last executing test programs:

19m13.095700567s ago: executing program 32 (id=7359):
open(&(0x7f0000000240)='./file0\x00', 0x141bc2, 0x3a)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}]}})

13m4.699308607s ago: executing program 33 (id=11099):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0xc0041)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xd, "fee8a2a478fc179fd2f8dda1af1ea89de2b7fb0a0100000000000000000300000000000004000000000000000000000000000500", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591)

12m6.652345464s ago: executing program 34 (id=11504):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000005e0001002cbd7000fddbdf2500000000", @ANYBLOB='\''], 0x1c}, 0x1, 0x0, 0x0, 0x2404a985}, 0x4000800)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

10m23.068981143s ago: executing program 35 (id=12524):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

10m10.390903408s ago: executing program 36 (id=12510):
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

4m3.203056642s ago: executing program 37 (id=16038):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000023c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

3m47.380045766s ago: executing program 38 (id=16170):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="28002d8004"], 0x44}}, 0x0)

3m30.686030931s ago: executing program 39 (id=16316):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="0600150008001000040016"], 0x3c}}, 0x0)

3m23.434295402s ago: executing program 40 (id=16366):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x6000, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

2m51.341867915s ago: executing program 6 (id=16667):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8008, &(0x7f0000000200)={[{@compress}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@discard}, {@space_cache_v1}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55be, &(0x7f0000005600)="$eJzs3X9sXWX9B/Bzb9etK9+1JexbB2RlGyDZItK5aUIgsWObTgvLlU7YhKw/cASd0zo2XIWwIsYZGKGzhjFYYcHtjylC0XUOxVjArqL7hWAyXVQwW1wzRooTERMW03vvubv33LW9m0pxvl5Le85zP+d57nNPzh/3fdfn3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCIPjd8Xum3fVA7fjtN9U+eNEN5695pGvx8Uvv3Fq5+dHtY/a1v/jFo5UrW44smX/bQ4nGx9f3dXUEQSzZL5buX3/VvGtvrqu/piQcsOFTqW1FxWBPmer6SqoxOufBgX65P41BEBRHBihKb+emd+I5A2R2l+cPOKQbJ3a3TBk3t2Hbis6NLyy9ekv+S2dAyUhPYKSkr6uDJ66lmuTveOSITDvr0ovlXKKp/tEL7l15EQDAKalOJDeZt6Ppt7iZdmu0HmnXRNptkXb4DqEtu3E6UuOOHmyek6L1EZpnTSoqjBl0npF6+vxn2olo/0g7EjVOYZ65h6YjTclg82yO1EdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvJZfcPKNu757HXvtCy69+/dhbX3vjw0dWNtzR31V32dpFT7Xv+Nafj1aubDmyZP5tDyUaH1/f19URBBXJfrFU99jzlfH4jP7abU+u66muf9+C1UXpccPtqKyDg/3hzuXlQdCUVTkYDttXFgSJ3EKyGWzIL3wuufOJsAAAAMCZ5Nzk73imnYqDxTntWDJNxpL/QqmweOPE7pYp4+Y2bFvRufGFpVdvOf3xEoOMV3PS8TLtihM/saxgHMbf6Hgn6uGhy/PGGVp0xGieP/tY39Sm2ltKrt19yYLps+q2XBn8YNrh9mULHxz/yrjF+9qq8/J/xdD5Pzxz8j8AAAD/Cvk/Os7Qhsv/TdXlEw9O+WbRkzdVHj887+Efd/S+9Ez80eL+rudeHT32rp+tysv/k3KeMi//hzMO8388OL38DwAAAO9l/+n8X5M3ztCGy/8/2b/50/9Y8ZXJh6f/fcfLz/3m8q2Ty+a9WTr9lneenv96/a7W3+fl/+rC8v+o7GmHD+4KJ7y0PAiqCz+pAAAAQI7w/91PfLQQ5vXUJwfRvH7VfaXP7Hp7/a3x85r/es6ivplVn9296ssbNsX6N3Ss3bFszvK8/F9TWP4vfndeLgAAAFCAX26/4/6qzy/eumXPodk77k1sHn3FnDf2/LDjut7XjiWKXrq9Ny//JwrL/2NG5uUAAAAAJ/Hs2AkvHnri0Jdm7V4zfu/K1tlPTd23asHDf5v1l2te/cPxTZeW5eX/hsLyf2l6m175kOq0M/wrhPbyICgZ2GlOFXqDto9mCgAAAMDJrfvpKXYIc3pj49qenetHzXzz/MPfXb182c/3Xvn1+zZW3X7gF5V3X3hsf8+tefm/eej7/4d3OgjX/+fc/y9v/X9WIXXXvyvcGAAAAID/Rfnr+cPb46e+uWCw798vdP3/B889MKa96eKKSfFtVTOf/v/e69ZUvbWw/bKPbL/z7ffHyv70sbz831pY/i/K3v47v/8PAAAATsN/2/f/LcobZ2jD3f+/d+zzF6z+5Lrv1Hy19NkL37m/6RttB6ddtHnqOR8ourhr9ozffjsv/7cVlv/D7VnZL687PD93lwfBhIGd9N0Et4bTXRopdBZnFVInPtKjLuyRLnSOySokNUd6fKg8CCYP7LRGCmeHhbZIob8sXdgUKewNC+nrIVN4IlLoDq+0B8rS040WfhQW0gssOsMVFGdllkREehwbrMdA4aQ9DmSeHAAA4Iw3Kms/DM/pLFuc2wyiUbYzNtwBpcMdEB/ugKLhDhgVOSB64GCPBw25hfDx78/pWvL6DY/U9lxff/S8WXsW39P6f90Le3Z+5nvdF/zx+pcXfDwv/28qLP+Hp2J0ajPY+v8gXP+f/l7DzPr/hrBQESl0hoVE9I4BifA5UmH33vA5KhLpHv0TMgUAAAA4o4WfCxSN8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCf7N17nFTVnSDw000/6KZpOmLAGCOoEdFdmqYJBhFHFN3V6GITyeqYITRCox3agAKuGLPia1wluhg1JkZ28OOoicMqPog6USE6YpJRSXzOis9BJ7LqEnTUOCbLfrpvnaLqVpddCCjtfr9/dJ2q33neenSde2+dCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPz/4bIl9za8OfB/feuX31v3+ve+NPU3Uw/ZvMtfbqh7d8g5T20+aHDdLW8NWrDwjbZJZ17bMn35NRtWLg2hpatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3K1JuJh36df8ozdy6Mrb7aP4S7y0KoSAdG1CWBysz9uljfHnUhfC5sCWRLtNUmJdINh4drQlgWtgSyVd1bE0JdTmDKEw+uuqwzcVVNCPuGEKrTbbxQnbRRkw4Mq0oCtenAnIok8P7mRDZwT3kSgK1R1d2D8c2QfdGvaMnP0NB9ZUVef5Uft3M7mfTw+sREQ/F8bx22gzuVo+C5bNmmp63blwbbXcHbY7V3Wy94txVs5yWettwvUplvKJu3hKpD+cy2WdMXdMyPj5SHxsY+xWraQc/zuk3nzNiadK95HcYONGyX1+EDtZPqL3t74sErT/7j6fvOXzt1W7v5XM4mzU3vaNUh85rrNc9jNOHT+zzZvC2Ft6+d/Wkr+JY01JeuEMLxf/p82TNzXtp94wevnjjx9hcuvnrawmumTHx20C/G/uO1u9w97fKC+X/DR8//48s53pbn5Y6tflifzM3jI3UxsbE+mZsDAABAr9Eb9pp+dfSrL5360N2LXlx+XMV3x/3qpN3qK87+fsfxu64c/8VLr2x/fJeC+f/Q0o7/x0P+dbmjXR3ChK7EBQNC2K3r8STws9idkweEsFdXqiU/cFgqsDqEL3Ql9s9WlSrRN5YYmgr8vj4TmJAKrImBllTgxhhYkgpcGAMrUoEZMbA6FTg8BkJ7/jgOqM+Mo+RATQy0JhtxRTwL4Z362FpqW63LVgUAALCdZGaHlfl3c8512NYMcXq5oqanDPEM7KIZqlM1pGew2WlV0RoqeqqhvKcasuNe9NHDL6i5rKeaC07DKMvP8OGQ75QPmLj3j+66ccRNzS9O/O67Y4//yp/ffHf1/v/03+85Z/51BxTM/5s+ev5f3U1HygqO/4cwuetvzF2eiXRk460teRkAAACAbXDVY0ufvOGAo/7PfS/fd+eXrr2hfPXVX/+/r2y8YO9Rxw0v6/t3315RMP+fUNr5/3GfSJ+czOHRuBti9oAQmvIDSbUHFwaSo979MgEAAADoDbLH47PHwtszt8kp2un5dGH+lq3MHw/8T+g2/+Wb/vrZL1/75IkLh+2z4Yr/duYHZZ8f+7tdjl078vG39hz2Dw19C8//bynt/P/a/NukE2tiL64cEELfnMAjsZedgS5DY+DlQ/MDmfGviRtgcawqc2JCtqrFsURrDDSlAsuKlfhttsRu+YHMk5Vt/ILsONozJXICAAAA8ImLuwPicfl4/v89kw/40v6DXhrz4p73LnxtwtITTq394T637Pr6gI5JYw6ccMgRzxTM/1u37vz/rnlwwen9Hf1CGFkRQp/0DwMerU0WBoyBurJM4v7apK4+6arOqw1hfOfA0lW9kln/vyK9xuATNUlVMbDb3j/dNKwzcUNNCCNzA8988/oxnYn5qUC28W/UhDCkc7Tpxlf2TRqvTDd+Td8Q9swJZKs6uW8InY1Vpat6sDpzHYN0VbdVhzAwJ5Ct6sDqEBYGAHqp+K90Zu6D8xaePXt6R0fbGTswEffh14RZ7R1tjTPmdMysLtKnmak+5y1jdF7hmEq98s3zmSWKpg65fXgp6ezvBJty28rsxy84cTBzP34XquwaZ3Nl3t3R6SEP36ewiZDzTarYkMt38JBrcyvZ8iQW1B/zV4V+oe+CeW1nNJ41ff78M0Ylf0vN3pz8jYeZkm01Kr2tarvrWwkvj6KrZaV83G21X24lI+efNnfkvIVnj2g/bfopbae0fad57Kjm5jFfHTumeWTnqJqSvz0Mdb/uqk4NdfP1JY5rOw5194qcSj6JTw0JCYnelpi+pOz8CdN+ff+39lhz2lkn7fH3e8wccdJfXf6buSc2HjL5V9f/5dqC+f/cj57/x0+d+MmfWZ+h2PH/hniYP3l8y2H+1hhYVurx/4ZiR/OzJwYMTQUWxcAih/kBAAD4bIi7I+PezLhX+rq6f7r7yJkzDnn/lydMufpvx4479az1+zZcfPWxS/7D+neWrDri7YL5/6LSfv+/ndb/zy5d/7Viy/zvH0s0FVv/P73Mf3b9/0XF1v9PL/OfXf9/2aew/v+CbCC1Sd6x/j8AAPBZ8Mmt/9/j8v7pCwQUZMhd3r+ilAsEFGTocRn/Ui8QsNXr/8/p+IvaQZfPGXfoiLk/fmTV3ksG3val5yf+ep+lB424d+Ut7426tWD+v6S0+b+F+wEAAGDn8dAv+3774neH3f/UI+8fWXbpbzfedPxftR1wyB8GNp8y+eia79/0bwXz/2Wlzf8/+fX/QrHz/4cWC7QUWxjQ+n8AAAD0UsXW/7t54MtDV88fceNjP3/zlpdafzFz/Gv/bskPvjJ9WNPNa9b9pmHG+oL5/4rS5v/xtIvyvNyxNx/WJ2vahfSadhvrsz8ZAAAAgN6hPDQ2VpaYN29l1MM+fpvrMkuBflQ619P3DVq1oPyhq8qqN/7gkmmHNJ577Jlzjrxo/fdrn/xJ7dTG6jMK5v+rS5v/5/0u44HaSfWXvT3x4A9XnvzH0/edv3bqluP/AAAAwI5T6n4JAAAAAAAAAAAAAADg0/dU69KDPhh19Bsz9xr1p28c+8IPFn/xm4/8zbV/PvPnh9+3V/vmYVMKfv8fJneVK/b7/3jdv/j7gl3zcsdWe17/L3N/yjG3LuxasvDR+hD2yQ3MPn/250Lm2vz75QZWTd1/cGfi/HSJ+148/LXOxLR04KgRu7zXmRifCrTGRRK/kA7Eqyq+1z8ViMsrPpkOxO2xIh2oygQu6Z+Moyy9rTbUJduqLL2tnqsLYUBOILut7q5L2ihLD/CqVCA7wNPTgTjASZlAebpXt/ZLehUDdbHo3/RLegUAwE4rfgusDLPaO9qa4lf4eLt7Rf5tlLdk2XmF1ZaV2PzzmaXJpg65fXgp6T7p76JbrjVeGao7hzCq4OtqbpayrlFun1p62HS7FhlyT6u9lRcpl7a1m66q+IhqkhE1zpjTMbOyx4GP7jlLc0WPWUYVTHZys5R3bdISaimhLyWMqMRtU0KX4/3y0NjYJ5VrXAw2hDw9vSJK/b1+7jp/xV4FuXn+tubaS/sM7vP+v42/6KEHB1R2nDq57aLdH/vngaNm/viHD7Ze8/uC+X9DafP/6txxvZe5GMCieGW9gweE0FriiAAAAOCz73+eu/yOE+es2TBrdcWzv/vd7PLjTqzcfM5d55x90XP3Lz7qkn9/87bGV5Q9tenENzad9ddv/OQr1z181kuHzzjrrknrDlnfVn3jd/9i+alDCub/Q0ub/8c9WJlDwcnejtXx+v8XDAih69L6DUngZ3G4Jw8IYa+uVEsskVxQ/2uxRFMS+FncYbJ/LNHakl9V3xhYkQr8vj4TWJ0KrImBzF6Kn4bMrpwr6kMY05WanF9ibizRkAocFwNDU4HG+oeTQFMq0D+WmJAKvNk/E2hJBf4xBkJ7/ra6s39mWwEAAGyNzDyrMv9uSM/zVlT0lKGspwy1PWUo7ylDdU8Zio0i3r8jZqhMnbxSlpOpMl1rTaqWggzxYvhb3a+CDOG3+TnTBQuajucfZM83KMvPMO6Hd7Qe9LV5P9508Y8eP/LAC49ccuXblx7db/CVz/7v9nP79d9UWzD/bypt/l+bf5u0vibO/7dc/y8JPBK7d2U8dXxoDLx8aH4gs2NgTZzsLs5W1ZIpkZm0L44lJsTA0FRgbgxMSAVaJ2cCywbnBzIz7WzjF2Qbb8+UyAkAAADAJy7uIIi7aeL8f+W48M4eR77fvPuVA+eOe/yR846YXrNrdc0/j1+7dPyl1Q/t17dg/j+htPl/bK9fbmMXxt682j+Eu8u29CYbGFGXBOJ+jLr48/g96kL4XM4OjmyJttqkRFWq4fBwTfIL9ap0VffWJGsMxPtTnnhw1WWdiatqQtg3Z+9Lto0XqpM2atKBYVVJoDYdmFORBOKen2zgnvIkANssu1cwvqAyp7pkNXRfrsjr77NyTdD08Ar2gXaTr7vfXO0o1ekHMvtUs7buaSuojh2i4O2x2rutN77bGrzbcr9IZb6hbN4Sqg7lM9tmTV/QMT8+kvtL1gI76HnO/ZVqKent8Dpc9PF727PqdAeaUh8fTd2X6/51WBare6B2Uv1lb088eOXJfzx93/lrp5bcjSLiD4UPvnXuAc/lbN4drTpkXnO97vOkxedJb/w3MNTTFkJYfsGsJ5/4l/efr1jf/F8OHLv8tjcfW/6Tgx6YNeILGy758sa33j2qYP7fUtr8vyJ12+WDuDHnDQhheM7GfTRu/okDks/BnEDyKTmwMJAccl9fX/STEwAAALa37O6O7P6C9sxtckJ4ep5cmL9lK/PH/RUTus1far8HjvmH7x161evf+Pr63S9/dOlT6/7Tm68cMe3QBzY9vWLl683Hfv7pgvl/60fP//umuun4v+P/7CCO/3drZ98V3Tf9wKJt2hVdUB07hOP/3drZ322O/3fL8X/H/7vj+H8PHP/v1s7+tBV8S5rrS1cIoXXADbf/onb68H5XnPOtGWt//vQ7TeNeqDv36Dv/x+GLwzXnrfpzwfx/bmnzf+v/db9oX2MMtBZb/29usfX/Fln/DwAA2KGKLDSXnucVrN5XkCG9el9Bhh4XCOxxiUHr/231+n+1J5190iv1b+11zcTb//Od0y98/qQTn923z/Mn3H7CTSOvHv7SlzcUzP8XlTb/jy+Hfrmt95b1/4ZOLlLVkhiYa2FAAAAAdkbFdhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw6Vrx4OIvbl68z0E3Pfv5mw7/12VrZu39qwM2jx5zcuPwxQPLrvy7f3lr0IKFb7RNOvPalunLr9mwcmkI7V3lypLiZQ8NKi8f/Ydj7rrtioebpg2ecm51pt7KzO0X83LHVj+sD2FZziN1MbGxvvPOlsCUY25dWNGZeLQ+hH1yA7PPn/25zsSN9SHslxtYNXX/wZ2J89Ml7nvx8Nc6E9PSgaNG7PJeZ2J8JlCW7u51/ZPulqW7e1n/EAbkBLLd/Xb//KqybfzHTKA83cbNdUkbMVAXi/6oLmkjBjpiifa+IYysCKFPuqpfVydV9UlX9ffVSVV90lX91+oQxocQKtJVvViVVFWRHvnaqqSqGNht759uGtaZWFYVwsjcwDPfvH5MZ+L0VCDb+NerQhjS+ZJJN35HZdJ4ZbrxqypD2DOEUJUu8a8VSYmqdIlXKkIYmBPINn5qRQgLA58J8cNnZu6D8xaePXt6R0fbGTswUZVpqybMau9oa5wxp2NmdapPxZTlpDef9/HH/vymc2Z03k4dcvvwUtIVmXKVXV1ursy7O3pn733sV21uJVuej4L6Y/6q0C/0XTCv7YzGs6bPn3/GqORvqdmbk799MtFkW43qLdtqv9xKRs4/be7IeQvPHtF+2vRT2k5p+07z2FHNzWO+OnZM88jOUTUlf7fHUK//5Ie6e0VOJZ/EB4CEhERvS5Tnfbo17ewf5AVf9Ld0tDJUd31AF0wrcrOUdY1yewz6sI854o/zPaXHEY0qmDgUZGnOZikvlmV0wWRiS5aaJEvX97qCyWFuTeVdmzTeLw+NjX2KbYeG/Lu5m/etbdi86zKbrtQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJcCAAD//5X10YE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x145802, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000200)='y', 0xf4240}], 0x1, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

