+v8reX39v/5f/6//Z73m1v/n7v+duKWT/Q8AAAA9yN3/u3GL/Q8AAADNyN1/Q9xi/wMAAEAzcvefj1s62f/6/5Pv/5/T/+v/4+r/9f/6/5On/5+m/19B/6//1//r/1mrufX/uftvjFs62f8AAADQg9z9vxe32P8AAADQjNz9vx+32P8AAADQjNz9fxC3dLL/9f+e/6//1//r/8dfX/+/TPr/afr/FfT/x+3nr9L/6//1/1zuiP3/sxM/ba+l/8/d/4dxSyf7HwAAAHqQu/+P4hb7HwAAAJqRu/+P4xb7HwAAAJqRu/9P4pZO9r/+X/+v/9f/X3H/v/+H3g79/zj9/+nQ/0+bTf+/dWb0w/r/xff/nv+v/9f/s8vcnv+fu/9P45ZO9j8AAAD0IHf/n8UtE/v/yL+ZDwAAAGxU7v4/j1t8/R8AAAAWL6uz3P1/Ebd0sv/1//p//b/+3/P/x19/qv+//7L3p/+fF/3/tNn0/wfQ/+v/l/z+9f/6f/abW/+fu/8v45ZO9j8AAAD0IHf/TXGL/Q8AAADNyN3/V3GL/Q8AAADNyN3/13FLJ/t/vP+/9N/r/w9H/7/7/ev/x398rKv/z7+j/n+y//8xz//vk/5/2un3/2f1/7v//vr/E7Tp9994/39u1efr/xkzt/4/d//NcUsn+x8AAAB6kLv/lrjF/gcAAIBm5O7/m7jF/gcAAIBm5O7/27ilk/3v+f/6f/3/8vp/z/+/aJPP/x9Ovf8/o/8/JP3/NM//X0H/r//X/3v+P2s1t/4/d/+tcUsn+x8AAAB6cOszw87u/7thsP8BAABgiS7/swN7/0BpyN3/93GL/Q8AAADNyN3/D3FLJ/tf/6//1//r//X/469/1P5/1YORPf//dOj/p+n/V9D/n0Q/f6ax/v+2gz5/Dv3/Dfp/ZmZX///gpY9vqv/P3f+PcUsn+x8AAAB6kLv/n+IW+x8AAACakbv/n+MW+x8AAACakbv/X+KWTvb/iff/E0Gs/l//r//X/7fU/6+i/z8d+v9p+v8V9P+e/+/5//p/1upS/7/758NN9f+5+/81bulk/wMAAEAPcvf/W9xi/wMAAEAzcvffFrfY/wAAANCM3P3/Hrd0sv89/1//r//X/+v/x19f/79M+v9p+v8V9P/6f/2//p+12vX8/8tsqv/P3X973NLJ/gcAAIAe5O6/I26x/wEAAKAZufv/I26x/wEAAKAZufv/M27pZP/r/0+2/8+P6//1/4P+X/+v/z8V3fb/W2O/Eu13QP//yM+e/4ndH9H/6//1//p//T9rMIv+/8Klf7vM3f9fcUsn+x8AAAB6kLv/v+MW+x8AAACakbv/f+IW+x8AAACakbv/f+OWI+7/71/ruzo9+n/P/9f/6//1/+Ovr/9fpm77/0Py/P8V9P/6f/2//p+1mkX/f9lf5+7/v7jF1/8BAACgGbn7/z9usf8BAACgGbn7XxC32P8AAADQjNz9L4xbOtn/+n/9v/5f/6//H3/9K+3/t4dx+v/Tof+fpv9fQf+v/9f/6/9Zq7n1/7n774xbOtn/AAAA0IPc/XfFLfY/AAAANCN3/4viFvsfAAAAmpG7/8VxSyf7X/+v/9f/6//1/+Ov7/n/y6T/n6b/H4bh7ok3MNb/Xzir/9f/6//1/1yhufX/uftfErd0sv8BAACgB7n7745b7H8AAABoRu7+e+IW+x8AAACakbv/pXFLJ/tf/6//1//r//X/46+v/18m/f80/f8Knv+v/9f/6/9Zq7n1/7n7741bOtn/AAAA0IPc/ffFLfY/AAAANCN3/8viFvsfAAAAmpG7//64pZP9r//X/+v/9f8n0v+f1//vpf8/HSfX/w/6f/2//n8F/b/+X//PXqfV/z8bP9+v6v9z9788bulk/wMAAEAPcvc/ELfY/wAAANCM3P2viFvsfwAAAGhG7v5Xxi2d7H/9v/5f/6//9/z/8dfX/y+T5/9P0/+voP/X/+v/9f+s1Wn1/wf1/nv/Onf/q+KWTvY/AAAA9CB3/4Nxi/0PAAAAzcjd/1DcYv8DAABAM3L3vzpu6WT/6//1/7v7/2HQ/+v/9f8XnUL/vz3o/9dO/z9N/7+C/r/N/v97hob6/3MHfr7+nzmaW/+fu/81cUsn+x8AAAB6kLv/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzS0v5/7uD0bfn9/9k9n6j/H4bhies9/1//P/H6+v/Z9P/1T1X/vz76/2n6/xX0/232/57/r/9nY+bW/+fuf0Pc0tL+BwAAgM7l7n9j3GL/AwAAQDNy978pbrH/AQAAoBm5+98ct3Sy/5ff/+/9RP3/cKzn/+v/dz6g/9f/6/8X67j9/e3b8Wua/l//r/8f7ee3Dvj3nkH/r//X/zNibv1/7v63xC2d7H8AAADoQe7+h+MW+x8AAACakbv/kbjF/gcAAIBm5O5/a9zSyf7X/+v/9f/L7P+39f/6f/3/qLk8///aa3/8Mf2//r/F/n+K/l//r/9nr7n1/7n73xa3dLL/AQAAoAe5+98et9j/AAAA0Izc/Y/GLfY/AAAANOPRnZBze3jHMHS5//f3/1cNFwvVi8b6/2jU9P+X0f/vfv/6//EfH57/r//X/5+8ufT/nv9/Ze9f/6//X/L7P1L//0P7P1//T4vm1v/n7n8sbulk/wMAAEAPcve/M26x/wEAAKAZufvfFbfY/wAAANCM3P2Pxy2d7H/P/9f/6//1//r/8dfX/y+T/n+a/n8F/f/x+/n8WVX/v9zn/3+v/p/1mVv/n7v/3XHLzvD74e+7wv+ZAAAAwIzk7n9P3NLJ1/8BAACgB7n73xu32P8AAADQjNz974tbOtn/+n/9v/5f/6//H399/f8y6f+n6f9X6Kf/3x774Kb7+ePa9Ptvpv/3/H/WaG79f+7+98ctnex/AAAAaNszO9/m7v9A3GL/AwAAQDNy938wbrH/AQAAoBm5+5+IWzrZ//p//X/7/f9P6//3vL7+X//fMv1//oo+Tv+/Qj/9/6hN9/NLf//6f/0/+82t/8/d/2Tc0sn+BwAAgB7k7v9Q3GL/AwAAQDNy9384brH/AQAAoBm5+z8StzSx/8+s/B76/776/62hx/7f8//1//r/niyn/79j9Bdpz//X/+v/l/v+9f/6f/abW/+fu/+prTMN7n8AAABo10/+yM89edjv+9TOt9vDR+MW+x8AAACakbv/Y3GL/Q8AAADNyN3/8bilk/2v/++r/+/z+f/6f/2//r8ny+n/x+n/9f/6/+W+f/2//p/95tb/5+7/RNxy2fBb/f+iBwAAAJyqq4/23XP3fzJu6eTr/wAAANCD3P2filv27f8Lh/xT7QAAAMDc5O7/dNzSydf/9f8z7/+HE+r/4/vp/y/S/+v/x15f/79M+v9px+z/L2zp//X/E/T/+n/9P3vNrf/P3f/AvUOX+x8AAAAatet3FD6z8+328Nm4xf4HAACAZuTu/1zcYv8DAABAM3L3fz5u6WT/6/9n3v9f0fP/z9V/8vz/zvv/m7ZHX1//r/9vmf5/muf/r6D/1//r//X/rNUR+v+dQXrS/X/u/i/ELZ3sfwAAAOhB7v4vxi32PwAAADQjd/+X4hb7HwAAAJqRu//LcUsn+1//v4H+/+azw3Ci/f8hnv+v/++j/z/g9dvp/3/gmvMP/9TP3HOn/p9LTrP/zx8L+n/9v/7/Iv2//l//z15ze/5/7v6vxC2d7H8AAADoQe7+p+MW+x8AAACakbv/q3HL8/v/oU29KwAAAGCdcvd/LW7p5Ov/+v8Wn/+/zP4//1lvoP8/v7z+P5vi3vt/z//X/+/n+f/T9P8r6P/1//p//T9rNbf+P3f/1+OWTvY/AAAA9CB3/zfiltz/W0f+rXsAAABgZnL3fzNu8fV/AAAAaEbu/mfilk72v/5f/z+X/j95/v+lz/P8/4v0//r/o9D/T9P/r6D/1//r//X/rNXc+v/c/d+KWzrZ/wAAANCD3P3Pxi32PwAAADQjd/+34xb7HwAAAJqRu/87cUsn+1//r//X/+v/9f/jr6//Xyb9/zT9/wr6f/2//l//z1rNrf/P3f/dAAAA//9ky21Q")
creat(&(0x7f00000000c0)='./file1\x00', 0x19)

6.051853025s ago: executing program 0 (id=1503):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_int(r0, 0x0, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
syz_open_dev$I2C(0x0, 0x0, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
r3 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x50, r2, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
close(r3)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$xdp(0x2c, 0x3, 0x0)

5.915886341s ago: executing program 8 (id=1504):
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r4, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0)

1.340891031s ago: executing program 8 (id=1505):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

1.097415975s ago: executing program 4 (id=1506):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
write(0xffffffffffffffff, &(0x7f0000000200), 0x0)
listxattr(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x7}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r2, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e})

0s ago: executing program 0 (id=1507):
creat(&(0x7f0000000540)='./file0\x00', 0x0)
socket$packet(0x11, 0x3, 0x300)
creat(0x0, 0x108)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x10, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0xc18da8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd57087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155934378491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afebc369ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e7fa095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0x0, {0x0, 0x4, 0x0, 0x101, 0x0, 0xfffffffffffffffc, 0x8000000, 0x8000, 0x200, 0x8000, 0x0, r2, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x0)
write$tcp_congestion(r4, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
dup2(r4, r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)

kernel console output (not intermixed with test programs):

]  deactivate_super+0xde/0x100
[  744.764311][T10004]  cleanup_mnt+0x225/0x450
[  744.764366][T10004]  task_work_run+0x150/0x240
[  744.764408][T10004]  ? __pfx_task_work_run+0x10/0x10
[  744.764447][T10004]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.764510][T10004]  exit_to_user_mode_loop+0xeb/0x110
[  744.764557][T10004]  do_syscall_64+0x3f6/0x4c0
[  744.764603][T10004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.764641][T10004] RIP: 0033:0x7f2c3df8fcd7
[  744.764671][T10004] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  744.764708][T10004] RSP: 002b:00007ffe8ba92d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  744.764743][T10004] RAX: 0000000000000000 RBX: 00007f2c3e010b55 RCX: 00007f2c3df8fcd7
[  744.764767][T10004] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8ba92e30
[  744.764791][T10004] RBP: 00007ffe8ba92e30 R08: 0000000000000000 R09: 0000000000000000
[  744.764815][T10004] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8ba93ec0
[  744.764839][T10004] R13: 00007f2c3e010b55 R14: 00000000000b5407 R15: 00007ffe8ba93f00
[  744.764890][T10004]  </TASK>
[  744.765116][T10004] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  747.100686][ T7880] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  747.697256][T10645] loop4: detected capacity change from 0 to 1024
[  747.946755][T10645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  748.414224][T10002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.589402][T10677] Bluetooth: MGMT ver 1.23
[  753.815105][ T8872] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  753.822177][ T8872] Bluetooth: hci1: command 0x0406 tx timeout
[  754.507208][T10694] loop8: detected capacity change from 0 to 40427
[  754.586210][T10694] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  754.596850][T10694] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  754.655883][T10694] F2FS-fs (loop8): invalid crc value
[  754.794744][T10694] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  754.802656][T10694] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  755.933470][   T30] audit: type=1800 audit(1753311832.340:63): pid=10703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.914" name="file1" dev="loop8" ino=10 res=0 errno=0
[  756.818729][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  757.060138][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  758.700341][T10721] loop4: detected capacity change from 0 to 4096
[  759.967103][ T7918] syz-executor: attempt to access beyond end of device
[  759.967103][ T7918] loop8: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  760.088050][ T7918] CPU: 1 UID: 0 PID: 7918 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[  760.088102][ T7918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  760.088126][ T7918] Call Trace:
[  760.088137][ T7918]  <TASK>
[  760.088150][ T7918]  dump_stack_lvl+0x16c/0x1f0
[  760.088196][ T7918]  f2fs_handle_critical_error+0x621/0x9f0
[  760.088256][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.088302][ T7918]  ? f2fs_build_fault_attr+0x53/0x1f0
[  760.088360][ T7918]  f2fs_write_end_io+0x785/0xc20
[  760.088424][ T7918]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  760.088492][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.088547][ T7918]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  760.088612][ T7918]  bio_endio+0x70d/0x850
[  760.088662][ T7918]  submit_bio_noacct+0x56d/0x1eb0
[  760.088738][ T7918]  __submit_merged_bio+0x33c/0x770
[  760.088805][ T7918]  __submit_merged_write_cond+0x319/0x3f0
[  760.088880][ T7918]  f2fs_sync_node_pages+0x1929/0x1c20
[  760.088942][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.088997][ T7918]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  760.089051][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.089096][ T7918]  ? __lock_acquire+0xb8a/0x1c90
[  760.089202][ T7918]  ? down_write+0x14d/0x200
[  760.089249][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.089296][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.089341][ T7918]  ? up_write+0x1b2/0x520
[  760.089386][ T7918]  block_operations+0x941/0xfd0
[  760.089441][ T7918]  ? __pfx_block_operations+0x10/0x10
[  760.089481][ T7918]  ? kasan_save_track+0x14/0x30
[  760.089593][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.089638][ T7918]  ? down_write+0x14d/0x200
[  760.089682][ T7918]  ? __pfx_down_write+0x10/0x10
[  760.089728][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.089773][ T7918]  ? rcu_is_watching+0x12/0xc0
[  760.089833][ T7918]  f2fs_write_checkpoint+0x2b8/0x4c60
[  760.089881][ T7918]  ? find_held_lock+0x2b/0x80
[  760.089928][ T7918]  ? kthread_stop+0x380/0x650
[  760.089990][ T7918]  ? kthread_stop+0x380/0x650
[  760.090049][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.090100][ T7918]  ? kthread_stop+0x380/0x650
[  760.090158][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.090203][ T7918]  ? rcu_is_watching+0x12/0xc0
[  760.090251][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.090296][ T7918]  ? kthread_stop+0x273/0x650
[  760.090364][ T7918]  kill_f2fs_super+0x3c2/0x470
[  760.090411][ T7918]  ? __pfx_kill_f2fs_super+0x10/0x10
[  760.090456][ T7918]  ? lockdep_hardirqs_on+0x7c/0x110
[  760.090513][ T7918]  deactivate_locked_super+0xc1/0x1a0
[  760.090570][ T7918]  deactivate_super+0xde/0x100
[  760.090619][ T7918]  cleanup_mnt+0x225/0x450
[  760.090673][ T7918]  task_work_run+0x150/0x240
[  760.090717][ T7918]  ? __pfx_task_work_run+0x10/0x10
[  760.090756][ T7918]  ? srso_alias_return_thunk+0x5/0xfbef5
[  760.090806][ T7918]  ? __pfx___x64_sys_umount+0x10/0x10
[  760.090872][ T7918]  exit_to_user_mode_loop+0xeb/0x110
[  760.090920][ T7918]  do_syscall_64+0x3f6/0x4c0
[  760.090965][ T7918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.091002][ T7918] RIP: 0033:0x7f010818fcd7
[  760.091031][ T7918] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  760.091069][ T7918] RSP: 002b:00007ffcbe9b1668 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  760.091105][ T7918] RAX: 0000000000000000 RBX: 00007f0108210b55 RCX: 00007f010818fcd7
[  760.091129][ T7918] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcbe9b1720
[  760.091153][ T7918] RBP: 00007ffcbe9b1720 R08: 0000000000000000 R09: 0000000000000000
[  760.091176][ T7918] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcbe9b27b0
[  760.091200][ T7918] R13: 00007f0108210b55 R14: 00000000000b8d2d R15: 00007ffcbe9b27f0
[  760.091250][ T7918]  </TASK>
[  760.615610][ T7918] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  766.118082][T10008] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  766.131446][T10008] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  766.150133][T10008] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  766.177193][T10008] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  766.185417][T10008] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  766.336625][T10768] lo speed is unknown, defaulting to 1000
[  766.389991][T10775] loop6: detected capacity change from 0 to 2048
[  766.397266][T10775] nilfs2: Unknown parameter '¹gdiscard'
[  768.631472][T10010] Bluetooth: hci4: command tx timeout
[  770.669940][T10010] Bluetooth: hci4: command tx timeout
[  773.083310][T10010] Bluetooth: hci4: command tx timeout
[  773.814974][ T5976] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.259510][T10010] Bluetooth: hci4: command tx timeout
[  777.032038][T10816] loop6: detected capacity change from 0 to 4096
[  777.040322][T10816] nilfs2: Unknown parameter '
[  777.040322][T10816] '
[  779.314017][ T5976] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  782.107186][ T5976] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  782.962621][T10008] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  783.182935][T10860] loop4: detected capacity change from 0 to 8192
[  783.273662][T10008] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  783.288175][T10008] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  783.318213][T10008] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  783.342576][T10008] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  783.362089][ T5976] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  784.500722][T10768] chnl_net:caif_netlink_parms(): no params data found
[  785.487017][T10008] Bluetooth: hci6: command tx timeout
[  786.997242][T10868] lo speed is unknown, defaulting to 1000
[  787.283979][T10902] loop4: detected capacity change from 0 to 32768
[  787.321949][T10902] 
[  787.321949][T10902]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  787.321949][T10902] 
[  787.677656][T10901] loop6: detected capacity change from 0 to 40427
[  787.696202][T10008] Bluetooth: hci6: command tx timeout
[  787.942137][T10901] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  787.949986][T10901] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  787.962361][T10901] F2FS-fs (loop6): invalid crc value
[  788.741627][T10901] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  788.748731][T10901] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  789.849941][T10008] Bluetooth: hci6: command tx timeout
[  790.058495][T10768] bridge0: port 1(bridge_slave_0) entered blocking state
[  790.077191][T10768] bridge0: port 1(bridge_slave_0) entered disabled state
[  790.108301][T10768] bridge_slave_0: entered allmulticast mode
[  790.149747][T10768] bridge_slave_0: entered promiscuous mode
[  790.228264][T10002] 
[  790.228264][T10002]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  790.228264][T10002] 
[  790.276231][T10002] 
[  790.276231][T10002]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  790.276231][T10002] 
[  790.349460][T10768] bridge0: port 2(bridge_slave_1) entered blocking state
[  790.408601][T10768] bridge0: port 2(bridge_slave_1) entered disabled state
[  790.501458][T10768] bridge_slave_1: entered allmulticast mode
[  790.824836][T10768] bridge_slave_1: entered promiscuous mode
[  792.409875][T10008] Bluetooth: hci6: command tx timeout
[  792.602814][ T5976] bridge_slave_1: left allmulticast mode
[  792.608513][ T5976] bridge_slave_1: left promiscuous mode
[  792.647832][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.772185][ T5976] bridge_slave_0: left allmulticast mode
[  792.777879][ T5976] bridge_slave_0: left promiscuous mode
[  792.831061][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.766347][T10008] Bluetooth: hci3: command 0x0406 tx timeout
[  797.137580][ T5976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  797.221687][ T5976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  797.269168][ T5976] bond0 (unregistering): Released all slaves
[  798.176503][T10768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  798.639423][T10989] loop4: detected capacity change from 0 to 40427
[  798.649114][T10768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  798.675262][T10989] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  798.683067][T10989] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  798.697126][T10989] F2FS-fs (loop4): invalid crc value
[  798.845430][T10989] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  798.852581][T10989] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  800.480162][   T30] audit: type=1800 audit(1753311877.070:64): pid=11002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.977" name="file1" dev="loop4" ino=10 res=0 errno=0
[  802.433003][T10002] syz-executor: attempt to access beyond end of device
[  802.433003][T10002] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  802.648692][T10002] CPU: 1 UID: 0 PID: 10002 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[  802.648746][T10002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  802.648769][T10002] Call Trace:
[  802.648781][T10002]  <TASK>
[  802.648795][T10002]  dump_stack_lvl+0x16c/0x1f0
[  802.648839][T10002]  f2fs_handle_critical_error+0x621/0x9f0
[  802.648899][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.648946][T10002]  ? f2fs_build_fault_attr+0x53/0x1f0
[  802.649005][T10002]  f2fs_write_end_io+0x785/0xc20
[  802.649069][T10002]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  802.649135][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.649191][T10002]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  802.649251][T10002]  bio_endio+0x70d/0x850
[  802.649304][T10002]  submit_bio_noacct+0x56d/0x1eb0
[  802.649373][T10002]  __submit_merged_bio+0x33c/0x770
[  802.649445][T10002]  __submit_merged_write_cond+0x319/0x3f0
[  802.649519][T10002]  f2fs_sync_node_pages+0x1929/0x1c20
[  802.649581][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.649636][T10002]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  802.649689][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.649734][T10002]  ? __lock_acquire+0xb8a/0x1c90
[  802.649841][T10002]  ? down_write+0x14d/0x200
[  802.649888][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.649937][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.649982][T10002]  ? up_write+0x1b2/0x520
[  802.650028][T10002]  block_operations+0x941/0xfd0
[  802.650084][T10002]  ? __pfx_block_operations+0x10/0x10
[  802.650183][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650228][T10002]  ? down_write+0x14d/0x200
[  802.650272][T10002]  ? __pfx_down_write+0x10/0x10
[  802.650319][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650364][T10002]  ? rcu_is_watching+0x12/0xc0
[  802.650426][T10002]  f2fs_write_checkpoint+0x2b8/0x4c60
[  802.650478][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650523][T10002]  ? kfree+0x2b4/0x4d0
[  802.650561][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650611][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650655][T10002]  ? rcu_is_watching+0x12/0xc0
[  802.650703][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.650748][T10002]  ? kthread_stop+0x273/0x650
[  802.650815][T10002]  kill_f2fs_super+0x3c2/0x470
[  802.650861][T10002]  ? __pfx_kill_f2fs_super+0x10/0x10
[  802.650904][T10002]  ? lockdep_hardirqs_on+0x7c/0x110
[  802.650961][T10002]  deactivate_locked_super+0xc1/0x1a0
[  802.651011][T10002]  deactivate_super+0xde/0x100
[  802.651059][T10002]  cleanup_mnt+0x225/0x450
[  802.651114][T10002]  task_work_run+0x150/0x240
[  802.651156][T10002]  ? __pfx_task_work_run+0x10/0x10
[  802.651194][T10002]  ? srso_alias_return_thunk+0x5/0xfbef5
[  802.651243][T10002]  ? __pfx___x64_sys_umount+0x10/0x10
[  802.651310][T10002]  exit_to_user_mode_loop+0xeb/0x110
[  802.651357][T10002]  do_syscall_64+0x3f6/0x4c0
[  802.651403][T10002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.651446][T10002] RIP: 0033:0x7f4d7438fcd7
[  802.651475][T10002] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  802.651513][T10002] RSP: 002b:00007ffe44c00ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  802.651548][T10002] RAX: 0000000000000000 RBX: 00007f4d74410b55 RCX: 00007f4d7438fcd7
[  802.651573][T10002] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe44c00f90
[  802.651596][T10002] RBP: 00007ffe44c00f90 R08: 0000000000000000 R09: 0000000000000000
[  802.651620][T10002] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe44c02020
[  802.651644][T10002] R13: 00007f4d74410b55 R14: 00000000000c387d R15: 00007ffe44c02060
[  802.651693][T10002]  </TASK>
[  803.095086][T10002] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  803.915236][T10768] team0: Port device team_slave_0 added
[  804.052875][T10768] team0: Port device team_slave_1 added
[  807.436596][T10768] batman_adv: batadv0: Adding interface: batadv_slave_0
[  807.487764][T10768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  808.693210][T11052] random: crng reseeded on system resumption
[  809.384620][T10768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  809.591252][T10768] batman_adv: batadv0: Adding interface: batadv_slave_1
[  809.697549][T10768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.799389][T10768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  810.907217][T10868] chnl_net:caif_netlink_parms(): no params data found
[  811.606784][ T5976] hsr_slave_0: left promiscuous mode
[  811.889910][ T5976] hsr_slave_1: left promiscuous mode
[  811.917478][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  811.936408][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0
[  812.810944][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  812.849929][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1
[  813.421506][ T5976] veth1_macvtap: left promiscuous mode
[  813.427099][ T5976] veth0_macvtap: left promiscuous mode
[  813.433954][ T5976] veth1_vlan: left promiscuous mode
[  813.439305][ T5976] veth0_vlan: left promiscuous mode
[  818.680473][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  818.686848][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  825.285514][T10008] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  825.294194][T10008] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  825.302118][T10008] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  825.311285][T10008] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  825.319323][T10008] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  827.610406][T10010] Bluetooth: hci5: command tx timeout
[  829.633976][T10010] Bluetooth: hci5: command tx timeout
[  829.933101][ T5976] team0 (unregistering): Port device team_slave_1 removed
[  831.881575][T10010] Bluetooth: hci5: command tx timeout
[  832.709250][ T5976] team0 (unregistering): Port device team_slave_0 removed
[  833.960052][T10010] Bluetooth: hci5: command tx timeout
[  834.831091][T11216] loop4: detected capacity change from 0 to 2048
[  834.935742][T11216] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  835.019405][T11223] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  838.400876][T10008] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  839.118228][T10008] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  839.159953][T10008] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  839.207437][T10008] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  839.217667][T10008] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  841.311230][T10010] Bluetooth: hci7: command tx timeout
[  842.903250][T11256] random: crng reseeded on system resumption
[  843.558615][T10008] Bluetooth: hci7: command tx timeout
[  844.040978][T11261] random: crng reseeded on system resumption
[  845.850518][T10010] Bluetooth: hci7: command tx timeout
[  847.919918][T10010] Bluetooth: hci7: command tx timeout
[  847.940836][T11163] lo speed is unknown, defaulting to 1000
[  849.001060][T11238] lo speed is unknown, defaulting to 1000
[  856.421818][T10008] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  856.430987][T10008] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  856.440229][T10008] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  856.494535][T10008] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  856.520913][T10008] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  856.697580][T10008] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  856.730498][T10008] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  856.733651][ T5976] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.766305][T10008] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  856.777257][T10008] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  856.787671][T10008] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  857.124166][ T5976] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.335206][ T5976] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.407185][T11315] lo speed is unknown, defaulting to 1000
[  857.446887][T11313] lo speed is unknown, defaulting to 1000
[  857.560463][ T5976] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.577702][T11163] chnl_net:caif_netlink_parms(): no params data found
[  857.648374][T11238] chnl_net:caif_netlink_parms(): no params data found
[  858.216253][T11238] bridge0: port 1(bridge_slave_0) entered blocking state
[  858.227022][T11238] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.234402][T11238] bridge_slave_0: entered allmulticast mode
[  858.242450][T11238] bridge_slave_0: entered promiscuous mode
[  858.350831][T11163] bridge0: port 1(bridge_slave_0) entered blocking state
[  858.359709][T11163] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.392402][T11163] bridge_slave_0: entered allmulticast mode
[  858.412859][T11163] bridge_slave_0: entered promiscuous mode
[  858.428668][T11163] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.450161][T11163] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.457364][T11163] bridge_slave_1: entered allmulticast mode
[  858.480809][T11163] bridge_slave_1: entered promiscuous mode
[  858.529365][T11238] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.542305][T11238] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.549456][T11238] bridge_slave_1: entered allmulticast mode
[  858.557109][T11238] bridge_slave_1: entered promiscuous mode
[  858.564669][ T5976] bridge_slave_1: left allmulticast mode
[  858.570813][ T5976] bridge_slave_1: left promiscuous mode
[  858.576691][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.586315][ T5976] bridge_slave_0: left allmulticast mode
[  858.592157][ T5976] bridge_slave_0: left promiscuous mode
[  858.597866][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.600296][T10010] Bluetooth: hci2: command tx timeout
[  858.829935][T10010] Bluetooth: hci0: command tx timeout
[  858.918192][ T5976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  858.929748][ T5976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  858.943140][ T5976] bond0 (unregistering): Released all slaves
[  859.109474][T11238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.123070][T11163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.219034][T11238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.254141][T11163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.272590][T11315] chnl_net:caif_netlink_parms(): no params data found
[  859.441382][T11238] team0: Port device team_slave_0 added
[  859.456771][T11238] team0: Port device team_slave_1 added
[  859.466661][T11163] team0: Port device team_slave_0 added
[  859.541735][T11163] team0: Port device team_slave_1 added
[  859.657693][ T5976] hsr_slave_0: left promiscuous mode
[  859.664350][ T5976] hsr_slave_1: left promiscuous mode