2m47.244799602s ago: executing program 6 (id=16699):
syz_mount_image$ext4(&(0x7f0000000a40)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000340)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m46.247099242s ago: executing program 6 (id=16704):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x2000414, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x4)

2m45.733160448s ago: executing program 6 (id=16711):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x210000, &(0x7f00000001c0)={[{@jqfmt_vfsv1}, {@usrjquota}, {@lazytime}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x58f, &(0x7f0000000cc0)="$eJzs3V1rHNUbAPBnNpv09f9vCqWoFxLohZXaTZP4UkFovRQtFvS+Lsk2lGy6JbspTSzYXtgbb6SIIhbED+C9l8Uv4KcoaKFoCXohQmQ2s+02mc1bU3eb/f1guufMS888O/OcnJnZZQPoWyPpP4WIFyPiyyTiUNuyYmQLR1bWW3p4fTKdklhe/uj3JJJsXmv9JHs9kFVeiIifP484UVjbbn1hcaZcrVbmsvpoY/bKaH1h8eSl2fJ0ZbpyeXxi4vQbE+Nvv/XmjsX66vm/vv3w7nunvzi29M2P9w/fTuJsHMyWtcfxFG60V0bK/2SlwTi7asWxHWislyTd3gG2ZSDN8yQ9Q9M+4FAMZFkP7H6fRcRynqHcucCukuTnP7DrtcYBrWv7HboOfm48eHflRkcz9qH2+Isr90Zib/PaaP9S8sSVUXq9O7wD7adt/PTbndvpFOvfh9i3QR1gS27cjIhTxeLa/j/J+r/tO9W8eby+1W30298f6Ka76fjntbzxXyFG2m7qrx7/HMjJ3e3YOP8L93egmY7S8d87uePfR13X8EBW+19zzDeYXLxUrZyKiP9HxPEY3JPW13uec3rp3nKnZe3jv3RK22+NBbP9uF/c8+Q2U+VGOSKGnibulgc3I14q5sWfPBr/JjnHP30/zm+yjaOVOy93WrZx/M/W8g8Rr+Qe/8cnf7L+88nR5vkw2jor1vrz1tFfOrXf7fjT479//fiHk/bntfWtt/H93r8rnZZt9/wfSj5ulltJcK3caMyNRQwlH6ydP/5421a9tX4a//FjHfq/5mv++Z9efH2yyfhvHbnVcdVeOP5TWzr+Wy/ce//T7zq1v7nj/3qzdDybk/V/+bJzZbM7+LTvHwAAAAAAAPSSQkQcjKRQelQuFEqllc93HIn9hWqt3jhxsTZ/eSqa35UdjsFC60n3obbPQ4xln4dt1cdX1Sci4nBEfDWwr1kvTdaqU90OHgAAAAAAAAAAAAAAAAAAAHrEgQ7f/0/9OtDtvQOeueYPG+zp9l4A3bDhT/7vxC89AT1pw/wHdi35D/1L/kP/kv/Qv+Q/9C/5D/1L/kP/auX/H1+3z026szMAAAAAAAAAAAAAAAAAAAAAAAAAAADw/Dt/7lw6LS89vD6Z1qeuLszP1K6enKrUZ0qz85OlydrcldJ0rTZdrZQma7Mb/X/VWu3K2HjMXxttVOqN0frC4oXZ2vzlxoVLs+XpyoXK4H8SFQAAAAAAAAAAAAAAAAAAADxf6guLM+VqtTLXV4ViFv3mtjoTvbDPz7BwJns7trV5sVeiUOhQuJkd3q1t1aUOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy/BsAAP//upQvnA==")
mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@quota}]}, 0x1, 0x629, &(0x7f0000001080)="$eJzs3c9vFFUcAPDvTH/Sii3ERPEgTYyBRGlpAUOMifRuCP74ByothFAoaWtigYSS6NF48WDiyYP4XyiJN+PBqwfvhoQYw0EMkTWzO1u2291td9vtlu7nkyx9b2b3vTdLv31v3r6ZDaBrjWX/pBFHIuJGEjFSsa838p1jpec9+vv2xeyRRKHw0V9J3L6TrFaWleQ/h/MX/zcSyW9pxOGejfUurdy8OjM/P7eY5yeWr92YWFq5eeLKtZnLc5fnrk+9PXX2zOkzZydPbuv4+mps+/7bJ8nkD3+cT+JcPM3blh1X9fMGtlVz9p6NRaHkceX27H09u82y94p/Rsq/J88k1RvY05I8Tl6Okeip+N8ciS8+6GjDgLYqJFHuo4Cuk9SJ/1+mG/1lGGxbe4DdUh4HlM/ta50Hb5S2eVQC7IaH06UJqVLs90VEOf57S3ODMVicGxh6lKyb50kiYnszcyVZHb/+fP7z7BF15uGA9li9W57lru7/k2JsjsZgMTf0KF0f/6uFQpqPBLLtH7ZY/1hVPqv/YItlAc1ZvRsRr+T9f39sOf7TPHbL8f9Ji/XXiv8WiwIAAAAAAICud386It6qtf4vXVv/019j/c9wRJzbgfo3//wvfZAnkqqn9u9A9dDVHk5HvFtz/e/aGt/Rnjx3sLge4FZy6cr83MmIeDEijkffQJafrCq3coXwiS8Pf1Ov/sr1f9kjq7+8FjAv6UFv1YW4szPLM9s9biDi4d2IV4vrf4/mW9av/8n6/6RG/5/F940t1nH4jXsX6u3bPP6Bdil8F3GsZv//bLidNL4/x0RxPDBRHhVs9Nqtr36sV391/LfhEIE6sv5/qHH8DySV9+tZaq787CT91Epvod7+Vsf//cnHPVExCfDZzPLy4mREf/L+xu1TzbUZ9qs8Ho5GHi9Z/B9/vfH839r4vyIOD0TE6hbqG9xkv/E/dE4W/7ON+//R9f1/84mpe6M/1av/wpb6/9PFPv14vsX8H1TaeD+OrQZoR5oLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+5NCJeiCQdX0un6fh4xHBEvBRD6fzC0vKblxY+vT6b7YsYjb60/E2/I6V8Uv7+/9GK/FRV/lREHIqIr3sOFPPjFxfmZzt98AAAAAAAAAAAAAAAAAAAALBHDBev+S8MVF//n/mzp9OtA9quN/8p3qH79Lb8ysLAjjYE2HWtxz/wHMvO+ZuI/752tgXogPrx//hJoWhXmwPsIuN/6F4txr+PC2Af0P9Dt9rinN5gu9sBdIL+HwAAAAAA9pVDR+//nkTE6jsHio9Mf77PYn/Y39JONwDoGGt4oXv1LnS6BUCnOMcHkrXUvzUv9q+/+j9pT4MAAAAAAAAAAAAAgA2OHXH9P3Srxtf/W9sP+1mD6/9rBb/bBcA+Uv+rP/T9sN85xwc26+1d/w8AAAAAAAAAAAAAe8Dgzasz8/Nzi0srO5R4XNjhAusn3islCrtR144lVmf2RDOaSBTuRDR+ztPNy0kjotna+yJir7wJi0tZa3arrvItOJp++WTPTjWjw3+XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANf8HAAD//1H9Ggk=")
syz_mount_image$fuse(&(0x7f0000002180), &(0x7f0000002080)='./file1\x00', 0x28a0b1, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0)

2m44.925931864s ago: executing program 6 (id=16718):
pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0x59)

2m44.159411679s ago: executing program 6 (id=16724):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x10000, &(0x7f00000003c0)=ANY=[], 0xfe, 0x698, &(0x7f0000000b00)="$eJzs3c1vHGcdB/DvrNeOHVDqtklaUCWsRiqIiMQvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVApfXK4f+AeXgAxIXkLhHFIkDAm4VN4sDqoTEpSffgmZ21l7HXnft+CWmn481u8/MPC+//c3Ms2+yNsBn1uzVNB+kyOzVV1fL9Y31qdbG+tS5encrSVluJM32XYrFpPgwuZH2ki+UG+v6Ra9x3l+YufnRJxsft9ea9VLVb+zXrj9r9ZKxJAP1/W6Dh+rvVs/+9je3VSq2HmGZsCudxMFpe7jL2kGaP+Z1CzwJivbz5i6jyfkkw/XrgNSzQ+Nkozt6B5rlAAAA4Ix6ajObWc2F044DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzpL69/+Leml0ymMpOr//P1RvS12+2TjlmB/Hg9MOAAAAAAAAAACOwJc2s5nVXEj95f7D9jf7L1a3F6vbz+XtLGc+S7mW1cxlJStZykSS0a6OhlbnVlaWJvpoOblny8nDxf/7wzUDAAAAAAAAgP83P81s+/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4UhTJQPuuWi52yqNpNJMMJxkq660l/+iUz4hir40PTj4OAAAAeCzDh2jz1GY2s5oLnfWHRfWe/3L1fnk4b2cxK1nISlqZz+36PXT5rr+xsT7V2lifur+xPlUN/IOHbe1+vvXfA4VR9Zj2Zw97j/x8VWMkd7JQbbmWW1Uwt9OoWpaer+PZWnYO8l4Z08grtT4ju13fl4P9utenCEehcdAGo1Wjwa2MjNexlR09vX8mqqPz+X36bu470kQaW5/8XNxnpM5DKg6Y8/Oddkl++UjOX/n3b7/fZzfHYCsTjVSZmOw6+y7vn/Pky3/83et3W4v37t5Zvnpsp9FJefScmOrKxHNnOhPNA9YfrzJxaWt9Nt/J93I1Y3ktS1nIDzOXlcynnhkzV5/P5e1oV5aSXZm6sWPttU+LZKg+Lu1ZtJ+YxnKuKs3lxarthSykyJu5nfm8XP1NZiJfz3SmM9N1hC/1PMLVY6tm2sbBrvorX8n2pf6rcqbur13yl34rHlz7KbXM69Ndee2ec0erfd1btrP0TB/PRwecG5tfrAvlGD87zNPGsXk0ExNdmXh2/0z8pro2lluL95buzr3Vo/+1R9ZfGtwu/+JQz8zHNfWU58szGa5nkp1nR7nv2a1ZZme+hupvXNr7Grv2Xar2FUXnSv3uHldqmfGZqvblPXuarPY9t3vfQB35P//VtW/H6628+bdjShgAR+v8V88Pjfxn5O8jH4z8fOTuyKvD3z73jXMvDGXwz4PfbI4PvNR4ofhDPsiPt9//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh7f8zrv35lqt+aW9C43eu462UNQ/y9OrTjMjOYEwTrJQJGtH3nOOK+bhfiu/10edzo8IPm5gr994Mg7l6Rb+dL6va7lHYSBJveUnyfb5Ux+iw/y4KHAmXF+5/9b15Xfe/drC/bk35t+YXxycnp4Zn5l+eer6nYXW/Hj79rSjBI7D9uuBPhsMHnNAAAAAAAAAAAAAwKfa6x8D/nrE/5/QNdzYKT5UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4IyavZrmYIpMjF8bL9c31qda5dIpb9dsJmk0kuJHSfFhciPtJaNd3RW9xnl/YebmR59sfLzdV7NTv7Ffu/6s1UvGkgzU97sMHa6/W73661ux9QjLhF3pJA5O2/8CAAD//+v7BEU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000780)='./file1\x00', 0x2040, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x1)
fremovexattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')

2m43.567406518s ago: executing program 41 (id=16724):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x10000, &(0x7f00000003c0)=ANY=[], 0xfe, 0x698, &(0x7f0000000b00)="$eJzs3c1vHGcdB/DvrNeOHVDqtklaUCWsRiqIiMQvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVApfXK4f+AeXgAxIXkLhHFIkDAm4VN4sDqoTEpSffgmZ21l7HXnft+CWmn481u8/MPC+//c3Ms2+yNsBn1uzVNB+kyOzVV1fL9Y31qdbG+tS5encrSVluJM32XYrFpPgwuZH2ki+UG+v6Ra9x3l+YufnRJxsft9ea9VLVb+zXrj9r9ZKxJAP1/W6Dh+rvVs/+9je3VSq2HmGZsCudxMFpe7jL2kGaP+Z1CzwJivbz5i6jyfkkw/XrgNSzQ+Nkozt6B5rlAAAA4Ix6ajObWc2F044DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzpL69/+Leml0ymMpOr//P1RvS12+2TjlmB/Hg9MOAAAAAAAAAACOwJc2s5nVXEj95f7D9jf7L1a3F6vbz+XtLGc+S7mW1cxlJStZykSS0a6OhlbnVlaWJvpoOblny8nDxf/7wzUDAAAAAAAAgP83P81s+/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4UhTJQPuuWi52yqNpNJMMJxkq660l/+iUz4hir40PTj4OAAAAeCzDh2jz1GY2s5oLnfWHRfWe/3L1fnk4b2cxK1nISlqZz+36PXT5rr+xsT7V2lifur+xPlUN/IOHbe1+vvXfA4VR9Zj2Zw97j/x8VWMkd7JQbbmWW1Uwt9OoWpaer+PZWnYO8l4Z08grtT4ju13fl4P9utenCEehcdAGo1Wjwa2MjNexlR09vX8mqqPz+X36bu470kQaW5/8XNxnpM5DKg6Y8/Oddkl++UjOX/n3b7/fZzfHYCsTjVSZmOw6+y7vn/Pky3/83et3W4v37t5Zvnpsp9FJefScmOrKxHNnOhPNA9YfrzJxaWt9Nt/J93I1Y3ktS1nIDzOXlcynnhkzV5/P5e1oV5aSXZm6sWPttU+LZKg+Lu1ZtJ+YxnKuKs3lxarthSykyJu5nfm8XP1NZiJfz3SmM9N1hC/1PMLVY6tm2sbBrvorX8n2pf6rcqbur13yl34rHlz7KbXM69Ndee2ec0erfd1btrP0TB/PRwecG5tfrAvlGD87zNPGsXk0ExNdmXh2/0z8pro2lluL95buzr3Vo/+1R9ZfGtwu/+JQz8zHNfWU58szGa5nkp1nR7nv2a1ZZme+hupvXNr7Grv2Xar2FUXnSv3uHldqmfGZqvblPXuarPY9t3vfQB35P//VtW/H6628+bdjShgAR+v8V88Pjfxn5O8jH4z8fOTuyKvD3z73jXMvDGXwz4PfbI4PvNR4ofhDPsiPt9//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh7f8zrv35lqt+aW9C43eu462UNQ/y9OrTjMjOYEwTrJQJGtH3nOOK+bhfiu/10edzo8IPm5gr994Mg7l6Rb+dL6va7lHYSBJveUnyfb5Ux+iw/y4KHAmXF+5/9b15Xfe/drC/bk35t+YXxycnp4Zn5l+eer6nYXW/Hj79rSjBI7D9uuBPhsMHnNAAAAAAAAAAAAAwKfa6x8D/nrE/5/QNdzYKT5UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4IyavZrmYIpMjF8bL9c31qda5dIpb9dsJmk0kuJHSfFhciPtJaNd3RW9xnl/YebmR59sfLzdV7NTv7Ffu/6s1UvGkgzU97sMHa6/W73661ux9QjLhF3pJA5O2/8CAAD//+v7BEU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000780)='./file1\x00', 0x2040, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x1)
fremovexattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')