[  859.670555][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  859.677979][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0
[  859.687182][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  859.694830][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1
[  859.716787][ T5976] veth1_macvtap: left promiscuous mode
[  859.722464][ T5976] veth0_macvtap: left promiscuous mode
[  859.728138][ T5976] veth1_vlan: left promiscuous mode
[  859.733663][ T5976] veth0_vlan: left promiscuous mode
[  860.154525][ T5976] team0 (unregistering): Port device team_slave_1 removed
[  860.199368][ T5976] team0 (unregistering): Port device team_slave_0 removed
[  860.566444][T11238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  860.578466][T11238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.621657][T11238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  860.657819][T11238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  860.666866][T11238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.696224][T11238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.707569][T10010] Bluetooth: hci2: command tx timeout
[  860.715941][T11163] batman_adv: batadv0: Adding interface: batadv_slave_0
[  860.723058][T11163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.749123][T11163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  860.808288][T11163] batman_adv: batadv0: Adding interface: batadv_slave_1
[  860.820244][T11163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.849981][T11163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.910388][T10010] Bluetooth: hci0: command tx timeout
[  860.915972][T11313] chnl_net:caif_netlink_parms(): no params data found
[  860.963039][T11315] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.971638][T11315] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.978785][T11315] bridge_slave_0: entered allmulticast mode
[  860.994517][T11315] bridge_slave_0: entered promiscuous mode
[  861.009692][T11315] bridge0: port 2(bridge_slave_1) entered blocking state
[  861.017097][T11315] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.024726][T11315] bridge_slave_1: entered allmulticast mode
[  861.037427][T11315] bridge_slave_1: entered promiscuous mode
[  861.190425][T11238] hsr_slave_0: entered promiscuous mode
[  861.197192][T11238] hsr_slave_1: entered promiscuous mode
[  861.207379][T11238] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  861.219183][T11238] Cannot create hsr debugfs directory
[  861.279581][T11163] hsr_slave_0: entered promiscuous mode
[  861.286652][T11163] hsr_slave_1: entered promiscuous mode
[  861.308696][T11163] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  861.330150][T11163] Cannot create hsr debugfs directory
[  861.353455][ T5976] IPVS: stop unused estimator thread 0...
[  861.419421][T11315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  861.499211][T11315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  861.822354][T11315] team0: Port device team_slave_0 added
[  861.878907][T11313] bridge0: port 1(bridge_slave_0) entered blocking state
[  861.888895][T11313] bridge0: port 1(bridge_slave_0) entered disabled state
[  861.896957][T11313] bridge_slave_0: entered allmulticast mode
[  861.922635][T11313] bridge_slave_0: entered promiscuous mode
[  861.941289][T11313] bridge0: port 2(bridge_slave_1) entered blocking state
[  861.948421][T11313] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.971215][T11313] bridge_slave_1: entered allmulticast mode
[  861.991964][T11313] bridge_slave_1: entered promiscuous mode
[  862.016298][T11315] team0: Port device team_slave_1 added
[  862.181725][ T5976] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.318229][T11315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  862.339874][T11315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  862.387146][T11315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  862.513066][ T5976] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.549174][T11313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  862.562308][T11315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  862.569274][T11315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  862.601387][T11315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  862.663577][T11313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  862.699304][ T5976] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.749967][T10010] Bluetooth: hci2: command tx timeout
[  862.927303][ T5976] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.989962][T10010] Bluetooth: hci0: command tx timeout
[  863.018288][T11315] hsr_slave_0: entered promiscuous mode
[  863.035982][T11315] hsr_slave_1: entered promiscuous mode
[  863.044329][T11315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  863.052421][T11315] Cannot create hsr debugfs directory
[  863.122362][T11313] team0: Port device team_slave_0 added
[  863.193054][T11313] team0: Port device team_slave_1 added
[  863.363041][T11313] batman_adv: batadv0: Adding interface: batadv_slave_0
[  863.381098][T11313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.420514][T11313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  863.561088][T11313] batman_adv: batadv0: Adding interface: batadv_slave_1
[  863.568106][T11313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.609481][T11313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  863.875623][T11313] hsr_slave_0: entered promiscuous mode
[  863.898797][T11313] hsr_slave_1: entered promiscuous mode
[  863.905950][T11313] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  863.914117][T11313] Cannot create hsr debugfs directory
[  864.307045][ T5976] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  864.318039][ T5976] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  864.451217][ T5976] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  864.462424][ T5976] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  864.580805][ T5976] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  864.597665][ T5976] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  864.747155][ T5976] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  864.757587][ T5976] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  864.839172][T10010] Bluetooth: hci2: command tx timeout
[  865.070447][T10010] Bluetooth: hci0: command tx timeout
[  865.102975][ T5976] bridge_slave_1: left allmulticast mode
[  865.108688][ T5976] bridge_slave_1: left promiscuous mode
[  865.126559][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.156813][ T5976] bridge_slave_0: left allmulticast mode
[  865.176733][ T5976] bridge_slave_0: left promiscuous mode
[  865.188215][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.219315][ T5976] bridge_slave_1: left allmulticast mode
[  865.225403][ T5976] bridge_slave_1: left promiscuous mode
[  865.232448][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.252539][ T5976] bridge_slave_0: left allmulticast mode
[  865.258208][ T5976] bridge_slave_0: left promiscuous mode
[  865.275586][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.302497][ T5976] bridge_slave_1: left allmulticast mode
[  865.308169][ T5976] bridge_slave_1: left promiscuous mode
[  865.317942][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.336237][ T5976] bridge_slave_0: left allmulticast mode
[  865.349834][ T5976] bridge_slave_0: left promiscuous mode
[  865.355584][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.002860][ T5976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  866.014276][ T5976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  866.027502][ T5976] bond0 (unregistering): Released all slaves
[  866.184948][ T5976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  866.196368][ T5976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  866.211757][ T5976] bond0 (unregistering): Released all slaves
[  866.340125][ T5976] bond0 (unregistering): Released all slaves
[  866.699619][ T5976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  866.724575][ T5976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  866.737103][ T5976] bond0 (unregistering): Released all slaves
[  866.757394][T11238] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  866.775615][T11238] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  866.913774][T11238] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  866.948195][T11238] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  867.016760][ T5976] tipc: Left network mode
[  867.317494][T11238] 8021q: adding VLAN 0 to HW filter on device bond0
[  867.394157][T11238] 8021q: adding VLAN 0 to HW filter on device team0
[  867.431341][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.438549][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  867.495611][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  867.502806][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  867.609153][T11315] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  867.637614][T11315] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  867.708670][T11313] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.730431][T11315] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  867.753797][T11315] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  867.797554][T11313] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  867.826669][ T5976] hsr_slave_0: left promiscuous mode
[  867.837794][ T5976] hsr_slave_1: left promiscuous mode
[  867.846887][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  867.864851][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0
[  867.876320][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  867.889034][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1
[  867.898520][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0
[  867.908828][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1
[  867.925342][ T5976] hsr_slave_0: left promiscuous mode
[  867.935025][ T5976] hsr_slave_1: left promiscuous mode
[  867.941316][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  867.951497][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_0
[  867.959598][ T5976] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  867.967618][ T5976] batman_adv: batadv0: Removing interface: batadv_slave_1
[  868.011997][ T5976] veth1_macvtap: left promiscuous mode
[  868.017536][ T5976] veth0_macvtap: left promiscuous mode
[  868.024052][ T5976] veth1_vlan: left promiscuous mode
[  868.029376][ T5976] veth0_vlan: left promiscuous mode
[  868.036409][ T5976] veth1_macvtap: left promiscuous mode
[  868.042221][ T5976] veth0_macvtap: left promiscuous mode
[  868.054164][ T5976] veth1_vlan: left promiscuous mode
[  868.059458][ T5976] veth0_vlan: left promiscuous mode
[  868.656525][ T5976] team0 (unregistering): Port device team_slave_1 removed
[  868.703870][ T5976] team0 (unregistering): Port device team_slave_0 removed
[  869.141440][ T5976] team0 (unregistering): Port device team_slave_1 removed
[  869.184900][ T5976] team0 (unregistering): Port device team_slave_0 removed
[  869.746663][ T5976] team0 (unregistering): Port device team_slave_1 removed
[  869.797203][ T5976] team0 (unregistering): Port device team_slave_0 removed
[  870.197788][T11313] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.355572][T11313] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.544466][T11315] 8021q: adding VLAN 0 to HW filter on device bond0
[  870.588359][T11315] 8021q: adding VLAN 0 to HW filter on device team0
[  870.644529][ T6077] bridge0: port 1(bridge_slave_0) entered blocking state
[  870.651753][ T6077] bridge0: port 1(bridge_slave_0) entered forwarding state
[  870.688007][ T6077] bridge0: port 2(bridge_slave_1) entered blocking state
[  870.695169][ T6077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  870.879475][T11313] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  870.916958][T11238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  870.943471][T11313] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  870.963168][T11313] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  871.013714][T11313] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  871.187232][T11163] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  871.245582][T11163] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  871.276073][T11163] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  871.355499][T11163] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  871.667484][T11313] 8021q: adding VLAN 0 to HW filter on device bond0
[  871.711509][T11313] 8021q: adding VLAN 0 to HW filter on device team0
[  871.787583][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  871.794749][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  871.806445][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  871.813620][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  871.857743][T11315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  872.072180][T11238] veth0_vlan: entered promiscuous mode
[  872.087555][T11163] 8021q: adding VLAN 0 to HW filter on device bond0
[  872.123149][T11238] veth1_vlan: entered promiscuous mode
[  872.188152][T11163] 8021q: adding VLAN 0 to HW filter on device team0
[  872.211741][ T5976] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.218892][ T5976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  872.314532][ T5976] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.321754][ T5976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  872.364253][T11238] veth0_macvtap: entered promiscuous mode
[  872.405906][T11238] veth1_macvtap: entered promiscuous mode
[  872.539331][T11238] batman_adv: batadv0: Interface activated: batadv_slave_0
[  872.576041][T11238] batman_adv: batadv0: Interface activated: batadv_slave_1
[  872.645234][T11238] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  872.671012][T11238] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  872.679762][T11238] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  872.707892][T11238] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  872.833791][T11315] veth0_vlan: entered promiscuous mode
[  872.849523][T11313] 8021q: adding VLAN 0 to HW filter on device batadv0
[  872.976904][T11315] veth1_vlan: entered promiscuous mode
[  873.007144][ T7638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  873.020995][ T7638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  873.106012][ T4181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  873.128044][ T4181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  873.185039][T11315] veth0_macvtap: entered promiscuous mode
[  873.204820][T11163] 8021q: adding VLAN 0 to HW filter on device batadv0
[  873.241218][T11313] veth0_vlan: entered promiscuous mode
[  873.296423][T11313] veth1_vlan: entered promiscuous mode
[  873.335468][T11315] veth1_macvtap: entered promiscuous mode
[  873.518484][T11480] loop4: detected capacity change from 0 to 512
[  873.536339][T11480] EXT4-fs: Ignoring removed mblk_io_submit option
[  873.594621][T11480] EXT4-fs: Ignoring removed bh option
[  874.561801][T11480] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  874.794261][T11315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  874.834556][T11480] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  874.991261][T11315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  875.208838][T11313] veth0_macvtap: entered promiscuous mode
[  875.228500][T11480] EXT4-fs (loop4): 1 truncate cleaned up
[  875.305129][T11480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  875.336690][T11313] veth1_macvtap: entered promiscuous mode
[  875.595638][T11315] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  876.608116][T11486] loop9: detected capacity change from 0 to 4096
[  876.800548][   T30] audit: type=1800 audit(1753311953.950:65): pid=11486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1059" name="file2" dev="loop9" ino=16 res=0 errno=0
[  877.626880][T11315] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  877.875699][T11315] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  877.961440][T11315] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  878.114193][T11313] batman_adv: batadv0: Interface activated: batadv_slave_0
[  878.175363][T10002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.234492][T11313] batman_adv: batadv0: Interface activated: batadv_slave_1
[  878.803761][T11313] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  878.854605][T11313] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  878.937202][T11313] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  878.982129][T11313] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  879.817511][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  879.830264][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  881.892443][ T1005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  881.942578][ T1005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  883.140845][ T3792] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  883.189841][ T3792] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  883.618537][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  883.658803][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  884.605837][ T6102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  884.658875][ T6102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  887.391275][   T30] audit: type=1804 audit(1753311964.470:66): pid=11548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1074" name="/newroot/5/file0" dev="tmpfs" ino=44 res=1 errno=0
[  887.412304][    C0] vkms_vblank_simulate: vblank timer overrun
[  888.606665][T10008] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  888.624534][T10008] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  888.643803][T10008] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  889.100632][T11558] random: crng reseeded on system resumption
[  889.511107][T10008] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  889.532424][T10008] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  890.631197][T11553] lo speed is unknown, defaulting to 1000
[  891.629953][T10008] Bluetooth: hci4: command tx timeout
[  893.841993][T10008] Bluetooth: hci4: command tx timeout
[  895.931271][T10008] Bluetooth: hci4: command tx timeout
[  897.969907][T10008] Bluetooth: hci4: command tx timeout
[  901.996810][T11553] chnl_net:caif_netlink_parms(): no params data found
[  903.895964][T11651] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  906.016194][T11663] loop0: detected capacity change from 0 to 256
[  906.086826][T11663] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  906.191756][T11663] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  906.696937][T11663] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  908.616129][T11553] bridge0: port 1(bridge_slave_0) entered blocking state
[  908.950493][T11553] bridge0: port 1(bridge_slave_0) entered disabled state
[  908.957791][T11553] bridge_slave_0: entered allmulticast mode
[  909.252985][T11553] bridge_slave_0: entered promiscuous mode
[  909.527026][T11684] loop4: detected capacity change from 0 to 32768
[  909.581357][T11553] bridge0: port 2(bridge_slave_1) entered blocking state
[  909.647682][T11684] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  909.682780][T11553] bridge0: port 2(bridge_slave_1) entered disabled state
[  909.714518][T11694] loop9: detected capacity change from 0 to 128
[  909.726978][T11553] bridge_slave_1: entered allmulticast mode
[  909.781422][T11553] bridge_slave_1: entered promiscuous mode
[  909.799706][T11684] XFS (loop4): Ending clean mount
[  910.333167][T11697] syz.4.1103 uses obsolete (PF_INET,SOCK_PACKET)
[  911.114278][T11702] random: crng reseeded on system resumption
[  911.922852][T11694] Cannot find del_set index 0 as target
[  913.212869][T10002] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  914.173768][T11553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  914.218231][T11553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  917.847335][T10008] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  920.085382][T11553] team0: Port device team_slave_0 added
[  920.967789][T11553] team0: Port device team_slave_1 added
[  921.111014][   T12] bridge_slave_1: left allmulticast mode
[  921.190440][T11764] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  921.204127][T11764] overlayfs: failed to set xattr on upper
[  921.210078][T11764] overlayfs: ...falling back to redirect_dir=nofollow.
[  921.217018][T11764] overlayfs: ...falling back to index=off.
[  921.223062][T11764] overlayfs: ...falling back to uuid=null.
[  921.229018][T11764] overlayfs: maximum fs stacking depth exceeded
[  921.240170][   T12] bridge_slave_1: left promiscuous mode
[  921.248016][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  921.901106][   T12] bridge_slave_0: left allmulticast mode
[  921.906814][   T12] bridge_slave_0: left promiscuous mode
[  922.393325][T11769] random: crng reseeded on system resumption
[  922.880199][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  922.905425][T11771] fuse: Bad value for 'fd'
[  924.414048][T11783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1122'.
[  928.294961][ T5831] IPVS: starting estimator thread 0...
[  928.829866][T11809] IPVS: using max 23 ests per chain, 55200 per kthread
[  930.545086][T10008] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  933.238972][   T30] audit: type=1804 audit(1753312010.340:67): pid=11842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1132" name="/newroot/61/file0" dev="tmpfs" ino=337 res=1 errno=0
[  934.656370][T11854] random: crng reseeded on system resumption
[  936.297407][T11861] loop0: detected capacity change from 0 to 128
[  936.310423][T11861] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4621: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  936.340169][T11861] EXT4-fs (loop0): Encoding requested by superblock is unknown
[  941.106457][T11884] random: crng reseeded on system resumption
[  941.140526][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  941.147097][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  941.863000][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  942.334417][T11890] random: crng reseeded on system resumption
[  942.813790][T11894] loop4: detected capacity change from 0 to 128
[  942.825430][T11894] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  942.890335][T11894] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  942.983198][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  943.065895][T10008] Bluetooth: hci7: Received unexpected HCI Event 0x00
[  943.870252][   T12] bond0 (unregistering): Released all slaves
[  944.947862][ T1005] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  945.254175][T11909] loop4: detected capacity change from 0 to 128
[  945.537209][T11909] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  946.383449][T10010] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  946.395764][T10010] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  946.405828][T10010] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  946.414148][T10010] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  946.422797][T10010] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  948.085160][   T12] hsr_slave_0: left promiscuous mode
[  948.357990][T10008] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  948.370719][T10008] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  948.389993][T10008] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  948.420129][T10008] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  948.430970][T10008] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  948.514863][   T12] hsr_slave_1: left promiscuous mode
[  948.523645][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  948.600411][T10010] Bluetooth: hci5: command tx timeout
[  948.690642][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  948.974344][T11941] evm: overlay not supported
[  950.512416][T10010] Bluetooth: hci6: command tx timeout
[  950.899894][T10010] Bluetooth: hci5: command tx timeout
[  952.888659][T10010] Bluetooth: hci6: command tx timeout
[  953.153493][T10008] Bluetooth: hci5: command tx timeout
[  954.909855][T10010] Bluetooth: hci6: command tx timeout
[  955.360476][T11970] random: crng reseeded on system resumption
[  955.443134][T10010] Bluetooth: hci5: command tx timeout
[  955.904834][T11975] loop9: detected capacity change from 0 to 128
[  956.042329][T11975] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  956.453216][T11975] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  957.010377][T10010] Bluetooth: hci6: command tx timeout
[  957.031147][    T9] libceph: connect (1)[c::]:6789 error -101
[  957.064463][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  957.407944][    T9] libceph: connect (1)[c::]:6789 error -101
[  957.414286][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  958.254817][ T5921] libceph: connect (1)[c::]:6789 error -101
[  958.900606][ T5921] libceph: mon0 (1)[c::]:6789 connect error
[  958.970251][T11980] ceph: No mds server is up or the cluster is laggy
[  960.381632][   T12] team0 (unregistering): Port device team_slave_1 removed
[  960.426773][T11998] loop4: detected capacity change from 0 to 16
[  960.548854][T11998] erofs (device loop4): mounted with root inode @ nid 36.
[  960.588950][   T12] team0 (unregistering): Port device team_slave_0 removed
[  961.381305][T12005] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  961.534320][T11998] erofs (device loop4): bogus dirent @ nid 36
[  963.656361][T10008] Bluetooth: hci7: command 0x0406 tx timeout
[  970.204961][T12050] random: crng reseeded on system resumption
[  970.962102][ T7638] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  973.443030][T10008] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  973.454409][T10008] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  973.463632][T10008] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  973.484341][T10008] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  973.499986][T10008] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  973.769589][T11913] lo speed is unknown, defaulting to 1000
[  973.898993][T11932] lo speed is unknown, defaulting to 1000
[  973.958204][T12069] lo speed is unknown, defaulting to 1000
[  975.550891][T10010] Bluetooth: hci1: command tx timeout
[  977.538000][   T30] audit: type=1326 audit(1753312054.660:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12101 comm="syz.5.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81038e9a9 code=0x7ffc0000
[  977.641890][T12108] Bluetooth: hci1: command tx timeout
[  977.798748][   T30] audit: type=1326 audit(1753312054.660:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12101 comm="syz.5.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81038e9a9 code=0x7ffc0000
[  978.100115][   T30] audit: type=1326 audit(1753312054.660:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12101 comm="syz.5.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7ff81038e9a9 code=0x7ffc0000
[  978.206374][   T30] audit: type=1326 audit(1753312054.660:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12101 comm="syz.5.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81038e9a9 code=0x7ffc0000
[  978.969430][   T30] audit: type=1326 audit(1753312054.670:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12101 comm="syz.5.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81038e9a9 code=0x7ffc0000
[  979.438155][T11932] chnl_net:caif_netlink_parms(): no params data found
[  979.523862][T10008] Bluetooth: hci2: command 0x0406 tx timeout
[  979.531522][T10008] Bluetooth: hci0: command 0x0406 tx timeout
[  980.116554][T12131] random: crng reseeded on system resumption
[  980.239450][T10010] Bluetooth: hci1: command tx timeout
[  982.279074][T10010] Bluetooth: hci1: command tx timeout
[  982.312224][ T1005] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  982.406405][T11913] chnl_net:caif_netlink_parms(): no params data found
[  982.431482][T12143] loop0: detected capacity change from 0 to 512
[  982.464825][T12143] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  982.488477][T12069] chnl_net:caif_netlink_parms(): no params data found
[  985.447320][ T1005] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.466600][T11313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  985.571050][T12168] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1196'.