1m54.03724421s ago: executing program 3 (id=17171):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x380401a, &(0x7f0000000380)=ANY=[@ANYBLOB='errors=continue,usrquota,integrity,iocharset=cp857,noquota,grpquota,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c007bd598141a550dbf02d47ded539aef16b5f1cf677018ad5588131d50bbd580000000000000000b9b0fa44661887a1633f523184b4e52fbab2783d4a8e4c913491c6800c959a6cba88690ccbce67e3919"], 0x1, 0x617f, &(0x7f0000012640)="$eJzs3ctvHVcdB/Df3JcfoWnURVUihNw2PEppniUECrSVgAUbFqhblMh1q4gUUBJQWkXElTcs+CNASCwRYsmKP6ALtuz4A4iUIIG6QJ1q7HOc8Y1vrl3Hd65zPh/JmfnNmfE9k+99embuCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgfvTDn5yrIuLyr9OCExGfi35EL2KpqVciYmnlRF5/EBHPxWZzPBsRw4WIZvvNf56OeDUiPjoece/+7dVm8fk99uMHf/nnH3967Mf/+PPwzP/+erP/2qT1bt363X//dudg+wwAAAClqeu6rtLH/JPp832v604BADORX//rJC+fVn9/n+ur1Wq1Wq3uvm6rd3enXUTEenub5j2Dw/EAcMSsx8ddd4EOyb9og4g41nUngLlWdd0BDsW9+7dXq5Rv1X49WNlqz+eC7Mh/vdq+vmPSdJrxc0xmdf/aiH48M6E/SzPqwzzJ+ffG87+81T5K6x12/rMyKf/R1qVPxcn598fzH/Pk5N/bNf9S5fwH+8q/L38AAAAAAJhj+e//Jzo+/rtw8F3Zk0cd/12ZUR8AAAAAAAAA4HE76Ph/24z/BwAAAHOr+aze+P3xB8smfRdbs/ytKuKpsfWBwqSLZZa77gcAAAAAAAAAAAAAlGSwdQ7vW1XEMCKeWl6u67r5aRuv9+ug2x91pe8/lKzrJ3kAANjy0fGxa/mriMVWOVxeXq7rxaXlerleWsjvZ0cLi/VS63NtnjbLFkZ7eEM8GNXNL1tsbdc27fPytPbx39fc1qju76Fjs9FB0ADQsvVqdM8r0hOmrp+Ort/lcDR4/D95PP7Zi67vpwAAAMDhq+u6rtLXeZ9M4/v1uu4UADAT+fV//LiA+vHX/5+z/qjVarW6vLqt3t2ddhER6+1tmvcMhuMHgCNmPT7uugt0SP5FG0TEc113AphrVdcd4FDcu397tUr5Vu3XgzS+ez4XZEf+69Xmdnn73abTjJ9jMqv710b045kJ/Xl2Rn2YJzn/3nj+l7faR2m9w85/Vibl3+zniQ7607Wcf388/zFPTv69XfMvVc5/sK/8+/IHAAAAAIA5lv/+f2Kujv+OPuvuTPWo478rh3arAAAAAAAAAHC47t2/vZqve83H/7+wy3qu/3wy5fwr+Rcp598by/+rY+v1W/N333yQ/3/u3179081/fz5P95r/Qp6p0j2rSveIKt1SNUjTg+zdwzaG/VFzS8Oq1x+kc37q4TtxNa7FWpzdsW4v/X88aD+3o73p6XCzve5vtZ/f0T7Ybs/bX9jRPkxnOtVLuf10rMYv4lq8vdnetC1M2f/FKe31lPacf9/jv0g5/0Hrp8l/ObVXY9PG3Q97Dz3u29PdbueNq1/87dnD352pNqK/vW9tzf690EF/Nv9Pjo3iVzfWrp++deXmzevnIk12LD0fafKY5fyH6Wf7+f/Frfb8vN9+vN79cLTv/OfFRgwm5v9ia77Z35dm3Lcu5PxH6Sfn/3Zq3/3xf5Tzn/z4f7mD/gAAAAAAAAAAAAAAAMCj1HW9eYnoGxFxMV3/09W1mQDAbOXX/zrJy2dV92d8e2r1Ea+rOevPTOtP6vnqj1o9Z/VgL+u31bt7vV1ExN/b2zTvGX6z2y8DAObX1hd7/avrbtCZT+Rfrvx9f830VNedAWbqxvsf/OzKtWtr12903RMAAAAAAAAA4LPK43+utMZ/PlXX9Z2x9XaM//pmrBx0/M9BntkeYHTCQNX9/e/To2z0Rv1ea7jx52PS+N/D7blHjf89mHJ7wyntoyntC1PaF6e073qhR0vO//nWeOenIuLk2PDrJYz/Oj7mfQly/i+07s9N/l8ZW6+df/2Ho5x/b0f+Z26+98szN97/4JWr7115d+3dtZ9fOHfu7IWLFy9dunTmnavX1s5u/dthjw9Xzj+Pfe080LLk/HPm8i9Lzv9LqZZ/WXL+X061/MuS88/v9+Rflpx//uwj/7Lk/F9KtfzLkvP/WqrlX5ac/8upln9Zcv5fT7X8y5LzfyXV8i9Lzv90quVflpz/mVTvMf+lw+4Xs5Hzz0e4Hsp/2gFsjrScfz6zwfN/WXL+51Mt/7Lk/C+kWv5lyfm/mmr5lyXn/41Uy78sOf+LqZZ/WXL+30y1/MuS87+UavmXJef/rVTLvyw5/2+nWv5lyfm/lmr5lyXn/51Uy78sOf/vplr+Zcn5fy/V8i9Lzv/1VMu/LA++/9+MGTNm8kzXz0wAAAAAAAAAAAAAwLhZnE7c9T4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Ck7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLevcXIddd3AD979cYJiYGQOqkhG8cE42yy60t8oXUx4dpwK4FQ6AXb9a7Ngm947RJoJBsFSlSMiirahoe2gFCblwqr4oFWgPKAWlWqRNoH+oKoKvEQVQEFpEptBdlqzvn//zsze3Zm1zuxZ875fKT45505M+fMmTNn97vOdwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaHbXG+c+O5RlWeO//I9NWXZT4+83TG7KL3vd9d5CAAAAYL1+kf/5/C3pgkOruFHTMv/0qu99Y3FxcTH7wMifjn1xcTFdMZllYxuyLL8uuvKfHxxqXiZ4PJsYGm76erjL6ke6XD/a5fqxLtePd7l+Q5frJ7pcv2wHLHND8fuY/M625X/dVOzS7NZsLL9uW8mtHh/aMDwcf5eTG8pvszh2PJvPTmZz2UzL8sWyQ/ny37qrsa63ZXFdw03r2tI4Qn762LG4DUNhH29rWdfSfUY/fkM2+bOfPnbsr88/d3vZ7LobWu6v2M7tWxvb+elwSbGtQ9mGtE/idg43beeWkudkpGU7h/LbNf7evp3Pr3I7R5Y285pqf84nsuH878/k+2m0+dd6aT9tCZf9z91Zll1a2uz2ZZatKxvONrZcMrz0/EwUR2TjPhqH0suy0TUdp3et4jhtzNltrcdp+2siPv93hduNrrANzU/Tjz813vS8/3zxao7TqPGoV3qttB+DvX6t9MsxGI+LZ/IH/UTpMbgtPP7H7ln5GCw9dkqOwfS4m47Brd2OweHxkXyb05MwlN9m6Rjc2bL8SL6moXw+e0/nY3D6/Kmz0wuf+OR986eOnpg7MXd6986dM7v37t2/f//08fmTczPFn1e5t/vfxmw4vQa2hn0XXwOvaVu2+VBd/Mr4svPv1b4OJzq8Dje1Ldvr1+Fo+4MbujYvyOXHdPHaeF9jp09cHs5WeI3lz8+O9b8O0+Nueh2ONr0OS7+nlLwOR1fxOmwsc3bH6n5mGW36r2wbVv5esL5jcFPTMdj+80j7Mdjrn0f65RicCMfFD3as/L1gS9jeJ6bW+vPIyLJjMD3ccO5pXJJ+3p/Yn4+y4/KOxhU3jmcXFubO3f/o0fPnz+3MwrgmXt50rLQfrxubHlO27HgdXvPxemj+VU/cUXL5prCvJu5r/DGx4nPVWGbP/Z2fq/y7W/n+bLl0VxZGj13r/Vn23byxP8ez7Evf/dTD337sS29ccX828uanp9f/s3jKpU3n37EVzr8x979QrC/d1eMjY6PF63ck7Z2xlvNx61M1mp+7hvJ1Pz+9uvPxWPjvWp+Pb+1wPt7ctmyvz8dj7Q8uno+Huv22Y33an8+JcJycnOl8Pm4ss3nXWo/J0Y7n47vDHAr7/7UhKaRc1HTsrHTcpnWNjo6FxzUa19B6nO5uWX4sZLPGup7adXXH6fa7i/saSY9uybU6Tifblu31cZp+97XScTrU7bdvV6f9+ZwIx8Wtuzsfp41lnt6z/nPnDfGvTefO8W7H4NjIeGObx9JBmJ/vs8Ub4jF4f3YsO5OdzGbza8fz42koX9fUA6s7BsfDf9f6XLm5wzG4vW3ZXh+D6fvYSsfe0OjyB98D7c/nRDgunnyg8zHYWOZN+3r7s+v2cElapuln1/bfr630O6872nbTi3WsjIbt/O6+zr+bbSxzcv9ac2bn/XRvuOTGkv3U/vpd6TU1m12b/bQ5bOdz+1feT43taSzzxQOrPJ4OZVl28WMP5r/vDf++8ncXvv+Nln93Kfs3nYsfe/AnLzn+j2vZfgAG3wvF2Fh8r5tY+plrNf/+DwAAAAyEmPuHw0zkfwAAAKiMmPvj/xWeyP8AAABQGTH3j4aZ1CT/b37Tc/MvXMxSM38xiNen3fBQsVzsuM6ErycXlzQuf/Brc//9DxdXt+7hLMt+/tAflC6/+aG4XYXJsJ1X3tx6+TLfuG9V6z7yyMW03ub++pfD/cfHs9rDoKyCO5Nl2bdu+Xy+nskPXs7n0w8dyefDl554vLHM8weKr+Ptn315sfxfhCLKoeNHW27/bNgPPwpz5u3l+yPe7uuXX7tl3/uX1hdvN7T15vxhP/mh4n7j++R84fFi+bifV9r+b3/uqa83ln/01eXbf3G4fPufCvf7tTD/95XF8s3PQePreLvPhO2P64u3u/+r3ynd/iufLZY/+5ZiuSNhxvVvD19ve8tz883769Ghoy2PK3trsVxc/8z3/zi/Pt5fvP/27Z84fLllf7QfH0//W3E/023Lx8vjeqK/b1t/436aj8+4/qf+8EjLfu62/isPP/vKxv22r//etuXOfmxHvv6l+2t9x6a//MznS9cXt+fQ355teTyH3hNex2H9T34oHI/h+v+7Utxf+7srHHlP6/knLv/lTRdbHk/0tp8V67/y+hP53DBxw8Ybb3rJzZfubOy7LHtmQ3F/3dZ/4q/OtGz/V24r9ke8PvbF2te/krj+cx+fOn1m4cL8bNqrj92Sv3fOO4rtidt7Szi3tn99+Mz5D8+dm5yZnMmyyeq+hd5V+2qYPynGpbXefscj4fm848+/tfGef/1cvPzf31dcfvntxfet14TlvhAu3xSev/Wu/8m7bstf30NPF1+39Nh7YMu2/9q/qgXD42//uSAe72df8eF8PzSuy79vxNf1Orf/h7PF/Xwz7NfF8M7MW29bWl/z8vG9ES6/t3i9r3v/hdNcfF7/Jjzf7/xRcf9xu+Lj/WH4OeY7m1vPd/H4+ObF4fb7z9/F41I4n2SXiuvjUnF/X37+ttLNi+9Dkl26Pf/6T9L93L6mh7mShU8sTJ+cP33h0enzcwvnpxc+8cnDp85cOH3+cP5enoc/0u32S+enjfn5aXZu754sP1udKcaL7Hpv/9lHjs3um7lndu740QvHzz9ydu7ciWMLC8fmZhfuOXr8+NzHu91+fvbgzl0Hdu/bNXVifvbg/gMHdh+Ymj99prEZxUZ1sXfmo1Onzx3Ob7JwcM+BnQ88sGdm6tSZ2bmD+2Zmpi50u33+vWmqcevfnzo3d/Lo+flTc1ML85+cO7jzwN69u7q+G+Cps8cXJqfPXTg9fWFh7tx08Vgmz+cXN773dbs91bTwH8XPs+2Gijfiy9597970/qwNX/vUindVLNL2BqLPhfei+eeXnt2/mq9j7h8LM6lJ/gcAAIA6iLl/PMxE/gcAAIA+9tKb1rJ0zP0bwkzkfwAAAKiMmPsnwkxqkv8r1//ffHFV69f/1/9v3l817f8vXqxr//+9/db/L84X+v+9of/fmf5/F/r/+v/6//r/9FS/9f9j7r8hy2qZ/wEAAKAOYu7fGGYi/wMAAEBlxNx/Y5iJ/A8AAACVEXP/TWEmNcn/+v/6//r/te3/1/fz//X/K03/vzP9/y5W3/8fyira/8/q1f+/1Mvt1//X/2e5fuv/x9z/kjCTmuR/AAAAqIOY+28OM5H/AQAAoDJi7r8lzET+BwAAgMqIuX9TmElN8r/+v/6//r/+v/5/+fr1/wdT5fv/7S+QNdL/78Ln//v8f/1//X/WYHFDtyX6rf8fc/9Lw0xqkv8BAACgDmLuf1mYifwPAAAA/Wf06m4Wc//Lw0yW5f+rXAEAAABw3cXcf2vWVgSvyb//6//r/+v/6//r/5evf/X9/5FM/79/VL7/v076/13o/+v/6//r/9NT/db/z3N/NpG9IsykJvkfAAAA6iDm/tvCTOR/AAAAqIyY+38pzET+BwAAgMqIuX9zmElN8r/+v/6//r/+v/5/+fp9/v9g0v/vTP+/C/1//f/u2/9HZT/3Zfr/+v+U6rf+f8z9t4eZ1CT/AwAAQB3E3H9HmIn8DwAAAJURc/8vh5nI/wAAAFAZMfdvCTOpSf7X/9f/X7H/v6j/r/+v/6//P3j0/zvT/+9C/1//3+f/6//TU/3W/4+5/5VhJjXJ/wAAAFAHMfe/KsxE/gcAAIDKiLn/zjAT+R8AAAAqI+b+yTCTmuR//X/9f5//r/+v/1++fv3/waT/35n+fxf6//r/+v/6//TU+vr/LefQnvT/Y+6/K8ykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/XeHmcj/AAAAUBkx928LM6lJ/tf/1//X/9f/1/8vX7/+/2DS/+9M/78L/X/9f/1//X96an39/9ab5H+us/8fc/+rw0xqkv8BAACgDmLuvyfMRP4HAACAyoi5/zVhJvI/AAAAVEbM/dvDTGqS//X/9f/1//X/9f/L16//P5j0/zvT/+9C/1//X/9f/5+e6rf+f8z9rw0zqUn+BwAAgDqIuX9HmIn8DwAAAJURc/+9YSbyPwAAAFRGzP1TYSY1yf/6//r/+v/6//r/5evX/x9M+v+d6f93of+v/6//r/9PT/Vb/z/m/vvCTGqS/wEAAKBKhle4POb++8NM5H8AAACojJj7p8NM5H8AAACojJj7Z8JMapL/9f/1//X/9f/X1P+/c+l+9f8L+v/9Rf+/M/3/LvT/9f+ve/9/TP+fSum3/n/M/TvDTGqS/wEAAKAOYu7fFWYi/wMAAEBlxNy/O8xE/gcAAIDKiLl/T5hJTfK//r/+v/6//r/P/y9fv/7/YNL/76z3/f/4EPX/9f/1/33+v/4/y/Vb/z/m/gfCTGqS/wEAAKAOYu7fG2Yi/wMAAEBlxNy/L8xE/gcAAIDKiLl/f5hJTfJ/lfv/i4uLKy6p/6//37y/9P/1/8vWr/8/mPT/O/P5/13o/+v/6//r/9NT/db/j7n/QJhJTfI/AAAA1EHM/a8LM5H/AQAAoDJi7v+VMBP5HwAAACoj5v5fDTOpSf6vcv+/E/1//f/m/aX/r/9ftn79/8Gk/9+Z/n8X+v/6//r/+v/0VL/1/2PuPxhmUpP8DwAAAHUQc/+vhZnI/wAAAFAZMfe/PsxE/gcAAIDKiLn/UJhJTfK//r/+v/6//r/+f/n69f8Hk/5/Z/r/Xej/6//3ef+/cXy8sMJxrf9PP+q3/n/M/W8IM6lJ/gcAAIA6iLn/wTAT+R8AAAAqI+b+N4aZyP8AAABQGTH3vynMpCb5X/9f/1//X/9f/798/fr/g0n/vzP9/y70//X/+7z/34n+P/2o3/r/Mfe/OcykJvkfAAAA6iDm/reEmcj/AAAAUBkx9781zET+BwAAgMqIuf9tYSY1yf/6//r/+v/6//r/5evX/x9M+v+d6f93UYP+/50drrve/fn1ut7br/+v/89y/db/j7n/18NMapL/AQAAoA5i7n8ozET+BwAAgMqIuf/tYSbyPwAAAFRGzP3vCDOpSf7X/9f/1//X/9f/L1+//v9g0v/vbMD6/7+4OVyu/1/w+f/9vf2D1f9f3NB+e/1/Xgz91v+Puf+dYSY1yf8AAABQBzH3vyvMRP4HAACAyoi5/91hJvI/AAAAVEbM/b8RZlKT/K//39iOpfay/r/+f36B/r/+v/7/wNL/72zA+v8+/7+N/n9/b/9g9f+X0//nxdBv/f+Y+98TZlKT/A8AAAB1EHP/w2Em8j8AAABURsz97w0zkf8BAACgMmLuf1+YSU3yv/6/z//X/9f/1/8vX7/+/2DS/+9M/78L/X/9f/1//X96qt/6/zH3PxJmUpP8DwAAAHUQc//7w0zkfwAAAKiMmPt/M8xE/gcAAIDKiLn/A2EmNcn/+v+D0v+f1P/X/9f/b3s8+v/6/2X0/zvT/+9C/1//X/9f/5+e6rf+f8z9HwwzqUn+BwAAgDqIuf+3wkzkfwAAAKiMmPt/O8xE/gcAAIDKiLn/d8JMapL/a9//HxmU/r/P/8/0//X/2x6P/r/+f5lr1/+PZx79f/1//f9I/1//X/+fdv3W/4+5/3fDTGqS/wEAAKAOYu7/UJiJ/A8AAAADoez/yW4Xc//hMBP5HwAAACoj5v4jYSY1yf+17/8PzOf/6/9ndev//9nWf/nB9951ZKf+v/6//v+aXNPP/2+8+H3+v/6//n+Szk93Fic2/X/9f/1/+q3/H3P/0TCTmuR/AAAAqIOY+3+vmEu/AJD/AQAAoDJC7s+OhZnI/wAAAFAZMffPhpnUJP/r/+v/6//3af9/gD//P+4P/f9WPev/x5Ou/n+pa9r/f/9ST1z/f639//HSS/X/K9L/9/n/+v/6/wT91v+PuX8uzKQm+R8AAADqIOT+4ePFXLpC/gcAAIDKiLn/RJiJ/A8AAACVEXP/h8NMapL/9f/1//X/9f99/n/5+vu2/+/z/zvS/++sf/r/5fT/9f8Hefv1//X/Wa7f+v8x98+HmdQk/wMAAEAdxNz/kTAT+R8AAAAqI+b+j4aZyP8AAABQGTH3nwwzqUn+1//X/9f/1//X/y9fv/7/YOr7/v9E5/Xr/+v/6/8P7vbr/+v/s1y/9f9j7j8VZlKT/A8AAAB1EHP/6TAT+R8AAAAqI+b+M2Em8v//s3cfTXrdVR7HWx55LJVfwCxmM/t5CV7MrGdeAAs2bKiiWFCAyckyOZocTDI5G4wNxiSTDdgkg8mYnDPGJEOVKKNzjjrcvo9aelq6z/98PgsObrl9m0KW9bP0rQsAAADDyN3/4Lilyf7X/x9G/3/6+5H+/wL2//+j/9/v+fp//f/IFt//r6D/1//r/zf369f/6//Za2n9f+7+h8QtTfY/AAAAdJC7/6Fxi/0PAAAAw8jdf3ncYv8DAADAMHL3PyxuabL/d/X/R7Z69v+Z8Xr//0j9v/f/7/v84fr/o/p/Tju//f+V9/7Ip//X/+v/g/5f/6//Z7el9f+5+x8etzTZ/wAAANBB7v5HxC32PwAAAAwjd/8j4xb7HwAAAIaRu/9RcUuT/e/9/4fx/v9T9P+b3P8f1/9vUv/v/f9s4/3/8zr1/5ffcemD7rrxP286yPP1//p//b/+n/VaWv+fu//RcUuT/Q8AAAAd5O5/TNxi/wMAAMAwcvc/Nm6x/wEAAGAYufsfF7c02f/6f/3/uvv/E0P0/97/r//X/28q/f+8Tv3/2Txf/6//36j+/7qdf6j/Z4mW1v/n7n983NJk/wMAAEAHufufELfY/wAAADCM3P1XxC32PwAAAAwjd/+JuKXJ/tf/6/+9/1//r/+ffr7+fzPp/+fp/1fQ/+v/N6n/30X/zxItrf/P3X9l3NJk/wMAAEAHufufGLfY/wAAADCM3P1PilvsfwAAABhG7v4nxy1N9r/+X/+v/9f/6/+nn6//30z6/3n6/xX0/+faz1+s/9f/6//Z7oD9/z0zP2yvpf/P3f+UuKXJ/gcAAIAOcvc/NW6x/wEAAGAYufufFrfY/wAAADCM3P1Pj1ua7H/9v/5f/6//1/9PP1//v5n0//MW0/8fOTr5Yf3/xvf/3v+v/9f/s8PS3v+fu/8ZcUuT/Q8AAAAd5O5/Ztxi/wMAAMAwcvc/K26x/wEAAGAYufufHbc02f/6f/2//l//r/+ffv5c/3/Ttq9P/78s+v95i+n/96H/1/9v8tev/9f/s9fZ9/+X7PmUf/3nOfb/ufufE7c02f8AAADQQe7+q+IW+x8AAACGkbv/uXGL/Q8AAADDyN3/vLilyf6f7v9Pf7v+/8zo/3d+/fr/6e8f6+r/86+o/5/t///X+/970v/P0/+voP/X/+v/9+v/j6/6fP0/U5b2/v/c/c+PW5rsfwAAAOggd/8L4hb7HwAAAIaRu/+FcYv9DwAAAMPI3f+iuKXJ/vf+f/2//n/z+n/v/z/lQr7/f+u89/9H9f9nSP8/T/+/gv5f/6//9/5/1mpp/X/u/hfHLU32PwAAAHSQu/8lcYv9DwAAAJth++8d2P0bSkPu/pfGLfY/AAAADCN3/8vilrH2/0X7fYP+X/+v/9f/L6n/Pz7xr2v1/97/fxD6/3n6/xX0/4fRzx8drP+/Zr/PX0L/f4X+n4XZ0f/ffPrjB+//j01+9KD9f+7+q3f/Ncfa/wAAANBa7v6Xxy32PwAAAAwjd/8r4hb7HwAAAIaRu/+VcUuT/X/o/f/x/Z+t/9f/6//1/97/r/9fN/3/PP3/Cvp/7//3/n/9P2u1o//f5uD9f/wpO386euD+P3f/q+KWJvsfAAAAOsjd/+q4xf4HAACAYeTuvyZusf8BAABgGLn7XxO3NNn/3v+v/9f/6//1/9PP1/9vJv3/PP3/Cvr/M+3nr576fP2//l//z25L6/9z9782bmmy/wEAAKCD3P2vi1vsfwAAABhG7v7Xxy32PwAAAAwjd/8b4pYm+1//f7j9f35c/6//39L/6//1/+dF2/7/yNQ/ifbap/+/7QEn/n/nR/T/+n/v/9f/6/9Zg0X0/ydP/+wyd/8b45Ym+x8AAAA6yN3/prjF/gcAAIBh5O5/c9xi/wMAAMAwcve/JW5psv/1/97/r//X/+v/p5+v/98s+f9j2/7/DHn//wr6f/2//l//z1otov/f9se5+98atzTZ/wAAANBB7v63xS32PwAAAAwjd//b4xb7HwAAAIaRu/8dcUuT/a//1//r//X/+v/p5+v/N5P+f57+fwX9/wH6+SNHd3++/l//r/9nt0Po/49s/4frQfv/3P3Xxi1N9j8AAAB0kLv/nXGL/Q8AAADDyN3/rrjF/gcAAIBh5O6/Lm5psv/1//p//b/+X/8//Xz9/2bS/8/T/29tbV0/8wVM9f8nL9H/r7Wf3/2j/Pro//X/LM/S3v+fu//dcUuT/Q8AAAAd5O6/Pm6x/wEAAGAYuftviFvsfwAAABhG7v73xC1N9r/+X/+v/9f/6/+nn6//30z6/3n6/xW8//+C9vOb/vXr//X/7LW0/j93/3vjhmNd9j8AAAB0kLv/xrjF/gcAAIBh5O5/X9xi/wMAAMAwcvffFLc02f/6f/2//l//r/+ffv459v97mmP9//lxeP3/lv5f/6//X0H/r//X/7Pb0vr/3P3vj1ua7H8AAADoIHf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/obilyf7X/+v/9f/6f/3/9PO9/38zef//PP3/Cvp//X/7/v/e76H6f9Znaf1/7v4Pxy1N9j8AAAB0kLv/5rjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1//p//b/+X/8//fzz0P8f29L/r53+f57+fwX9/5j9/0VbA/X/x/f9fO//Z4mW1v/n7v9Y3NJk/wMAAEAHufs/HrfY/wAAADCM3P2fiFvsfwAAABhG7v5Pxi1N9r/+X/+v/9f/6/+nn+/9/5tJ/z9P/7+C/n/M/t/7//X/XDBL6/9z938qbmmy/wEAAKCD3P23xC32PwAAAAwjd/+n4xb7HwAAAIaRu/8zcUuT/a//1//r//X/+v/p5+v/N5P+f57+fwX9v/5f/6//Z62W1v/n7v9s3NJk/wMAAEAHuftvjVvsfwAAABhG7v7b4hb7HwAAAIaRu/9zcUuT/a//1/8fRv+/++vQ/5+yzv7/mP5f/6//n7SU/v+yy/7vdv2//l//r//X/+v/u1ta/5+7//NxS5P9DwAAAB3k7v9C3GL/AwAAwDBy938xbvr3C/YVAQAAAOuWu/9LcUuTX//f2/9fvHWqUD1lqv+PRk3/v83Y/f+9f194///S+v8t/b/+X/8/aSn9/2jv/78nrv5f/z9H/3+A/v+/9n6+/p8RLa3/z91/e9zSZP8DAABAB7n7vxy32P8AAAAwjNz9X4lb7H8AAAAYRu7+O+KWJvvf+//1/4fx/n/9//T3D/2//l//f/j0//NW9f/1MO//1//r/0d9///JqZ+3bm3v//9N/8/6LK3/z93/1bilyf4HAACADnL3fy1usf8BAABgGLn7vx632P8AAAAwjNz934hbmux//b/+X/+v/9f/Tz9f/7+Z9P/zzvb9//lh/b/+f06z/v+W3R/YkP5/X97/z2FYWv+fu/+bcUuT/Q8AAAAd5O7/Vtxi/wMAAMAwcvd/O26x/wEAAGAYufu/E7c02f/6f/3/+P3//fT/u56v/9f/j+ys+/v4G3mE/v/imW/T/6+g/9f/j//+/33p/zkMS+v/c/ffGbc02f8AAADQQe7+78Yt9j8AAAAMI3f/9+IW+x8AAACGkbv/+3FLk/2v/+/V/x/Z6tj/e/+//l//34n3/8/T/6+g/9f/6//1/6zV0vr/3P0/iFua7H8AAADYVPf57wfeeaZ/bu7+H8Yt9j8AAAAMI3f/j+IW+x8AAACGkbv/x3FLk/2v/+/V//d8/7/+X/+v/+9E/z9P/7+C/l//r//X/7NWS+v/c/f/JG7ZNvyOHvh/JQAAALAkuft/Grc0+fV/AAAA6CB3/8/ilj37/+QZ/q52AAAAYGly9/88bmny6//6/4X3/1v6f/2//l//r/8/CP3/vHPs/08e0f/r/2fo//X/+n92W1r/n7v/F3FLk/0PAAAAg9rxbxRy9/8ybrH/AQAAYBi5+38Vt9j/AAAAMIzc/b+OW5rsf/3/wvv/s3r///H6b/r/5v3/Vccmn6//1/+PTP8/z/v/V9D/6//1//p/1mpp/X/u/t/ELU32PwAAAHSQu/+3cYv9DwAAAMPI3f+7uMX+BwAAgGHk7v993NJk/+v/R+z/vf9f/z///HH6//+49MSt973/Ddfq/zntfPb/+X1B/6//1/+fov/X/+v/2W1p/X/u/j/ELU32PwAAAHSQu/+uuMX+BwAAgGHk7v9j3GL/AwAAwDBy998dtzTZ//p//b/+fxP7/2yKu/f/3v+v/9/L+//n6f9X0P/r/w/09d+944/0//p/9lpa/5+7/09xS5P9DwAAAB3k7v9z3GL/AwAAwDBy9/8lbrH/AQAAYBi5+/8atzTZ//p//b/+fxP7f+//39L/6//3of+fp/9fQf+v//f+f/0/a7W0/j93/9/ilib7HwAAADrI3X9P3GL/AwAAwDBy9/89brH/AQAAYBi5+/8RtzTZ//p//b/+X/+v/59+vv5/M+n/5+n/V9D/6//1//p/1mpp/X/u/n8GAAD//wVCi78=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')