[  987.545484][ T1005] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  989.174578][T11932] bridge0: port 1(bridge_slave_0) entered blocking state
[  989.216350][T11932] bridge0: port 1(bridge_slave_0) entered disabled state
[  989.240195][T11932] bridge_slave_0: entered allmulticast mode
[  989.262384][T11932] bridge_slave_0: entered promiscuous mode
[  990.499065][ T1005] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  992.872370][T11932] bridge0: port 2(bridge_slave_1) entered blocking state
[  992.882116][T11932] bridge0: port 2(bridge_slave_1) entered disabled state
[  992.889363][T11932] bridge_slave_1: entered allmulticast mode
[  992.905996][T11932] bridge_slave_1: entered promiscuous mode
[  993.277257][T12069] bridge0: port 1(bridge_slave_0) entered blocking state
[  994.272538][T12069] bridge0: port 1(bridge_slave_0) entered disabled state
[  994.280687][T12069] bridge_slave_0: entered allmulticast mode
[  995.102755][T12069] bridge_slave_0: entered promiscuous mode
[  995.121738][T11913] bridge0: port 1(bridge_slave_0) entered blocking state
[  995.139894][T11913] bridge0: port 1(bridge_slave_0) entered disabled state
[  995.147113][T11913] bridge_slave_0: entered allmulticast mode
[  995.181948][T11913] bridge_slave_0: entered promiscuous mode
[  995.749950][T12069] bridge0: port 2(bridge_slave_1) entered blocking state
[  995.757145][T12069] bridge0: port 2(bridge_slave_1) entered disabled state
[  996.751859][T12069] bridge_slave_1: entered allmulticast mode
[  996.760240][T12069] bridge_slave_1: entered promiscuous mode
[  996.770520][T11913] bridge0: port 2(bridge_slave_1) entered blocking state
[  996.777665][T11913] bridge0: port 2(bridge_slave_1) entered disabled state
[  996.785493][T11913] bridge_slave_1: entered allmulticast mode
[  997.138112][T11913] bridge_slave_1: entered promiscuous mode
[  998.227749][T11932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  998.509217][T12069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  998.769466][T11932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1000.900632][T12069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1000.959432][T11913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1001.541129][T11932] team0: Port device team_slave_0 added
[ 1002.819635][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1002.826273][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1004.320991][T11932] team0: Port device team_slave_1 added
[ 1004.354534][T12069] team0: Port device team_slave_0 added
[ 1004.421579][T12069] team0: Port device team_slave_1 added
[ 1004.756230][T12069] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1004.797368][T12069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.823433][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1004.979913][T12069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1004.988785][T12069] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1004.988809][T12069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.988887][T12069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1005.138178][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1005.325182][T12306] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1005.327834][ T5941] kernel read not supported for file /vga_arbiter (pid: 5941 comm: kworker/1:6)
[ 1005.374308][T10008] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1005.380145][T10008] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1005.383263][T10008] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1005.393348][ T1005] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1005.454469][T10008] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1005.466197][T10008] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1005.904429][T10008] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1005.915237][T10008] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1005.930227][T10008] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1005.957411][T10008] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1005.970722][T10008] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1006.861411][ T1005] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.159916][T12305] lo speed is unknown, defaulting to 1000
[ 1007.279085][ T1005] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.550070][T10010] Bluetooth: hci4: command tx timeout
[ 1007.687114][T12069] hsr_slave_0: entered promiscuous mode
[ 1007.701678][T12069] hsr_slave_1: entered promiscuous mode
[ 1007.708135][T12069] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1008.650030][T10010] Bluetooth: hci5: command tx timeout
[ 1008.696805][T12069] Cannot create hsr debugfs directory
[ 1008.826956][T12309] lo speed is unknown, defaulting to 1000
[ 1008.965552][ T1005] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1009.629858][T10010] Bluetooth: hci4: command tx timeout
[ 1011.478768][T10010] Bluetooth: hci5: command tx timeout
[ 1011.486230][   T30] audit: type=1800 audit(1753312086.250:73): pid=12348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1226" name="bus" dev="overlay" ino=273 res=0 errno=0
[ 1011.506748][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1011.960485][T10008] Bluetooth: hci4: command tx timeout
[ 1013.641474][T10008] Bluetooth: hci5: command tx timeout
[ 1014.039615][T10008] Bluetooth: hci4: command tx timeout
[ 1015.712310][T10008] Bluetooth: hci5: command tx timeout
[ 1016.780425][ T1005] bridge_slave_1: left allmulticast mode
[ 1016.795700][ T1005] bridge_slave_1: left promiscuous mode
[ 1016.822560][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1016.921633][ T1005] bridge_slave_0: left allmulticast mode
[ 1016.927370][ T1005] bridge_slave_0: left promiscuous mode
[ 1017.034017][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1017.268822][ T1005] bridge_slave_1: left allmulticast mode
[ 1017.297577][ T1005] bridge_slave_1: left promiscuous mode
[ 1017.361642][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1017.480013][ T1005] bridge_slave_0: left allmulticast mode
[ 1017.499917][ T1005] bridge_slave_0: left promiscuous mode
[ 1017.519690][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1017.565101][ T1005] bridge_slave_1: left allmulticast mode
[ 1017.590398][ T1005] bridge_slave_1: left promiscuous mode
[ 1017.596240][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1018.653162][ T1005] bridge_slave_0: left allmulticast mode
[ 1018.658886][ T1005] bridge_slave_0: left promiscuous mode
[ 1018.720206][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1019.989911][T12421] random: crng reseeded on system resumption
[ 1025.278393][T12458] loop5: detected capacity change from 0 to 512
[ 1025.327613][T12458] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1025.970211][T12458] EXT4-fs: Ignoring removed bh option
[ 1026.205011][T12458] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1026.276519][T12458] EXT4-fs (loop5): 1 truncate cleaned up
[ 1026.324981][T12458] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1028.187483][T11315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1028.660400][T12480] random: crng reseeded on system resumption
[ 1029.257500][T12482] random: crng reseeded on system resumption
[ 1032.421743][   T30] audit: type=1800 audit(1753312109.580:74): pid=12498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1255" name="bus" dev="overlay" ino=260 res=0 errno=0
[ 1034.823738][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1035.001988][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1035.055611][ T1005] bond0 (unregistering): Released all slaves
[ 1035.279681][T12515] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1036.264185][T12520] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1036.271980][T12520] overlayfs: failed to set xattr on upper
[ 1036.277933][T12520] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1036.659850][T12520] overlayfs: ...falling back to index=off.
[ 1036.705920][T12520] overlayfs: ...falling back to uuid=null.
[ 1036.731405][T12520] overlayfs: maximum fs stacking depth exceeded
[ 1036.732739][T10010] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1036.760434][T10010] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1036.768899][T10010] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1036.777968][T10010] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1036.785727][T10010] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1038.969830][T10010] Bluetooth: hci6: command tx timeout
[ 1039.843465][T12538] random: crng reseeded on system resumption
[ 1040.990120][T10010] Bluetooth: hci6: command tx timeout
[ 1041.878488][T12549] random: crng reseeded on system resumption
[ 1043.666740][T10010] Bluetooth: hci6: command tx timeout
[ 1044.437716][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1044.464894][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1044.496194][ T1005] bond0 (unregistering): Released all slaves
[ 1045.005954][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1045.225626][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1045.334427][ T1005] bond0 (unregistering): Released all slaves
[ 1045.753866][T12305] chnl_net:caif_netlink_parms(): no params data found
[ 1045.800827][T10010] Bluetooth: hci6: command tx timeout
[ 1047.078971][T12580] loop5: detected capacity change from 0 to 512
[ 1047.206281][T12580] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1047.461401][T12580] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1047.487143][T12309] chnl_net:caif_netlink_parms(): no params data found
[ 1049.678704][T11315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.699663][T12619] random: crng reseeded on system resumption
[ 1053.831572][T12629] 9pnet_virtio: no channels available for device syz
[ 1054.802627][T12522] lo speed is unknown, defaulting to 1000
[ 1055.570413][T12305] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1055.577608][T12305] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1055.618571][T12305] bridge_slave_0: entered allmulticast mode
[ 1055.668882][T12305] bridge_slave_0: entered promiscuous mode
[ 1055.783751][T12305] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1055.793150][T12305] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1055.801046][T12305] bridge_slave_1: entered allmulticast mode
[ 1056.725120][T12305] bridge_slave_1: entered promiscuous mode
[ 1062.156726][T12663] loop0: detected capacity change from 0 to 1024
[ 1062.918670][T12309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.947567][T12309] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1063.789806][T12309] bridge_slave_0: entered allmulticast mode
[ 1063.886777][T12663] EXT4-fs: Ignoring removed orlov option
[ 1063.905366][T12663] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1063.913420][T12663] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1063.923266][T12663] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[ 1063.956154][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1063.962570][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1064.238197][T12309] bridge_slave_0: entered promiscuous mode
[ 1064.782288][T12680] loop0: detected capacity change from 0 to 256
[ 1064.976789][T12680] vfat: Unknown parameter '€'
[ 1065.491845][T12309] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1065.499043][T12309] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1065.537516][T12309] bridge_slave_1: entered allmulticast mode
[ 1065.551894][T10008] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1065.569132][T10008] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1065.571055][T12309] bridge_slave_1: entered promiscuous mode
[ 1065.589055][T10008] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1065.602482][T10008] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1065.631275][T10008] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1065.862486][ T1005] hsr_slave_0: left promiscuous mode
[ 1065.889942][ T1005] hsr_slave_1: left promiscuous mode
[ 1065.896083][ T1005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1065.919953][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1065.940071][ T1005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1065.947521][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1066.082251][ T1005] hsr_slave_0: left promiscuous mode
[ 1066.132728][ T1005] hsr_slave_1: left promiscuous mode
[ 1066.149931][ T1005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1066.201178][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1066.661010][ T1005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1066.669835][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1067.655986][T12708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1301'.
[ 1067.716258][T10008] Bluetooth: hci1: command tx timeout
[ 1067.917414][ T1005] veth1_macvtap: left promiscuous mode
[ 1067.930864][ T1005] veth0_macvtap: left promiscuous mode
[ 1067.984544][ T1005] veth1_vlan: left promiscuous mode
[ 1068.023396][ T1005] veth0_vlan: left promiscuous mode
[ 1068.341700][ T1005] veth1_macvtap: left promiscuous mode
[ 1068.380428][ T1005] veth0_macvtap: left promiscuous mode
[ 1068.387305][ T1005] veth1_vlan: left promiscuous mode
[ 1068.407649][ T1005] veth0_vlan: left promiscuous mode
[ 1068.861370][T12717] loop5: detected capacity change from 0 to 64
[ 1068.886648][T10010] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1069.334411][T10010] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1069.352501][T10010] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1069.498178][T10010] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1069.515524][T10010] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1069.790112][T10010] Bluetooth: hci1: command tx timeout
[ 1069.864247][T12721] loop0: detected capacity change from 0 to 40427
[ 1069.938975][T12721] F2FS-fs (loop0): invalid crc value
[ 1070.032098][T12721] F2FS-fs (loop0): Start checkpoint disabled!
[ 1070.147445][T12721] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1071.018818][   T30] audit: type=1804 audit(1753312148.170:75): pid=12738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1304" name="/newroot/62/file0/file0" dev="loop0" ino=10 res=1 errno=0
[ 1071.362622][   T30] audit: type=1804 audit(1753312148.200:76): pid=12734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1304" name="/newroot/62/file0/file0" dev="loop0" ino=10 res=1 errno=0
[ 1071.790675][   T49] kworker/u8:3: attempt to access beyond end of device
[ 1071.790675][   T49] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1071.873383][   T49] CPU: 1 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[ 1071.873436][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1071.873461][   T49] Workqueue: writeback wb_workfn (flush-7:0)
[ 1071.873515][   T49] Call Trace:
[ 1071.873528][   T49]  <TASK>
[ 1071.873546][   T49]  dump_stack_lvl+0x16c/0x1f0
[ 1071.873589][   T49]  f2fs_handle_critical_error+0x621/0x9f0
[ 1071.873651][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.873699][   T49]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1071.873762][   T49]  f2fs_write_end_io+0x785/0xc20
[ 1071.873829][   T49]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1071.873899][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.873957][   T49]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1071.874018][   T49]  bio_endio+0x70d/0x850
[ 1071.874071][   T49]  submit_bio_noacct+0x56d/0x1eb0
[ 1071.874143][   T49]  __submit_merged_bio+0x33c/0x770
[ 1071.874217][   T49]  __submit_merged_write_cond+0x319/0x3f0
[ 1071.874296][   T49]  f2fs_write_cache_pages+0x2067/0x2570
[ 1071.874371][   T49]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1071.874411][   T49]  ? ret_from_fork+0x5d7/0x6f0
[ 1071.874476][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.874523][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.874569][   T49]  ? unwind_get_return_address+0x59/0xa0
[ 1071.874608][   T49]  ? arch_stack_walk+0x88/0x100
[ 1071.874677][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.874801][   T49]  ? __pfx___page_table_check_zero+0x10/0x10
[ 1071.874858][   T49]  ? mark_held_locks+0x49/0x80
[ 1071.874922][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.874967][   T49]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1071.875008][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.875064][   T49]  f2fs_write_data_pages+0x4ad/0xd90
[ 1071.875116][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1071.875174][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.875224][   T49]  ? __lock_acquire+0xb8a/0x1c90
[ 1071.875288][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1071.875335][   T49]  do_writepages+0x27a/0x600
[ 1071.875385][   T49]  ? __pfx_do_writepages+0x10/0x10
[ 1071.875424][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.875470][   T49]  ? reacquire_held_locks+0xcd/0x1f0
[ 1071.875533][   T49]  ? writeback_sb_inodes+0x3a4/0xf90
[ 1071.875582][   T49]  __writeback_single_inode+0x160/0xfb0
[ 1071.875630][   T49]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1071.875672][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.875718][   T49]  ? do_raw_spin_unlock+0x172/0x230
[ 1071.875762][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.875817][   T49]  writeback_sb_inodes+0x601/0xf90
[ 1071.875886][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1071.875927][   T49]  ? __lock_acquire+0xb8a/0x1c90
[ 1071.876066][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876113][   T49]  ? rcu_is_watching+0x12/0xc0
[ 1071.876162][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876213][   T49]  ? queue_io+0x3f6/0x520
[ 1071.876255][   T49]  wb_writeback+0x419/0xb70
[ 1071.876310][   T49]  ? __pfx_wb_writeback+0x10/0x10
[ 1071.876349][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876410][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876456][   T49]  ? mark_held_locks+0x49/0x80
[ 1071.876527][   T49]  wb_workfn+0x14d/0xbe0
[ 1071.876577][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876623][   T49]  ? try_to_wake_up+0x157/0x1680
[ 1071.876672][   T49]  ? __pfx_wb_workfn+0x10/0x10
[ 1071.876721][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876773][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876826][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.876871][   T49]  ? rcu_is_watching+0x12/0xc0
[ 1071.876930][   T49]  process_one_work+0x9cf/0x1b70
[ 1071.876989][   T49]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1071.877047][   T49]  ? __pfx_process_one_work+0x10/0x10
[ 1071.877089][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.877150][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.877195][   T49]  ? assign_work+0x1a0/0x250
[ 1071.877245][   T49]  worker_thread+0x6c8/0xf10
[ 1071.877314][   T49]  ? __pfx_worker_thread+0x10/0x10
[ 1071.877356][   T49]  kthread+0x3c5/0x780
[ 1071.877396][   T49]  ? __pfx_kthread+0x10/0x10
[ 1071.877436][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1071.877482][   T49]  ? rcu_is_watching+0x12/0xc0
[ 1071.877532][   T49]  ? __pfx_kthread+0x10/0x10
[ 1071.877573][   T49]  ret_from_fork+0x5d7/0x6f0
[ 1071.877629][   T49]  ? __pfx_kthread+0x10/0x10
[ 1071.877668][   T49]  ret_from_fork_asm+0x1a/0x30
[ 1071.877740][   T49]  </TASK>
[ 1072.324749][T12742] loop5: detected capacity change from 0 to 32768
[ 1072.332209][T12742] XFS: ikeep mount option is deprecated.