1m52.589056845s ago: executing program 3 (id=17175):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, &(0x7f00000001c0)={{@any, 0xf0c}, 0x8, 0x2a27})

1m51.365380716s ago: executing program 3 (id=17188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}}, 0x0)

1m51.123068662s ago: executing program 3 (id=17190):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x0, &(0x7f00000001c0)=ANY=[], 0x5, 0x210, &(0x7f0000000700)="$eJzs28tOE1Ecx/Hf9EZFI17iJa5MTIwbqQIJ6Up5ADcuTVyQWkjjoEbcQEiEl3Dv1pWPQKLv4QvAwp0rjjkzp2nHDp2LM0yg309C50/n/M6cAc5hehOAmfU8uPXkqR1UxpjP9yW9eiHtVzw2AOUybntiAMyeeu6p/3q4hgA4l47X6pLaOvSkX7/3ekfuq53y+uF4rRYWnnQ0lr+UNn/gBdt7jWh+XtLlidaNyeuXr2H+oYZ5O/K93pWMx59X9Pi6ljYfnv+jB2pqLH9V0oIUdHNd0g1JN6U52/aWpFrk+C333Sh/N7zjIOVpAAAAAAAwlX30ufi/+cQO6pKexO6xj4M3Bn4/fm+ypss/zZlvufzStEYmOb88fmfttNbeqGyGmzmXX+y9999kGDdQhFq2+T/xtKD9iz5M6ODU6eBWhuj8b6YfjXtGcGPwJVMGQGh7Z/ftuu/3PxZZPJvWRsraoV0RCh5hfPHNFvoTvjJS8rHyFHaxzRsfviBT9MD2ldzGpGhzkYpGsT/nH/L+naeNyCT67n63GXp+Gberpcg8jaif8cIEoHSdT1sfOts7u48HW+ub/c3+u5XVbnd1ZXmp2wkuy+2tWah6lADKMPrvH7Mz7Zt4AAAAAAAAAAAAAABApW5LuhNUP08yxHhnAAAAAHAOncWHoqo+RwAAAAAAAAAAAAAALrq/AQAA///Z/DbR")
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

1m50.749027971s ago: executing program 3 (id=17192):
r0 = syz_io_uring_setup(0x460, &(0x7f0000000100)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x10, 0x0, 0x0, 0x0, &(0x7f0000011000/0x1000)=nil, 0x1000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0xffffffffffffff8a)

1m50.274794508s ago: executing program 3 (id=17196):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x44f, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x3, 0x1, 0x4, 0x0, 0x1})

1m49.537747613s ago: executing program 42 (id=17196):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x44f, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x3, 0x1, 0x4, 0x0, 0x1})

1m19.796111317s ago: executing program 7 (id=17456):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
preadv(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/56, 0x38}], 0x1, 0x8, 0x0)

1m19.51699955s ago: executing program 7 (id=17457):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x8, 0xc1})
io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0)

1m19.409475418s ago: executing program 7 (id=17459):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

1m18.060287343s ago: executing program 8 (id=17474):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000005880)=ANY=[@ANYBLOB="6e6f646973636172642c6e6f636865636b706f696e745f6d657267652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c757365725f78617474722c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303031362c646973636172642c6e6f61636c2c6673796e635f6d6f64653d706f7369782c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c6163746976655f6c6f67733d322c6661756c745f747970653d30303030303030303030303031363737373231342c0084538367d8b9c04bebbf0f4ea4d5617c063f0a30b5325e5d939d497829d8452e38794f1563bf34cdaaf9b70591db2f2a066e339d0c0b7c189bac05d8e91e9d1f4670d79a57f83b67f1f98b905d3b06be7de7829439d0b21d1744d7fad3fe3f3f9b3361f4bfa2c2e375c048af0d6ecac62d07c6a85e2558b9e8639b050137830520aea2c9243f9f9eca12969def7d15c8bac687164c38cf349d738c"], 0x1, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
utimes(&(0x7f00000000c0)='./file0\x00', 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