[ 1072.353684][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1072.441293][T10010] Bluetooth: hci1: command tx timeout
[ 1072.449400][T10010] Bluetooth: hci4: command tx timeout
[ 1072.979588][T12742] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1073.068083][T12742] XFS (loop5): Ending clean mount
[ 1073.078914][T12742] XFS (loop5): Quotacheck needed: Please wait.
[ 1073.188149][T12742] XFS (loop5): Quotacheck: Done.
[ 1073.777641][T12759] loop4: detected capacity change from 0 to 512
[ 1073.922031][T12759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1073.952853][T11315] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1074.019911][T12759] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1074.515724][T10010] Bluetooth: hci1: command tx timeout
[ 1074.671910][T10002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1074.681391][T10010] Bluetooth: hci4: command tx timeout
[ 1075.294429][T12769] netlink: 'syz.5.1311': attribute type 2 has an invalid length.
[ 1076.750983][T10010] Bluetooth: hci4: command tx timeout
[ 1078.607238][T12786] random: crng reseeded on system resumption
[ 1078.726228][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1078.832346][T10010] Bluetooth: hci4: command tx timeout
[ 1079.714066][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1081.600423][T12804] loop0: detected capacity change from 0 to 512
[ 1081.624140][T12804] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1081.650547][T12804] EXT4-fs: Ignoring removed bh option
[ 1081.709692][T12804] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1081.767417][T12804] EXT4-fs (loop0): 1 truncate cleaned up
[ 1081.775161][T12804] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1083.133367][T11313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.561942][T12819] loop5: detected capacity change from 0 to 1024
[ 1084.569737][T12819] EXT4-fs: Ignoring removed orlov option
[ 1084.670112][T12818] netlink: 'syz.4.1331': attribute type 1 has an invalid length.
[ 1084.678197][T12818] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1331'.
[ 1084.958388][T12819] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1084.970041][T12819] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1084.979865][T12819] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[ 1085.109307][T12821] loop0: detected capacity change from 0 to 512
[ 1085.248123][T12821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1085.266706][T12821] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1085.857735][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1324'.
[ 1086.105884][T11313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1087.625136][T12833] random: crng reseeded on system resumption
[ 1094.531262][T12858] loop4: detected capacity change from 0 to 512
[ 1094.538684][T12858] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1094.590038][T12858] EXT4-fs: Ignoring removed bh option
[ 1094.614497][T12858] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1094.641305][T12858] EXT4-fs (loop4): 1 truncate cleaned up
[ 1094.649080][T12858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1095.945945][T12864] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 1096.032864][T12870] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 1096.492236][T10002] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1098.288681][T10008] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1098.297988][T10008] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1098.307227][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1098.318164][T10008] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1098.327417][T10008] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1098.335337][T10008] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1099.625068][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1100.429919][T10008] Bluetooth: hci5: command tx timeout
[ 1100.793976][   T30] audit: type=1800 audit(1753312177.520:77): pid=12890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1338" name="bus" dev="overlay" ino=414 res=0 errno=0
[ 1101.043393][T12897] random: crng reseeded on system resumption
[ 1102.640156][T10008] Bluetooth: hci5: command tx timeout
[ 1102.995478][T12913] 9pnet_virtio: no channels available for device syz
[ 1103.679145][T12914] random: crng reseeded on system resumption
[ 1104.565134][T12917] random: crng reseeded on system resumption
[ 1104.708975][T10008] Bluetooth: hci5: command tx timeout
[ 1104.975917][T12921] random: crng reseeded on system resumption
[ 1106.750558][T10008] Bluetooth: hci5: command tx timeout
[ 1107.352911][T12932] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1107.376055][T12932] overlayfs: failed to set xattr on upper
[ 1107.382317][T12932] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1107.536180][T12932] overlayfs: ...falling back to index=off.
[ 1107.833487][T12932] overlayfs: ...falling back to uuid=null.
[ 1107.839365][T12932] overlayfs: maximum fs stacking depth exceeded
[ 1108.630836][T12943] random: crng reseeded on system resumption
[ 1113.113032][T12967] loop0: detected capacity change from 0 to 512
[ 1113.158364][T12966] random: crng reseeded on system resumption
[ 1113.312174][T12967] EXT4-fs (loop0): #blocks per group too big: 466944
[ 1114.692741][T12974] Bluetooth: hci7: received HCILL_GO_TO_SLEEP_ACK in state 2
[ 1114.731572][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1115.034914][ T7638] Bluetooth: hci7: Frame reassembly failed (-84)
[ 1115.383951][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1116.025849][T12983] loop5: detected capacity change from 0 to 40427
[ 1116.592436][T12983] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1116.809944][T10008] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1117.089662][T12991] syz.5.1365: attempt to access beyond end of device
[ 1117.089662][T12991] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1117.862258][T11315] syz-executor: attempt to access beyond end of device
[ 1117.862258][T11315] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1117.939852][T11315] CPU: 0 UID: 0 PID: 11315 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[ 1117.939905][T11315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1117.939928][T11315] Call Trace:
[ 1117.939940][T11315]  <TASK>
[ 1117.939953][T11315]  dump_stack_lvl+0x16c/0x1f0
[ 1117.939999][T11315]  f2fs_handle_critical_error+0x621/0x9f0
[ 1117.940060][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.940107][T11315]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1117.940168][T11315]  f2fs_write_end_io+0x785/0xc20
[ 1117.940233][T11315]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1117.940301][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.940363][T11315]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1117.940423][T11315]  bio_endio+0x70d/0x850
[ 1117.940474][T11315]  submit_bio_noacct+0x56d/0x1eb0
[ 1117.940544][T11315]  __submit_merged_bio+0x33c/0x770
[ 1117.940612][T11315]  __submit_merged_write_cond+0x319/0x3f0
[ 1117.940687][T11315]  f2fs_write_cache_pages+0x2067/0x2570
[ 1117.940758][T11315]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1117.940811][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.940858][T11315]  ? __lock_acquire+0x622/0x1c90
[ 1117.940934][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.941027][T11315]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1117.941125][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.941174][T11315]  ? __lock_acquire+0x622/0x1c90
[ 1117.941242][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.941296][T11315]  f2fs_write_data_pages+0x4ad/0xd90
[ 1117.941353][T11315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1117.941409][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.941457][T11315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1117.941502][T11315]  do_writepages+0x27a/0x600
[ 1117.941550][T11315]  ? __pfx_do_writepages+0x10/0x10
[ 1117.941590][T11315]  ? do_raw_spin_unlock+0x172/0x230
[ 1117.941634][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.941680][T11315]  ? _raw_spin_unlock+0x28/0x50
[ 1117.941745][T11315]  filemap_fdatawrite_wbc+0x104/0x160
[ 1117.941793][T11315]  __filemap_fdatawrite_range+0xb2/0xf0
[ 1117.941849][T11315]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[ 1117.941962][T11315]  ? find_held_lock+0x2b/0x80
[ 1117.942012][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942058][T11315]  ? do_raw_spin_unlock+0x172/0x230
[ 1117.942102][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942155][T11315]  f2fs_sync_dirty_inodes+0x2a9/0x990
[ 1117.942220][T11315]  block_operations+0x2a3/0xfd0
[ 1117.942269][T11315]  ? __pfx___schedule+0x10/0x10
[ 1117.942340][T11315]  ? __pfx_block_operations+0x10/0x10
[ 1117.942439][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942485][T11315]  ? down_write+0x14d/0x200
[ 1117.942530][T11315]  ? __pfx_down_write+0x10/0x10
[ 1117.942577][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942623][T11315]  ? rcu_is_watching+0x12/0xc0
[ 1117.942679][T11315]  f2fs_write_checkpoint+0x2b8/0x4c60
[ 1117.942745][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942791][T11315]  ? kfree+0x2b4/0x4d0
[ 1117.942829][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942878][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.942924][T11315]  ? rcu_is_watching+0x12/0xc0
[ 1117.942972][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.943018][T11315]  ? kthread_stop+0x273/0x650
[ 1117.943085][T11315]  kill_f2fs_super+0x3c2/0x470
[ 1117.943131][T11315]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1117.943176][T11315]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1117.943233][T11315]  deactivate_locked_super+0xc1/0x1a0
[ 1117.943284][T11315]  deactivate_super+0xde/0x100
[ 1117.943339][T11315]  cleanup_mnt+0x225/0x450
[ 1117.943393][T11315]  task_work_run+0x150/0x240
[ 1117.943436][T11315]  ? __pfx_task_work_run+0x10/0x10
[ 1117.943475][T11315]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1117.943524][T11315]  ? __pfx___x64_sys_umount+0x10/0x10
[ 1117.943591][T11315]  exit_to_user_mode_loop+0xeb/0x110
[ 1117.943637][T11315]  do_syscall_64+0x3f6/0x4c0
[ 1117.943683][T11315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1117.943722][T11315] RIP: 0033:0x7ff81038fcd7
[ 1117.943750][T11315] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1117.943787][T11315] RSP: 002b:00007ffe17fec798 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1117.943822][T11315] RAX: 0000000000000000 RBX: 00007ff810410b55 RCX: 00007ff81038fcd7
[ 1117.943846][T11315] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe17fec850
[ 1117.943869][T11315] RBP: 00007ffe17fec850 R08: 0000000000000000 R09: 0000000000000000
[ 1117.943891][T11315] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe17fed8e0
[ 1117.943915][T11315] R13: 00007ff810410b55 R14: 0000000000110af5 R15: 00007ffe17fed920
[ 1117.943965][T11315]  </TASK>
[ 1117.943978][T11315] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[ 1119.043728][   T30] audit: type=1800 audit(1753312196.200:78): pid=12997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1367" name="bus" dev="overlay" ino=767 res=0 errno=0
[ 1119.950319][T12880] lo speed is unknown, defaulting to 1000
[ 1120.107328][T12719] lo speed is unknown, defaulting to 1000
[ 1120.162835][T12684] lo speed is unknown, defaulting to 1000
[ 1121.866318][T12719] chnl_net:caif_netlink_parms(): no params data found
[ 1122.211253][T12880] chnl_net:caif_netlink_parms(): no params data found
[ 1122.499942][T12719] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1122.507134][T12719] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.544574][T12719] bridge_slave_0: entered allmulticast mode
[ 1122.584166][T12719] bridge_slave_0: entered promiscuous mode
[ 1122.603754][T10008] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1122.618858][T10008] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1122.621543][T12719] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1122.633727][T12719] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1122.650521][T10008] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1122.653975][T12719] bridge_slave_1: entered allmulticast mode
[ 1122.681455][T10008] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1122.690619][T12719] bridge_slave_1: entered promiscuous mode
[ 1122.696793][T10008] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1122.915116][T12719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1123.003163][T12719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1123.125069][ T1005] IPVS: stop unused estimator thread 0...