1m16.788702062s ago: executing program 7 (id=17479):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000040)='./file2\x00', 0x141042, 0xc0)

1m16.787967897s ago: executing program 8 (id=17480):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'erspan0\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x24, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x4, 0x5, 0x1, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c0000001000050400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000002c0012800b00010065727370616e00001c000280050016000000000006000e"], 0x4c}}, 0x0)

1m15.901164099s ago: executing program 7 (id=17487):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000900, 0x0, &(0x7f00000000c0)={0xe, 0x0, 0x80000000, 0x0, 0x0, 0x6, 0x0, 0x3ff, 0x10})

1m15.491657014s ago: executing program 7 (id=17492):
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2000, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x0, 0x83)

1m14.91487862s ago: executing program 43 (id=17492):
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2000, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x0, 0x83)

1m14.860942922s ago: executing program 8 (id=17495):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)

1m14.619401083s ago: executing program 8 (id=17500):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000040)='./file2\x00', 0x141042, 0xc0)

1m14.036078891s ago: executing program 8 (id=17505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000d"], 0x48)
close(0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

1m12.614485263s ago: executing program 8 (id=17514):
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

1m12.145662623s ago: executing program 44 (id=17514):
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

6.852707606s ago: executing program 5 (id=18095):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000140)={r2}, &(0x7f0000004d80)=0x8)

5.859039748s ago: executing program 5 (id=18109):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x100000000}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0)

5.673092185s ago: executing program 5 (id=18110):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
munlockall()

5.200385581s ago: executing program 5 (id=18115):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000000000)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

4.425840817s ago: executing program 0 (id=18126):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000100)={r0, r0, 0xfffe, 0x0, 0x0, 0xc2, 0x85, 0x15c2, 0x5886, 0x6, 0x0, 0x0, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

2.815238798s ago: executing program 0 (id=18137):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f00000001c0)=ANY=[], 0x5)

2.43646921s ago: executing program 0 (id=18143):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
ioctl$TCSETSW2(r0, 0x5425, 0x0)

2.049883965s ago: executing program 5 (id=18149):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, 0x0, 0x0)

2.048487692s ago: executing program 2 (id=18150):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r1}}, 0x48)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f00000000c0), r1, r0}}, 0x18)

1.855196652s ago: executing program 2 (id=18151):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000100)={r0, r0, 0xfffe, 0x0, 0x0, 0xc2, 0x85, 0x15c2, 0x5886, 0x6, 0x0, 0x0, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

1.854179559s ago: executing program 1 (id=18152):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r1, &(0x7f0000000000)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
bind$ax25(r0, &(0x7f0000000100)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r0)

1.611506905s ago: executing program 9 (id=18154):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xb3ad}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)

1.588278487s ago: executing program 1 (id=18155):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4f4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)

1.497319283s ago: executing program 2 (id=18156):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
tee(r0, r1, 0x8f5, 0x100000000000000)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.490328564s ago: executing program 9 (id=18157):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0x80000300, 0x0, 0x0)

1.340992921s ago: executing program 9 (id=18158):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r1, r0, 0x0, 0x20000023893)

1.340817041s ago: executing program 4 (id=18159):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x7ff]}, 0x8, 0x800)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
unshare(0x22020400)
pselect6(0x40, &(0x7f0000000080)={0x5, 0x75e5, 0x80, 0x5, 0x10001000000000, 0x7, 0x8, 0x5}, &(0x7f00000001c0)={0x2d, 0x400, 0x0, 0x1, 0x8, 0x1, 0x80000001, 0x2}, 0x0, 0x0, 0x0)

1.277033429s ago: executing program 2 (id=18160):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000035c0), r1)

1.214892695s ago: executing program 0 (id=18161):
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000300)={0x0, 0x2, 0xffffffffffffffff, 0x7ff})
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
r1 = syz_open_dev$mouse(&(0x7f0000000680), 0x0, 0x14b200)
read(r1, 0x0, 0x2)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x918)

1.207433567s ago: executing program 4 (id=18162):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x5)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x40000, 0x0, 0xfffffffc, 0x238}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0})
io_uring_enter(r1, 0x3f70, 0x0, 0x0, 0x0, 0x0)

1.114040589s ago: executing program 9 (id=18163):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x13, 0x117, 0x4, 0x202}], 0x18}, 0x0)

1.053100956s ago: executing program 5 (id=18164):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000003407d1e9c3100000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="000007000000fa"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

972.427114ms ago: executing program 9 (id=18165):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
close(r0)
socket(0x1d, 0x2, 0x6)
r1 = socket(0x2b, 0x80801, 0x1)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f0000000100), 0x1218002, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

888.826496ms ago: executing program 4 (id=18166):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)

850.868938ms ago: executing program 0 (id=18167):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x486, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

736.209077ms ago: executing program 4 (id=18168):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4000854, &(0x7f0000000200)={0x11, 0x8, 0x0, 0x1, 0x3, 0x6, @multicast}, 0x14)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r1}, 0x14)

648.982178ms ago: executing program 4 (id=18169):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000100)={r0, r0, 0xfffe, 0x0, 0x0, 0xc2, 0x85, 0x15c2, 0x5886, 0x6, 0x0, 0x0, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

557.080054ms ago: executing program 1 (id=18170):
syz_emit_ethernet(0x4e, &(0x7f0000001b00)=ANY=[], 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f00000000c0)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f0000000940)={@desc={0x1, 0x0, @desc4}, 0x40, 0x0, '\x00', @a})
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0xc080661a, &(0x7f00000001c0)={@desc={0x1, 0x0, @desc4}})

428.254691ms ago: executing program 0 (id=18171):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
munlockall()

427.363975ms ago: executing program 1 (id=18183):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xfff1, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001bc0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xfff3, 0x8}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x20044000)

423.55495ms ago: executing program 4 (id=18172):
syz_mount_image$jfs(&(0x7f0000000380), &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2208088, &(0x7f0000002440)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e01000000943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6", @ANYRES8=0x0, @ANYRES8, @ANYRESOCT=0x0, @ANYRES16], 0x1, 0x5e97, &(0x7f0000005e00)="$eJzs3UuPFNfZB/CnL9Nz4TWMLL2WhbIYY+dCMDBcDLnb3iRSVpEiNlmBxmMLBScRkCi2UBhrFvkGUbJIlOyzyifIHj6EF1kGCZKNV6moZs6BmkoPzQDT1TPn95OaqqdOVfcp/n2druoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED88Ps/PteLiKu/SguWI/4vBhH9iMW6XomIxZXlvP4wIl6PreZ4rV59PqLefuufYxEXI+L+0YiHj+6s1YvPP2M//n3k/4/9868/OP37v/3u3sk/nnq73f6n9X/c+8nddFsAAADAnlRVVfXSx/zj6fN9v+tOAQBTkV//qyQvV6vVarVaffjqpmq8u80iIjaa29TvGe6OuzIAYHZtxBddd4EOyb9ow4g40nUngJnmuPvD6eGjO2u9lG+v+Xqwst2ejwXZkf9G7/H5HbtNJ2kfYzKt+9dmDOLVXfqzOKU+zJKcf7+d/9Xt9lFab7/zn5bd8h9tn/pUnJz/oJ1/y+HJvz82/1Ll/Id7yn8gfwAAAAAAmGH57//LU/v+t7fjerP5l7M7Ez3t+9+VKfUBAAAAAAAAAF62Fx3/7zHj/wEAAMDMqj+r1/589Mmy3T5j18uv9CJeaa0PFCadLLPUdT8AAAAAAAAAAAAAoCTD7WN4r/Qi5iLilaWlqqrqS1O73qsX3f6gK33/oWRdP8kDAMC2+0db5/L3IhYi4kr6rb+5paWlqlpYXKqWqsX5/H52NL9QLTY+1+ZpvWx+9AxviIejqr6yhcZ2TZM+L09qb19ffVujavAMHZuODgMHgIjYfjV66BXpkKmqY9H1uxwOBo//w8fjn2fR9f0UAAAA2H9VVVW99HPex9N3/v2uOwUATEV+/W9/L6BWq9Vqtfrw1U3VeHebRURsNLep3zPcHXdlAMDs2ogvuu4CHZJ/0YYR8XrXnQBmWq/rDrAvHj66s9ZL+faarwdpfPd8LMiO/Dd6W9vl7cdNJ2kfYzKt+9dmDOLVXfrz2pT6MEty/v12/le320dpvf3Of1p2y7/ez+UO+tO1nP+gnX/L4cm/Pzb/UuX8h3vKfyB/AAAAAACYYfnv/8u+/827DAAAAAAAAAAHzsNHd9byea/5+/8vjVnP+Z+HU86/J/8i5fz7rfy/1lpv0Jh/8P6T/P/16M7aj/7w+fE8fdb85/NML92zeuke0Uu31Bum6XPv2vy4hZtzg1F9S3O9/mCYjvmp5j6M63Ej1mN1x7r99P/xpP3cjva6p3Pprrzdfn5H+3C7vbH9hR3tc+l3B6rF3H4m1uLncSM+2Gqv2+Yn7P/ChPZqQnvOf+DxX6Sc/7BxqfNfSu291rT24LP+/zzum9Nxt/Peb+/dX93/3ZloMwaP962p3r8THfRn6//kyCh+eWv95plfX7t9++a5SJMdS89HmrxkOf+5dHn8/P/mdnt+3m8+Xh98Ntpz/rNiM4a75v9mY77e35NT7lsXcv6jdMn5f5Daxz/+D3L+uz/+T3XQHwAAAAAAAAAAAAAAAHiaqqq2ThF9LyIupfN/ujo3EwCYrvz6XyV5uVqtVqvV6sNXN1XjvdssIuLvzW3q9wy/GXdlAMAs+09EfN51J+iM/AuWf++vnr7VdWeAqbr1yac/vXbjxvrNW133BAAAAAAAAAB4Xnn8z5XG+M9vRcRya70d47++HysvOv7nMM88HmD0+Qf63ovN/mjQbww3/kY8ffzvE/H08b+HE25vbkL7aEL72EHMGxYmtI890aMh5/9GY7zzOv/jreHXSxj/tT3mfQly/ica9+c6/6+21mvmX/3lIOff35H/2dsf/+LsrU8+PX3942sfrX+0/rOLq6uXLlx+Z/Xy6tkPr99YT/922OP9lfPPY187DrQsOf+cufzLkvP/cqrlX5ac/1dSLf+y5Pzz+z35lyXnnz/7yL8sOf+TqZZ/WXL+X0+1/MuS8z+VavmXJef/dqrlX5ac/+lUy78sOf8zqZZ/WXL+Z1Mt/7Lk/PM3XPIvS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl5/9OquVflpz/pVTLvyw5/8upln9Zcv7fSLX8y5Lz/2aq5V+WnP+3Ui3/suT8v51q+Zcl5/+dVMu/LDn/76Za/mXJ+X8v1fIvS87/3VTLvyxPfv/fjBkzZvJM189MAAAAAAAAAAAAAEDbNA4n7nofAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+C87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLevcbIdZZ3AD97c9YOly2E4IYAG8cEkyzZ9T2mNZhbSRPSUiC0pRfj2mtj8K1em1sjxSi0RGrURiof4EO5Fal8qYgAVVSlyJVagQQS+UQrtQ2pAlVEoTW0H6AibDUz7/PuzHivZzb2zDm/nxQ/9uyZmXfOvDO7/3X+awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoN1Nr5398FBRFI3/mr9MFMUzGr/fODnR+OPWV1ztFQIAAAC9eqr566Vn5wsOrOJKbcd89UXf/OL8/Px88dh3X/b8j8zP5w9MFsXENUXR/Fh48p6/3dp+TPJAMT403Pbn4RXufmSFj4+u8PGxFT6+YYWPX7PCx8dX+PhlJ+AyG1vfj2ne2Nbmbydap7S4rhhrfmzrItd6YOia4eH4Xk7TUPM682NHi+PFiWK2mOk4vnXsUPP4L9/UuK87i7iv4bb7urGxQ3543+FYw1A6x1s77mvhNsMPXl1M/uiH9x1+08cev2GxueJp6Li91jq3bWms80PpktZah4pr8jmJdQ63rfPGRZ6TkY51DjWv1/h99zovrXKdIwvLvKK6n/PxYrj5+0eb52m0/dt6+TzdmC778c1FUVxYWHb3MZfdVzFcbOq4ZHjh+Rlv7cjGbTS20nOK0TXt05tWsU8b88jWzn3a/ZqI5/+mdL3RJdbQ/jT94IMbLnve17pPQ+NRL/Va6d6D6/1a6Zc9GPvi0eaDfnDRPbg1Pf77bll6Dy66dxbZg/lxt+3BLSvtweENI8015ydhqHmdhT24veP4keY9DTXnk7csvwenz508Mz33/g+8/PjJQ8dmj82e2jUzs2fn3t0ze2emjx4/MZt+LXm2+9+mYji/BrakcxevgZd2Hdu+Vec/tX6vw/FlXocTXceu9+twtPvBDV2ZF+Tle7r12nhr46SPPzRcLPEaaz4/t/b+OsyPu+11ONr2Olz0c8oir8PRVbwOG8ecuXV1X7OMtv232Bqers8FE217sPvrke49uN5fj/TLHhxP++Jfb136c8GNab0PTq3165GRy/ZgfrjpvadxSf56f/yO5lhsX97Q+MC1G4rzc7Nnb3/foXPnzm4v0rgintu2V7r366a2x1Rctl+H17xfD3z469+4YZHLJ9K5Gn9545fxJZ+rxjG7bl/+uWp+dlv8fHZcuqNIY51d6fO52GfzxvnMWXKZ89k45kPTvX8tnnNp2/vv2BLvv5H7f9a8n635ph4YGRttvX5H8tkZ63g/7nyqRpvvXUPN+740vbr347H035V+P75umffjzV3Hrvf78Vj3g4v346GVvtvRm+7nczztkxMzy78fN47ZvGOte3J02ffjm9McSuf/ZSkp5FzUtneW2rf5vkZHx9LjGo176NynOzuOH0vZrHFfn91Rbp9uu7l1WyP50S24Uvt0suvY9d6n+f1qqX06tNJ338rpfj7H0764bufy+7RxzMVdvb93bozftr13blhpD46NbGiseSxvwtb7/fzG2IO3F4eL08WJ4kjzoxua+2moeV9Tu1e3Bzek/670e+XmZfbgtq5j13sP5s9jS+29odHLH/w66H4+x9O++Oju5fdg45jX7V3fr123pUvyMW1fu3Z/f22p73nd0HWans7veTXW+Q97l//ebOOYE3esNWcuf55uS5dcu8h56n79LvWaOlJcmfO0Oa3z+3csfZ4a62kc85F9q9xPB4qi+MLdB5rf701/v/L589/6YsffuxxofexL+xZu67KvOhb7e58v3H3g4j/f9ZO1PEYA+tvPmr9u3dT6XNf2N1Or+ft/AAAAYCBE7h9OM5P/AQAAoDIi98f/FZ7J/wAAAFAZkftH08xqkv8f/Lfnvfun9xe5mT+fxMfjNJx5onVcdFw/mf48Ob+gcflrPvOPX3/7/au77+GiKH56178sevyDT8S6Wh5O65z8dufll9n87VXd/zvuXTiuvQM4kW4/Hk/3Nvjyfz/RvN7kvta8eNfF5nzzhQcfaHz80r7Wn6M7+eT/tI7781TmPXD07zuuv+2x1v1tfWz5xxXX+9wbN979grct3F9cb2jLs5oP46OvbN1u/Nybh1/bOv5SOm6p9f/dH3/2c43j3/eSxdd///Di638y3e530vzJU63L289p489xvT9M64/7i+vd/umvLLr+R97QOv6R9Lx8Ms3u9b/6T1/4VPv5ivXH/Rx4vHW9uP+Zv/6P5vXi9uL2u9c//qonOs5H9+1f/Hzrdva/539H2o+Py+N+8r57vPN5btxO+34Ln/2jix3nufj31vX+pmv9cXtnHl98/bd1rfPM9k3N6y9VGf/47HcWfbyxngN/9WjH43nke+n8veae5u2O/zjtx/Tx/3u4dXvdPy3h0e91vp/E8Z+caL0u4/amu9b/cNf6L7y4ce5WXv+dP2qt/5FXfbXz+fjP1joO/KA1V1r/sU98s+P6n/pW6/k4+96pU6fnzh+PDvVE+tk/Z77bur1rxjduuvYZz3zWs9N7ZfefD54+987Zs5MzkzNFMTmAPxLv6V7/p9P8r9a4sN63f19RFO9t+7x26+tb+6940aU/efGdn3lnHPdPr2td/tDdrc9bL03HPZwuv5Ce77idj3+s9fmw1/XH/Sw183pX6fzXPrxnVQemx//Rm65vvsqGLrYu7n6/Kite548/r/N1/9hbW/NL6bzOp5/MvOX6rzWP677/+NkID72l9fqOr+Ti+r2u/y/T833Pd1q3H7eb15u+jvnK5s73x3h+vnR/108amGj9FI8L6f2juND6eBwVX1M9dOn6tSxzSXPvn5s+cfzU+fdNn5udOzc99/4PHDx5+vypcwebP5vz4LtWuv7C63tT8/V9ZHbPrqL5aj/dGk+zq73+M/cePrJ35pYjs0cPnT967t4zs2ePHZ6bOzx7ZO6WQ0ePzr53pesfP7J/+459O/fumDp2/Mj+O/bt27lv6vip041ltBa1gj0z7546dfZg8ypz+3ft2757966ZqZOnj8zu3zszM3V+pes3PzdNNa79nqmzsycOnTt+cnZq7vgHZvdv37dnz44Vf7rfyTNH5yanz54/NX1+bvbsdOuxTJ5rXtz43LfS9aFh7hMbF/08NZS+et9+257881kbPvPBJW+qdUjXDxD9fvpZNN/4iz/bvZo/R+4fSzOrSf4HAACAOojcvyHNTP4HAACAyojcf02amfwPAAAAlRG5fzzNrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv/Goqhl/gcAAIA6iNy/Kc1M/gcAAIDKiNx/bZqZ/A8AAACVEbn/GWlmNcn/+v/6//r/+v9B/1//vwz9f/3/MvT/9f8HYf36//r/9K7f+v+R+5+ZZlaT/A8AAAB1ELn/WWlm8j8AAABURuT+Z6eZyf8AAABQGZH7J9LMapL/9f/1//X/9f+D/r/+fxn6//r/Zej/6/8Pwvr1//X/6V2/9f8j9/9cmllN8j8AAADUQeT+56SZyf8AAABQGZH7n5tmJv8DAABAZUTuvy7NrCb5X/9f/79/+v8LtVj9f/1//f/Bof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/89LMapL/AQAAoA4i91+fZib/AwAAQGVE7n9+mpn8DwAAAJURuX9zmllN8r/+v/5///T//fv/Qf9f/3+Q6P/r/5eh/6//Pwjr1//X/6d3/db/j9z/82lmNcn/AAAAUAeR+29IM5P/AQAAoDIi978gzUz+BwAAgMqI3H9jmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+F6aZ1ST/AwAAQB1E7n9Rmpn8DwAAAJURuf/FaWbyPwAAAFRG5P7JNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9N6WZ1ST/AwAAQB1E7t+SZib/AwAAQGVE7r85zUz+BwAAgMqI3L81zawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/S9LMapL/AQAAoA4i99+SZib/AwAAQGVE7n9pmpn8DwAAAJURuX9bmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+l6WZ1ST/AwAAQB1E7r81zUz+BwAAgMqI3H9bmpn8DwAAAJURuX8qzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/y9PMapL/AQAAoA4i99+eZib/AwAAQGVE7p9OM5P/AQAAoDIi98+kmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7fnmZWk/wPAAAAdRC5f0eamfwPAAAAlRG5f2eamfwPAAAAlRG5f1eaWU3yv/6//r/+v/5/0P/X/y9D/1//vwz9f/3/QVi//r/+P73rt/5/5P7daWY1yf8AAABQB5H796SZyf8AAABQGZH796aZyf8AAABQGZH770gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COu/Iv3/B5b+MQD6/1RBv/X/I/fvSzOrSf4HAACAOojc/4o0M/kfAAAAKiNy/y+kmcn/AAAAUBmR+38xzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCs37//r/9P7/qt/x+5f3+aWU3yPwAAANRB5P5XppnJ/wAAAFAZkftflWYm/wMAAEBlRO4/kGZWk/yv/6//r/+v/x/0/wek//8HqzjmCtL/1/8vQ/9f/38Q1q//r/9P7/qt/x+5/9VpZjXJ/wAAAFAHkftfk2Ym/wMAAEBlRO5/bZqZ/A8AAACVEbn/dWlmNcn/+v/6//r/+v9B/39A+v99Rv9f/78M/X/9/0FYv/6//j+967f+f+T+16eZ1ST/AwAAQB1E7v+lNDP5HwAAACojcv8b0szkfwAAAKiMyP13ppnVJP/r/+v/P139/w3pNvT/2/ad/n+T/r/+/1ro/+v/F2vp/w+lV7D+f9PV7s8P+vr1//X/6V2/9f8j9/9ymllN8j8AAADUQeT+u9LM5H8AAACojMj9d6eZyf8AAABQGZH735hmVpP83/f9/3SH+v9L9v+f2Zj92P8P+v9t+07/v0n/X/9/LfT/9f8L//5/aVe7Pz/o69f/1/+nd/3W/4/cf0+aWU3yPwAAANRB5P5fSTNrz/9L/WUZAAAAMBAi9/9qmpm//wcAAIDKiNz/pjSzmuT/vu//J/r/g/fv/wf9/7Z9p//fpP+v/78W+v/6/4X+f2lXuz8/6OvX/9f/p3f91v+P3P9raWY1yf8AAABQB5H735xmJv8DAABAZUTuf0uamfwPAAAAlRG5/61pZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9+v/6//Su3/r/kfvvTTOrSf4HAACAOojc/7Y0M/kfAAAAKiNy/6+nmcn/AAAAUBmR+38jzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/b6aZ1ST/AwAAQB1E7n97mpn8DwAAAJURuf+30szkfwAAAKiMyP2/nWZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5/3fSzGqS/wEAAKAOIvf/bpqZ/A8AAACVEbn/YJqZ/A8AAACVEbn/HWlmNcn/+v/6//r/+v9B/1//vwz9f/3/MvT/9f8HYf36//r/9K7f+v+R+w+lmdUk/wMAAEAdRO7/vTQz+R8AAAAqI3L/4TQz+R8AAAAqI3L/kTSzmuR//X/9f/1//f+g/6//X4b+v/5/Gfr/+v9huSfkaq9/vfr/I4X+P/XVb/3/yP2zaWY1yf8AAABQB5H7j6aZyf8AAABQGZH7j6WZyf8AAABQGZH735lmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENbv3//X/6d3/db/j9x/PM2sJvkfAAAA6iBy/7vSzOR/AAAAqIzI/e9OM5P/AQAAoDIi959IM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9x/Ms2sJvkfAAAA6iBy/6k0M/kfAAAAKiNy/+k0M/kfAAAAKiNy/5k0s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+/X/9f3rXb/3/yP2/n2ZWk/wPAAAAdRC5/2yamfwPAAAAlRG5fy7NTP4HAACAyojcfy7NrCb5X/9f/1//X/8/6P/r/5eh////7N3Vi2DZEcfxJiTQT/lv4+7u7u6+cXd3d3d3z0NIuqpCspuEPXdm99yqz+eloBeWw9AP82P4cvX/K/T/+v8zvF//r//nuN36/9z9d4hbhux/AAAAmCB3/x3jFvsfAAAA2sjdf6e4xf4HAACANnL33zluGbL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv1/7v67xC1D9j8AAABMkLv/rnGL/Q8AAABt5O6/W9xi/wMAAEAbufvvHrcM2f/6f/2//l//n/T/+v8V+n/9/wr9v/7/DO/X/+v/OW63/j93/z3iliH7HwAAACbI3X/PuMX+BwAAgDZy998rbrH/AQAAoI3c/feOW4bsf/2//l//r/9P+n/9/wr9v/5/hf5f/3+G9+v/9f8ct1v/n7v/PnHLkP0PAAAAE+Tuv2/cYv8DAABAG7n77xe32P8AAADQRu7++8ctQ/a//l//r//X/yf9v/5/hf5f/79C/6//P8P79f/6f47brf/P3f+AuGXI/gcAAIAJcvc/MG6x/wEAAKCN3P0PilvsfwAAAGgjd/+D45Yh+1//r//X/+v/k/5f/79C/6//X6H/1/+f4f36f/0/x+3W/+fuf0jcMmT/AwAAwAS5+x8at9j/AAAA0Ebu/ofFLfY/AAAAtJG7/+Fxy5D9r//X/+v/9f9J/6//X6H/1/+v0P/r/8/wfv2//p/jduv/c/c/Im4Zsv8BAABggtz9j4xb7H8AAABoI3f/o+KW/9z/l7fkqwAAAIBrKXf/o+OWIf/+r//X/+v/9f9J/6//X6H/1/+v0P/r/8/wfv2//p/jduv/c/c/Jm4Zsv8BAABggtz9j41b7H8AAABoI3f/4+IW+x8AAADayN3/+LhlyP7X/+v/9f/6/6T/1/+v0P/r/1fo//X/Z3i//l//z3G79f+5+58QtwzZ/wAAADBB7v4nxi32PwAAALSRu/9JcYv9DwAAAG3k7n9y3DJk/+v/9f/6f/1/0v/r/1fo//X/K/T/+v8zvF//r//nuN36/9z9T4lbhux/AAAAmCB3/1PjFvsfAAAA2sjd/7S4xf4HAACANnL3Pz1uGbL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv1/7v5nxC1D9j8AAABMkLv/mXGL/Q8AAABt5O5/Vtxi/wMAAEAbufufHbcM2f/6f/2//l//n/T/+v8VDfv/q18B/b/+X/+v/9f/6/85bLf+P3f/c+KWIfsfAAAAJsjd/9y4xf4HAACANnL3Py9usf8BAACgjdz9z49bhux//b/+X/+v/0/6f/3/iob9v+//X1zr/v/yRj/R/+v/z/B+/b/+n+N26/9z978gbhmy/wEAAGCC3P0vjFvsfwAAAGgjd/+L4hb7HwAAANrI3f/iuGXI/tf/6//1//r/pP/X/6/Q/zft/29z4fv/+n/9v/5f/89hu/X/uftfErcM2f8AAAAwQe7+l8Yt9j8AAAC0kbv/ZXGL/Q8AAABt5O5/edwyZP/r//X/+n/9f9L/6/9X6P+b9v/X9Pv/N6b/1/+f4f36f/0/x+3W/+fuf0XcMmT/AwAAwGndjO2eu/+VcVf+HwAAAMDecve/Km6x/wEAAKCN3P2vjluG7H/9v/5/j/7/houber/+X/9/of/fnv5f/79C/6//P8P7r1P/n7+m+n9G2K3/z93/mrhlyP4HAACACXL33xC32P8AAADQRu7+18Yt9j8AAAC0kbv/dXHLkP2v/9f/79H/z/z+/6X+/9/+PPX/+v+bov/X/1/o/5fd2v382d/v+//6f47brf/P3f/6uGXI/gcAAIAJcve/IW6x/wEAAKCN3P1vjFvsfwAAAGgjd/+b4pYh+1//r//X//v+f9L/6/9X6P/1/yv0//r/M7xf/6//57jd+v/c/W+OW4bsfwAAAJggd/9b4hb7HwAAANrI3f/WuMX+BwAAgDZy978tbhmy//X/+n/9v/4/6f/1/yv0//r/Ffp//f8Z3q//1/9z3G79f+7+t8ctQ/Y/AAAATJC7/x1xi/0PAAAAbeTuf2fcYv8DAABAG7n73xW3DNn/+n/9v/5f/5/0//r/Ffp//f8K/b/+/wzv1//r/zlut/4/d/+745Yh+x8AAAAmyN3/nrjF/gcAAIA2cve/N26x/wEAAKCN3P3vi1uG7H/9v/5f/6//T/p//f8K/b/+f4X+X/9/hvfr//X/HLdb/5+7//1xy5D9DwAAABPk7v9A3GL/AwAAQBu5+z8Yt9j/AAAA0Ebu/g/FLUP2v/5f/6//1/8n/b/+f4X+X/+/Qv+v/z/D+/X/+n+O263/z93/4bhlyP4HAACACXL3fyRusf8BAACgjdz9H41b7H8AAABoI3f/x+KWIftf/6//1//r/5P+X/+/Qv+v/1+h/9f/n+H9+n/9P8ft1v/n7v943DJk/wMAAMAEufs/EbfY/wAAANBG7v5Pxi32PwAAALSRu/9T/7y3/dd/GLL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv3/1e6/vPh03DJk/wMAAMAEufs/E7fY/wAAANBG7v7Pxi32PwAAALSRu/9zccuQ/a//1//r//X/Sf+v/1+h/9f/r9D/6//P8H79v/6f43br/3P3fz5uGbL/AQAAYILc/V+IW+x/AAAAaCN3/xfjFvsfAAAA2sjd/6W4Zcj+1//r/3v1/1cpnv7/iv7/iv7/+tL/6/9X6P/1/2d4v/5f/89xu/X/ufu/HLcM2f8AAAAwQe7+r8Qt9j8AAAC0kbv/q3GL/Q8AAABt5O7/WtwyZP/r//X/vfr/K/r/K/r/K/r/60v/r/9fof/X/5/h/fp//T/H7db/5+7/etwyZP8DAADABLn7vxG32P8AAADQRu7+b8Yt9j8AAAC0kbv/W3HLkP2v/9f/6//1/0n/r/9fof/X/6/Q/+v//5vbb/R+/b/+n+N26/9z9387bhmy/wEAAGCC3P3fiVvsfwAAAGgjd/934xb7HwAAANrI3f+9uGXI/tf/6//1//r/pP/X/6/Q/+v/V+j/9f9neL/+X//Pcbv1/7n7vx+3DNn/AAAAMEHu/h/ELfY/AAAAtJG7/4dxi/0PAAAAbeTu/1HcMmT/6//1//p//X/S/+v/V+j/9f8r9P/6/zO8X/+v/+e43fr/3P0/jluG7H8AAACYIHf/T+IW+x8AAADayN3/07jF/gcAAIA2cvf/LG4Zsv/1//p//b/+P+n/9f8r9P/6/xX6f/3/Gd6v/9f/c9z/6v/j7/y3aP+fu//nccuQ/Q8AAAAT5O7/Rdxi/wMAAEAbuft/GbfY/wAAANBG7v5fxS1D9r/+X/+v/9f/J/2//n+F/l//v0L/r/8/w/v1//p/jtvt+/+5+38dtwzZ/wAAADBB7v7fxC32PwAAALSRu/+3cYv9DwAAAG3k7v9d3DJk//+//v92cW/F/j+foP/X/+v/9f/6/w3p//X/K/T/+v8zvF//r//nuN36/9z9v49bhux/AAAAmCB3/x/iFvsfAAAA2sjd/8e4xf4HAACANnL3/yluGbL/ff9f/6//1/8n/b/+f4X+X/+/Ynz//48f6/+3f7/+X//Pcbv1/7n7/xy3DNn/AAAAMEHu/r/ELfY/AAAAtJG7/69xi/0PAAAAbeTu/1vcMmT/6//1//p//X/S/+v/V+j/9f8rxvf/vv9/ivfr//X/HLdb/5+7/+8BAAD//xKBZe0=")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)
mkdir(&(0x7f0000000280)='./file1\x00', 0x9f550acf755c461f)
symlink(&(0x7f00000008c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='./file2\x00')