[ 1123.220340][T12880] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.227518][T12880] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.251876][T12880] bridge_slave_0: entered allmulticast mode
[ 1123.270334][T12880] bridge_slave_0: entered promiscuous mode
[ 1123.299367][T12719] team0: Port device team_slave_0 added
[ 1123.308507][T13037] lo speed is unknown, defaulting to 1000
[ 1123.351070][T12880] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.358225][T12880] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1123.381909][T12880] bridge_slave_1: entered allmulticast mode
[ 1123.400317][T12880] bridge_slave_1: entered promiscuous mode
[ 1123.423928][T12719] team0: Port device team_slave_1 added
[ 1123.563101][T12719] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1123.578375][T12719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1123.604518][T12719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1123.659062][T12719] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1123.667580][T12719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1123.694095][T12719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1123.737295][T12880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1123.823252][T12880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1123.941803][T12719] hsr_slave_0: entered promiscuous mode
[ 1123.970900][T12719] hsr_slave_1: entered promiscuous mode
[ 1123.977273][T12719] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1123.998146][T12719] Cannot create hsr debugfs directory
[ 1124.033619][ T1005] bridge_slave_1: left allmulticast mode
[ 1124.039327][ T1005] bridge_slave_1: left promiscuous mode
[ 1124.060781][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.080060][ T1005] bridge_slave_0: left allmulticast mode
[ 1124.085751][ T1005] bridge_slave_0: left promiscuous mode
[ 1124.092014][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.106288][ T1005] bridge_slave_1: left allmulticast mode
[ 1124.113325][ T1005] bridge_slave_1: left promiscuous mode
[ 1124.119084][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.128963][ T1005] bridge_slave_0: left allmulticast mode
[ 1124.143423][ T1005] bridge_slave_0: left promiscuous mode
[ 1124.149189][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.178942][ T1005] bridge_slave_1: left allmulticast mode
[ 1124.190579][ T1005] bridge_slave_1: left promiscuous mode
[ 1124.196342][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.208324][ T1005] bridge_slave_0: left allmulticast mode
[ 1124.217459][ T1005] bridge_slave_0: left promiscuous mode
[ 1124.224297][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.267187][ T1005] bridge_slave_1: left allmulticast mode
[ 1124.273101][ T1005] bridge_slave_1: left promiscuous mode
[ 1124.280806][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.296261][ T1005] bridge_slave_0: left allmulticast mode
[ 1124.304747][ T1005] bridge_slave_0: left promiscuous mode
[ 1124.310744][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.323298][ T1005] bridge_slave_1: left allmulticast mode
[ 1124.328971][ T1005] bridge_slave_1: left promiscuous mode
[ 1124.335362][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.346869][ T1005] bridge_slave_0: left allmulticast mode
[ 1124.352640][ T1005] bridge_slave_0: left promiscuous mode
[ 1124.360006][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.567415][ T1005] bond0 (unregistering): Released all slaves
[ 1124.688877][ T1005] bond0 (unregistering): Released all slaves
[ 1124.760433][T10008] Bluetooth: hci6: command tx timeout
[ 1124.828840][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1124.843329][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1124.854557][ T1005] bond0 (unregistering): Released all slaves
[ 1124.957461][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1124.972882][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1124.983729][ T1005] bond0 (unregistering): Released all slaves
[ 1125.092335][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1125.105348][ T1005] bond0 (unregistering): Released all slaves
[ 1125.151337][T12880] team0: Port device team_slave_0 added
[ 1125.336024][T12880] team0: Port device team_slave_1 added
[ 1125.397936][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1125.404404][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1125.590288][T12880] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1125.597286][T12880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1125.626874][T12880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1125.667094][ T1005] hsr_slave_0: left promiscuous mode
[ 1125.680934][ T1005] hsr_slave_1: left promiscuous mode
[ 1125.701622][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1125.719899][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1126.377907][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1126.422352][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1126.623569][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1126.656642][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1126.830286][T10008] Bluetooth: hci6: command tx timeout
[ 1126.997030][T12880] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1127.006453][T12880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1127.033989][T12880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1127.318582][T12880] hsr_slave_0: entered promiscuous mode
[ 1127.351462][T12880] hsr_slave_1: entered promiscuous mode
[ 1127.357855][T12880] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1127.389773][T12880] Cannot create hsr debugfs directory
[ 1127.787189][T13037] chnl_net:caif_netlink_parms(): no params data found
[ 1128.255593][T10010] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1128.264590][T10010] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1128.272887][T10010] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1128.281613][T10010] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1128.290486][T10010] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1128.510947][T13037] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1128.518166][T13037] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.560027][T13037] bridge_slave_0: entered allmulticast mode
[ 1128.568073][T13037] bridge_slave_0: entered promiscuous mode
[ 1128.586505][T13101] lo speed is unknown, defaulting to 1000
[ 1128.603643][T13037] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1128.617788][T13037] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1128.626974][T13037] bridge_slave_1: entered allmulticast mode
[ 1128.637082][T13037] bridge_slave_1: entered promiscuous mode
[ 1128.802632][T13037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1128.886958][T13037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1128.910163][T10008] Bluetooth: hci6: command tx timeout
[ 1128.976469][T13037] team0: Port device team_slave_0 added
[ 1129.003585][T13037] team0: Port device team_slave_1 added
[ 1129.116653][T13037] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1129.147501][T13037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1129.196130][T13037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1129.213593][T13037] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1129.220868][T13037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1129.248433][T13037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1129.269316][T12880] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1129.328829][T12880] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1129.363739][T12880] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1129.449343][T12880] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1129.556749][T13037] hsr_slave_0: entered promiscuous mode
[ 1129.570991][T13037] hsr_slave_1: entered promiscuous mode
[ 1129.590479][T13037] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1129.598058][T13037] Cannot create hsr debugfs directory
[ 1130.025920][T13101] chnl_net:caif_netlink_parms(): no params data found
[ 1130.336171][ T1005] bridge_slave_1: left allmulticast mode
[ 1130.350270][T10008] Bluetooth: hci1: command tx timeout
[ 1130.355086][ T1005] bridge_slave_1: left promiscuous mode
[ 1130.370327][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.392556][ T1005] bridge_slave_0: left allmulticast mode
[ 1130.410558][ T1005] bridge_slave_0: left promiscuous mode
[ 1130.416351][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.623207][ T1005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1130.644362][ T1005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1130.668644][ T1005] bond0 (unregistering): Released all slaves
[ 1130.868632][T13101] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.878732][T13101] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.886533][T13101] bridge_slave_0: entered allmulticast mode
[ 1130.894727][T13101] bridge_slave_0: entered promiscuous mode
[ 1130.933496][ T1005] hsr_slave_0: left promiscuous mode
[ 1130.940212][ T1005] hsr_slave_1: left promiscuous mode
[ 1130.946274][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1130.955648][ T1005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1130.990113][T10008] Bluetooth: hci6: command tx timeout
[ 1131.185238][ T1005] team0 (unregistering): Port device team_slave_1 removed
[ 1131.250467][ T1005] team0 (unregistering): Port device team_slave_0 removed
[ 1131.518391][T13101] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1131.530848][T13101] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1131.538076][T13101] bridge_slave_1: entered allmulticast mode
[ 1131.546428][T13101] bridge_slave_1: entered promiscuous mode
[ 1131.562714][T12880] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1131.704399][T13101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1131.766952][T13101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1131.824521][T12880] 8021q: adding VLAN 0 to HW filter on device team0
[ 1132.016781][T13101] team0: Port device team_slave_0 added
[ 1132.062570][T13101] team0: Port device team_slave_1 added
[ 1132.134717][ T6050] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1132.141934][ T6050] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1132.205306][T13101] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1132.222272][T13101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1132.250593][T13101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1132.285545][ T4181] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1132.292753][ T4181] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1132.321060][T13101] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1132.328013][T13101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1132.356110][T13101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1132.430255][T10008] Bluetooth: hci1: command tx timeout
[ 1132.498550][T13101] hsr_slave_0: entered promiscuous mode
[ 1132.513472][T13101] hsr_slave_1: entered promiscuous mode
[ 1132.527911][T13101] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1132.535627][T13101] Cannot create hsr debugfs directory
[ 1132.735190][T13037] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1132.777168][T13037] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1132.844909][T13037] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1132.879119][T13037] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1133.331275][T12880] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1133.453583][T13037] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1133.544213][T13037] 8021q: adding VLAN 0 to HW filter on device team0
[ 1133.592017][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.599199][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1133.624062][ T7638] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.631262][ T7638] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1133.928582][T13037] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1133.977242][T13101] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1134.018143][T13101] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1134.055202][T13101] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1134.074222][T13101] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1134.313069][T12880] veth0_vlan: entered promiscuous mode
[ 1134.373040][T12880] veth1_vlan: entered promiscuous mode
[ 1134.468029][T12880] veth0_macvtap: entered promiscuous mode
[ 1134.510420][T10008] Bluetooth: hci1: command tx timeout
[ 1134.522704][T12880] veth1_macvtap: entered promiscuous mode
[ 1134.563389][T13101] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1134.575446][T12880] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1134.651515][T12880] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1134.668085][T13101] 8021q: adding VLAN 0 to HW filter on device team0
[ 1134.686690][T12880] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.708980][T12880] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.728970][T12880] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.739205][T12880] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.814230][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1134.821434][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1134.853861][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1134.861031][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1134.917214][T13037] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1135.077355][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1135.097213][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1135.201680][T13037] veth0_vlan: entered promiscuous mode
[ 1135.234997][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1135.253239][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1135.287532][T13037] veth1_vlan: entered promiscuous mode
[ 1135.366751][T13037] veth0_macvtap: entered promiscuous mode
[ 1135.433218][T13037] veth1_macvtap: entered promiscuous mode
[ 1135.543950][T13037] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1135.588071][T13037] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1136.649767][T10008] Bluetooth: hci1: command tx timeout
[ 1136.913300][T13241] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1137.952328][T13037] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.058791][T13037] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.092961][T13037] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.109908][T13037] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.888004][T13101] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1143.344347][ T6102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1143.352568][ T6102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1144.852313][ T6975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1144.974027][ T6975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1145.198413][T13298] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:16x16 (0x38415261, 8, 0, 0, 0)
[ 1148.012971][T13315] random: crng reseeded on system resumption
[ 1148.222075][T13318] xt_limit: Overflow, try lower: 65536/2147483648
[ 1148.399005][T13321] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1149.338702][T13101] veth0_vlan: entered promiscuous mode
[ 1149.535477][T13101] veth1_vlan: entered promiscuous mode
[ 1149.718406][T13326] random: crng reseeded on system resumption
[ 1150.448864][T13101] veth0_macvtap: entered promiscuous mode
[ 1150.669231][T13101] veth1_macvtap: entered promiscuous mode
[ 1151.981452][T13101] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1152.572052][T13101] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1152.644933][T13101] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.683294][T13101] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.206470][T13101] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.474120][T13101] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.571764][T13357] loop0: detected capacity change from 0 to 32768
[ 1157.837123][T13361] random: crng reseeded on system resumption
[ 1158.279649][T13357] 
[ 1158.279649][T13357]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.279649][T13357] 
[ 1158.373571][T13356] 
[ 1158.373571][T13356]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.373571][T13356] 
[ 1158.384758][T13356] 
[ 1158.384758][T13356]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.384758][T13356] 
[ 1158.395791][T13356] 
[ 1158.395791][T13356]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.395791][T13356] 
[ 1158.406706][T13356] 
[ 1158.406706][T13356]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.406706][T13356] 
[ 1158.417319][T13356] 
[ 1158.417319][T13356]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.417319][T13356] 
[ 1158.714292][  T111] 
[ 1158.714292][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.714292][  T111] 
[ 1158.840118][ T6051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1158.847998][ T6051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1158.858484][ T4181] 
[ 1158.858484][ T4181]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.858484][ T4181] 
[ 1158.907914][ T4181] 
[ 1158.907914][ T4181]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1158.907914][ T4181] 
[ 1159.221252][T11313] 
[ 1159.221252][T11313]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1159.221252][T11313] 
[ 1159.676584][  T111] 
[ 1159.676584][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1159.676584][  T111] 
[ 1159.907034][T11313] 
[ 1159.907034][T11313]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1159.907034][T11313] 
[ 1160.572889][T13375] random: crng reseeded on system resumption
[ 1160.741057][ T6975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1160.749330][ T6975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1161.541245][ T5831] IPVS: starting estimator thread 0...
[ 1161.641159][T13388] IPVS: using max 20 ests per chain, 48000 per kthread
[ 1161.876333][T13374] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 1164.370864][T13398] loop4: detected capacity change from 0 to 512
[ 1164.932725][T13398] EXT4-fs warning (device loop4): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1165.040052][T13398] EXT4-fs (loop4): mount failed
[ 1166.315920][T13419] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1170.702280][T13437] random: crng reseeded on system resumption
[ 1171.256730][T13448] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1414'.
[ 1171.771564][T13450] random: crng reseeded on system resumption
[ 1173.093955][T13459] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1175.388463][   T30] audit: type=1800 audit(1753312252.540:79): pid=13481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1426" name="bus" dev="overlay" ino=58 res=0 errno=0
[ 1178.507238][T13495] random: crng reseeded on system resumption
[ 1178.687062][T13496] loop5: detected capacity change from 0 to 128
[ 1178.826490][T13496] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1178.891228][T13496] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1179.079611][T13509] random: crng reseeded on system resumption
[ 1182.837399][T11315] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1184.905521][T13563] mmap: syz.8.1446 (13563) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1186.297650][T13567] random: crng reseeded on system resumption
[ 1186.860210][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1186.866534][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1189.176981][T13587] loop7: detected capacity change from 0 to 512
[ 1189.265354][T13587] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1190.319911][T13597] ptrace attach of "./syz-executor exec"[12880] was attempted by "./syz-executor exec"[13597]
[ 1191.114620][T13603] overlayfs: missing 'lowerdir'
[ 1192.530040][T13101] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1193.917581][T13619] loop7: detected capacity change from 0 to 40427
[ 1193.945400][T13619] F2FS-fs (loop7): invalid crc value
[ 1194.105816][T13619] F2FS-fs (loop7): Start checkpoint disabled!
[ 1194.136457][T13619] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1195.383439][   T30] audit: type=1804 audit(1753312272.270:80): pid=13634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1461" name="/newroot/11/file0/file0" dev="loop7" ino=10 res=1 errno=0
[ 1195.640686][T13633] uprobe: syz.7.1461:13633 failed to unregister, leaking uprobe
[ 1198.080798][ T6051] kworker/u8:11: attempt to access beyond end of device
[ 1198.080798][ T6051] loop7: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 1198.810391][ T6051] kworker/u8:11: attempt to access beyond end of device
[ 1198.810391][ T6051] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1198.936956][ T6051] CPU: 1 UID: 0 PID: 6051 Comm: kworker/u8:11 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[ 1198.937009][ T6051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1198.937035][ T6051] Workqueue: writeback wb_workfn (flush-7:7)
[ 1198.937088][ T6051] Call Trace:
[ 1198.937100][ T6051]  <TASK>
[ 1198.937114][ T6051]  dump_stack_lvl+0x16c/0x1f0
[ 1198.937156][ T6051]  f2fs_handle_critical_error+0x621/0x9f0
[ 1198.937216][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.937269][ T6051]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1198.937328][ T6051]  f2fs_write_end_io+0x785/0xc20
[ 1198.937392][ T6051]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1198.937458][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.937514][ T6051]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1198.937574][ T6051]  bio_endio+0x70d/0x850
[ 1198.937624][ T6051]  submit_bio_noacct+0x56d/0x1eb0
[ 1198.937693][ T6051]  __submit_merged_bio+0x33c/0x770
[ 1198.937760][ T6051]  __submit_merged_write_cond+0x319/0x3f0
[ 1198.937834][ T6051]  f2fs_write_cache_pages+0x2067/0x2570
[ 1198.937904][ T6051]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1198.937946][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.937996][ T6051]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1198.938039][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938084][ T6051]  ? __lock_acquire+0xb8a/0x1c90
[ 1198.938173][ T6051]  ? find_held_lock+0x2b/0x80
[ 1198.938244][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938289][ T6051]  ? __percpu_counter_sum+0x1f0/0x280
[ 1198.938394][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938439][ T6051]  ? lock_acquire+0x179/0x350
[ 1198.938475][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938528][ T6051]  f2fs_write_data_pages+0x4ad/0xd90
[ 1198.938579][ T6051]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1198.938633][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938677][ T6051]  ? __lock_acquire+0xb8a/0x1c90
[ 1198.938740][ T6051]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1198.938784][ T6051]  do_writepages+0x27a/0x600
[ 1198.938831][ T6051]  ? __pfx_do_writepages+0x10/0x10
[ 1198.938872][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.938917][ T6051]  ? reacquire_held_locks+0xcd/0x1f0
[ 1198.938978][ T6051]  ? writeback_sb_inodes+0x3a4/0xf90
[ 1198.939023][ T6051]  __writeback_single_inode+0x160/0xfb0
[ 1198.939069][ T6051]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1198.939110][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939153][ T6051]  ? do_raw_spin_unlock+0x172/0x230
[ 1198.939197][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939254][ T6051]  writeback_sb_inodes+0x601/0xf90
[ 1198.939316][ T6051]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1198.939360][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939403][ T6051]  ? mark_held_locks+0x49/0x80
[ 1198.939524][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939569][ T6051]  ? rcu_is_watching+0x12/0xc0
[ 1198.939618][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939666][ T6051]  ? queue_io+0x3f6/0x520
[ 1198.939706][ T6051]  wb_writeback+0x419/0xb70
[ 1198.939759][ T6051]  ? __pfx_wb_writeback+0x10/0x10
[ 1198.939796][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939854][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.939899][ T6051]  ? mark_held_locks+0x49/0x80
[ 1198.939967][ T6051]  wb_workfn+0x14d/0xbe0
[ 1198.940015][ T6051]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1198.940082][ T6051]  ? __pfx_wb_workfn+0x10/0x10
[ 1198.940128][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940178][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940234][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940278][ T6051]  ? rcu_is_watching+0x12/0xc0
[ 1198.940334][ T6051]  process_one_work+0x9cf/0x1b70
[ 1198.940395][ T6051]  ? __pfx_process_one_work+0x10/0x10
[ 1198.940436][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940492][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940537][ T6051]  ? assign_work+0x1a0/0x250
[ 1198.940578][ T6051]  worker_thread+0x6c8/0xf10
[ 1198.940642][ T6051]  ? __pfx_worker_thread+0x10/0x10
[ 1198.940683][ T6051]  kthread+0x3c5/0x780
[ 1198.940721][ T6051]  ? __pfx_kthread+0x10/0x10
[ 1198.940759][ T6051]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1198.940804][ T6051]  ? rcu_is_watching+0x12/0xc0
[ 1198.940853][ T6051]  ? __pfx_kthread+0x10/0x10
[ 1198.940891][ T6051]  ret_from_fork+0x5d7/0x6f0
[ 1198.940948][ T6051]  ? __pfx_kthread+0x10/0x10
[ 1198.940984][ T6051]  ret_from_fork_asm+0x1a/0x30
[ 1198.941052][ T6051]  </TASK>
[ 1199.623676][ T6051] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1205.048909][T13691] loop0: detected capacity change from 0 to 16
[ 1205.310648][T13691] erofs (device loop0): mounted with root inode @ nid 36.
[ 1205.997018][T13702] syz.0.1479: attempt to access beyond end of device
[ 1205.997018][T13702] loop0: rw=0, sector=48, nr_sectors = 16 limit=16
[ 1206.011723][T13702] erofs (device loop0): read error -5 @ 43 of nid 36
[ 1206.056960][T13702] syz.0.1479: attempt to access beyond end of device
[ 1206.056960][T13702] loop0: rw=0, sector=48, nr_sectors = 16 limit=16
[ 1206.071551][T13702] erofs (device loop0): read error -5 @ 43 of nid 36
[ 1207.245125][T13704] loop7: detected capacity change from 0 to 64
[ 1208.738824][T13716] loop0: detected capacity change from 0 to 2048
[ 1209.642735][T13716] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1209.767112][T13716] NILFS (loop0): bad btree root (ino=6): level = 0, flags = 0x7, nchildren = 0
[ 1209.776463][T13716] NILFS (loop0): ifile inode (checkpoint number=2) corrupted
[ 1209.785643][T13716] NILFS (loop0): error -5 while loading last checkpoint (checkpoint number=2)
[ 1212.786669][T13733] loop8: detected capacity change from 0 to 512
[ 1213.475296][T13733] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1214.574584][T13750] overlayfs: missing 'lowerdir'
[ 1215.912608][T12880] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1216.817630][T13761] loop3: detected capacity change from 0 to 65536
[ 1216.863765][T13759] loop8: detected capacity change from 0 to 512
[ 1216.911973][T13759] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[ 1216.919388][T13759] UDF-fs: Scanning with blocksize 512 failed
[ 1216.960851][T13761] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1217.033395][T13761] XFS (loop3): Ending clean mount
[ 1217.075635][T13759] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[ 1217.352415][T13759] UDF-fs: Scanning with blocksize 1024 failed
[ 1217.404945][T13759] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found
[ 1217.690560][T13774] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x139/0x1e0, xfs_agf block 0x1 
[ 1217.701769][T13774] XFS (loop3): Unmount and run xfs_repair
[ 1217.707573][T13774] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[ 1217.715157][T13774] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[ 1217.724185][T13774] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[ 1217.733166][T13774] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[ 1217.742154][T13774] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[ 1217.754209][T13774] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[ 1217.765935][T13774] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[ 1218.009765][T13774] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1218.018743][T13774] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1218.028020][T13774] XFS (loop3): metadata I/O error in "xfs_read_agf+0x290/0x560" at daddr 0x1 len 1 error 74
[ 1218.149817][T13759] UDF-fs: Scanning with blocksize 2048 failed
[ 1218.189868][T13774] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[ 1218.204601][T13774] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[ 1218.269124][T13759] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1218.415479][T13037] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1218.469772][T13759] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1219.891164][T10010] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1219.903967][T10010] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1219.920362][T10010] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1219.928774][T10010] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1219.936812][T10010] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1221.663986][T13810] random: crng reseeded on system resumption
[ 1221.766690][ T6077] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1222.041724][T10008] Bluetooth: hci4: command tx timeout
[ 1222.062305][T13815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1499'.
[ 1224.674073][T10010] Bluetooth: hci4: command tx timeout
[ 1224.751905][T10010] Bluetooth: hci5: command 0x0406 tx timeout
[ 1224.761300][T13820] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1224.823620][ T6077] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1225.185452][T13792] lo speed is unknown, defaulting to 1000
[ 1228.459793][T10008] Bluetooth: hci4: command tx timeout
[ 1228.620145][T13833] loop4: detected capacity change from 0 to 32768
[ 1229.500113][T13833] 
[ 1229.500113][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.500113][T13833] 
[ 1229.539922][T13833] 
[ 1229.539922][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.539922][T13833] 
[ 1229.550567][T13833] 
[ 1229.550567][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.550567][T13833] 
[ 1229.561200][T13833] 
[ 1229.561200][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.561200][T13833] 
[ 1229.571984][T13833] 
[ 1229.571984][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.571984][T13833] 
[ 1229.582496][T13833] 
[ 1229.582496][T13833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.582496][T13833] 
[ 1229.646433][  T110] 
[ 1229.646433][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1229.646433][  T110] 
[ 1230.000194][ T6106] 
[ 1230.000194][ T6106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1230.000194][ T6106] 
[ 1230.509803][T10008] Bluetooth: hci4: command tx timeout
[ 1230.918737][ T6106] 
[ 1230.918737][ T6106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1230.918737][ T6106] 
[ 1230.949937][T10002] 
[ 1230.949937][T10002]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1230.949937][T10002] 
[ 1231.096380][T10002] 
[ 1231.096380][T10002]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1231.096380][T10002] 
[ 1231.112056][ T6077] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.190041][  T110] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI
[ 1231.202149][  T110] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[ 1231.210566][  T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(full) 
[ 1231.222381][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1231.232455][  T110] RIP: 0010:write_special_inodes+0xa9/0x170
[ 1231.238367][  T110] Code: 2e e8 0b 15 40 08 48 8d 7b 28 48 89 f8 48 c1 e8 03 80 3c 28 00 0f 85 b1 00 00 00 4c 8b 6b 28 49 8d 7d 30 48 89 f8 48 c1 e8 03 <80> 3c 28 00 0f 85 8e 00 00 00 49 8b 7d 30 2e e8 d3 14 40 08 48 8d
[ 1231.257999][  T110] RSP: 0018:ffffc90002727bd8 EFLAGS: 00010216
[ 1231.264075][  T110] RAX: 0000000000000006 RBX: ffff888031e1e000 RCX: ffffffff81f0bd0e
[ 1231.272049][  T110] RDX: 0000000000000000 RSI: ffffffff81f0bcc1 RDI: 0000000000000030
[ 1231.280030][  T110] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1231.288005][  T110] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81f18430
[ 1231.295977][  T110] R13: 0000000000000000 R14: ffff88807d3d9800 R15: ffffc90002729112
[ 1231.303951][  T110] FS:  0000000000000000(0000) GS:ffff888124727000(0000) knlGS:0000000000000000
[ 1231.312882][  T110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1231.319488][  T110] CR2: 0000200000003000 CR3: 000000007c1ba000 CR4: 0000000000350ef0
[ 1231.327484][  T110] Call Trace:
[ 1231.330765][  T110]  <TASK>
[ 1231.333713][  T110]  lmLogSync+0xd2/0x820
[ 1231.337920][  T110]  ? __pfx_lmLogSync+0x10/0x10
[ 1231.342741][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1231.348413][  T110]  ? find_held_lock+0x2b/0x80
[ 1231.353120][  T110]  jfs_syncpt+0x89/0xa0
[ 1231.357295][  T110]  txEnd+0x30a/0x5a0
[ 1231.361227][  T110]  jfs_lazycommit+0x783/0xb30
[ 1231.365958][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[ 1231.371203][  T110]  ? __pfx_default_wake_function+0x10/0x10
[ 1231.377025][  T110]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1231.382231][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1231.387875][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1231.393522][  T110]  ? __kthread_parkme+0x19e/0x250
[ 1231.398581][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[ 1231.403801][  T110]  kthread+0x3c5/0x780
[ 1231.407875][  T110]  ? __pfx_kthread+0x10/0x10
[ 1231.412479][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1231.418142][  T110]  ? rcu_is_watching+0x12/0xc0
[ 1231.422919][  T110]  ? __pfx_kthread+0x10/0x10
[ 1231.427514][  T110]  ret_from_fork+0x5d7/0x6f0
[ 1231.432137][  T110]  ? __pfx_kthread+0x10/0x10
[ 1231.436735][  T110]  ret_from_fork_asm+0x1a/0x30
[ 1231.441522][  T110]  </TASK>
[ 1231.444543][  T110] Modules linked in:
[ 1231.449117][  T110] ---[ end trace 0000000000000000 ]---
[ 1231.516432][  T110] RIP: 0010:write_special_inodes+0xa9/0x170
[ 1231.551001][  T110] Code: 2e e8 0b 15 40 08 48 8d 7b 28 48 89 f8 48 c1 e8 03 80 3c 28 00 0f 85 b1 00 00 00 4c 8b 6b 28 49 8d 7d 30 48 89 f8 48 c1 e8 03 <80> 3c 28 00 0f 85 8e 00 00 00 49 8b 7d 30 2e e8 d3 14 40 08 48 8d
[ 1231.774903][  T110] RSP: 0018:ffffc90002727bd8 EFLAGS: 00010216
[ 1231.805357][  T110] RAX: 0000000000000006 RBX: ffff888031e1e000 RCX: ffffffff81f0bd0e
[ 1231.830661][  T110] RDX: 0000000000000000 RSI: ffffffff81f0bcc1 RDI: 0000000000000030
[ 1231.847119][ T6077] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.866857][  T110] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1231.893983][  T110] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81f18430
[ 1231.913560][  T110] R13: 0000000000000000 R14: ffff88807d3d9800 R15: ffffc90002729112
[ 1231.935997][  T110] FS:  0000000000000000(0000) GS:ffff888124727000(0000) knlGS:0000000000000000
[ 1231.946183][  T110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1231.965300][  T110] CR2: 00002000007bd000 CR3: 000000007e770000 CR4: 0000000000350ef0
[ 1231.984529][  T110] Kernel panic - not syncing: Fatal exception
[ 1231.990829][  T110] Kernel Offset: disabled
[ 1231.995154][  T110] Rebooting in 86400 seconds..