297.068914ms ago: executing program 2 (id=18173):
capset(&(0x7f0000001440)={0x19980330}, &(0x7f0000001400)={0x0, 0x2})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil)
syz_clone(0x85240000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)

231.226225ms ago: executing program 1 (id=18174):
r0 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x800})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}], &(0x7f0000001540)=[0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}], 0x0, 0x1}, 0x20)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
read$msr(r1, &(0x7f0000000180)=""/174, 0xae)

36.941651ms ago: executing program 1 (id=18175):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x5)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2810010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

12.8036ms ago: executing program 2 (id=18176):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)
syz_80211_join_ibss(&(0x7f0000000280)='wlan0\x00', &(0x7f00000002c0)=@default_ap_ssid, 0x6, 0x0)

0s ago: executing program 9 (id=18177):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='/proc/1/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_open_dev$media(&(0x7f0000000000), 0x2, 0x0)

kernel console output (not intermixed with test programs):

4-1: new high-speed USB device number 91 using dummy_hcd
[ 1804.554178][T13495] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1804.593626][T13495] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1804.604613][T13495] bridge_slave_0: entered allmulticast mode
[ 1804.624627][T12309] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1804.634485][T13495] bridge_slave_0: entered promiscuous mode
[ 1804.643989][T12309] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1804.659921][T13495] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1804.685398][T12309] usb 4-1: Product: syz
[ 1804.689598][T12309] usb 4-1: Manufacturer: syz
[ 1804.697348][T13495] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1804.711103][T12309] usb 4-1: SerialNumber: syz
[ 1804.722942][T13495] bridge_slave_1: entered allmulticast mode
[ 1804.768489][T13495] bridge_slave_1: entered promiscuous mode
[ 1805.042038][T13495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1805.092790][T13495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1805.234698][T13495] team0: Port device team_slave_0 added
[ 1805.264276][T13495] team0: Port device team_slave_1 added
[ 1805.336656][T12309] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO
[ 1805.364385][T12309] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1805.402059][T12309] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1805.415901][T13495] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1805.450609][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1805.479885][T12309] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[ 1805.544472][T12309] usb 4-1: USB disconnect, device number 91
[ 1805.550614][T13495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1805.591988][T13495] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1805.598962][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1805.676604][T13495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1805.902312][T13495] hsr_slave_0: entered promiscuous mode
[ 1805.911627][T13075] Bluetooth: hci4: command tx timeout
[ 1805.923221][T13495] hsr_slave_1: entered promiscuous mode
[ 1805.956861][T13495] debugfs: 'hsr0' already exists in 'hsr'
[ 1805.962952][T13495] Cannot create hsr debugfs directory
[ 1806.073490][T13657] input: syz1 as /devices/virtual/input/input150
[ 1806.424663][T13667] team0: Device gtp0 is of different type
[ 1807.002845][T13676] loop3: detected capacity change from 0 to 8192
[ 1807.692106][T13495] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1807.723791][T13495] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1807.779949][T13495] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1807.805504][T13495] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1808.138355][T13495] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1808.209443][T13495] 8021q: adding VLAN 0 to HW filter on device team0
[ 1808.263406][T32718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1808.270640][T32718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1808.283679][T13702] loop3: detected capacity change from 0 to 64
[ 1808.308359][T32718] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1808.315601][T32718] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1808.975406][T13723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17023'.
[ 1808.991691][ T5980] kernel write not supported for file /snd/pcmC0D0p (pid: 5980 comm: kworker/1:5)
[ 1809.317588][T13495] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1809.353821][T13730] loop3: detected capacity change from 0 to 1024
[ 1809.573669][T32730] hfsplus: b-tree write err: -5, ino 4
[ 1810.586364][T13495] veth0_vlan: entered promiscuous mode
[ 1810.639228][T13495] veth1_vlan: entered promiscuous mode
[ 1810.753801][T13495] veth0_macvtap: entered promiscuous mode
[ 1810.823689][T13495] veth1_macvtap: entered promiscuous mode
[ 1810.908805][T13495] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1810.968130][T13495] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1811.052747][T32718] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.087779][T32718] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.116012][T32718] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.147320][T32718] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.167331][T13778] Bluetooth: MGMT ver 1.23
[ 1811.450625][T13786] bridge0: left allmulticast mode
[ 1811.583339][T32718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1811.600843][T32718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1811.778554][T32741] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1811.802079][T32741] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1812.033471][ T5980] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1812.167951][T13803] loop7: detected capacity change from 0 to 1024
[ 1812.245204][ T5980] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1812.298852][ T5980] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1812.333410][ T5980] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1812.368775][ T5980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1812.405076][T13796] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1812.432672][ T5980] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1812.636367][ T5980] usb 3-1: USB disconnect, device number 29
[ 1812.864453][T13813] loop7: detected capacity change from 0 to 128
[ 1812.999399][T13813] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1813.131204][T13813] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1813.579504][T13495] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1813.671169][T13828] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1813.773711][T13828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1814.340106][T13844] netdevsim netdevsim7 netdevsim0: entered promiscuous mode
[ 1815.315313][T13863] netlink: zone id is out of range
[ 1815.370363][T13863] netlink: zone id is out of range
[ 1815.460817][T13863] netlink: set zone limit has 4 unknown bytes
[ 1816.490648][T11394] usb 3-1: new low-speed USB device number 30 using dummy_hcd
[ 1816.682817][T11394] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[ 1816.689734][T13890] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1816.699075][T11394] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[ 1816.725991][T11394] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1816.749930][T11394] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[ 1816.773915][T11394] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 246
[ 1816.807492][T13890] bond0: (slave rose0): Enslaving as an active interface with an up link
[ 1816.812232][T11394] usb 3-1: string descriptor 0 read error: -22
[ 1816.847332][T11394] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[ 1816.873954][T13895] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1816.881332][T13895] IPv6: NLM_F_CREATE should be set when creating new route
[ 1816.888579][T13895] IPv6: NLM_F_CREATE should be set when creating new route
[ 1816.901661][T11394] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1816.929106][T11394] usb 3-1: config 0 descriptor??
[ 1816.955696][T11394] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1816.980878][T11394] hub 3-1:0.0: probe with driver hub failed with error -5
[ 1817.184569][T13883] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17090'.
[ 1817.331125][ T5980] usb 3-1: USB disconnect, device number 30
[ 1817.914942][T13914] openvswitch: netlink: IPv4 tunnel dst address is zero
[ 1817.998243][T13903] loop3: detected capacity change from 0 to 32768
[ 1818.060097][T13903] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1818.160461][T13903] XFS (loop3): Ending clean mount
[ 1818.353895][T13072] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1819.848837][T13944] loop7: detected capacity change from 0 to 32768
[ 1819.876912][T13944] btrfs: Deprecated parameter 'usebackuproot'
[ 1819.899702][T13944] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1819.932107][T13944] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.17117 (13944)
[ 1819.947853][T13968] loop3: detected capacity change from 0 to 4096
[ 1819.973946][T13944] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1820.012049][T13944] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[ 1820.036456][T13971] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1820.061687][T13944] workqueue: max_active 65524 requested for btrfs-worker is out of range, clamping between 1 and 2048
[ 1820.163210][T13944] workqueue: max_active 65524 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[ 1820.234962][T13944] workqueue: max_active 65524 requested for btrfs-endio is out of range, clamping between 1 and 2048
[ 1820.247804][T13944] workqueue: max_active 65524 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[ 1820.263800][T13944] workqueue: max_active 65524 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[ 1820.287238][T13982] netlink: 'syz.0.17130': attribute type 62 has an invalid length.
[ 1820.320675][T13944] workqueue: max_active 65524 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[ 1820.334288][T13944] workqueue: max_active 65524 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[ 1820.448054][T13944] BTRFS info (device loop7): rebuilding free space tree
[ 1820.541420][T13944] BTRFS info (device loop7): enabling ssd optimizations
[ 1820.548412][T13944] BTRFS info (device loop7): using spread ssd allocation scheme
[ 1820.599879][T13944] BTRFS info (device loop7): enabling free space tree
[ 1820.612667][T13944] BTRFS info (device loop7): force clearing of disk cache
[ 1820.619922][T13944] BTRFS info (device loop7): enabling auto defrag
[ 1820.630079][T13944] BTRFS info (device loop7): doing ref verification
[ 1820.644562][T13944] BTRFS info (device loop7): trying to use backup root at mount time
[ 1820.656682][T13944] BTRFS info (device loop7): force lzo compression, level 0
[ 1820.673738][T13944] BTRFS info (device loop7): max_inline set to 4096
[ 1820.783169][T13495] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1820.873278][T14005] loop3: detected capacity change from 0 to 2048
[ 1820.887502][T14005] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1820.962730][T14005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1821.031725][   T30] audit: type=1800 audit(2000000300.009:5555): pid=14005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.17137" name="bus" dev="loop3" ino=18 res=0 errno=0
[ 1821.052305][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1821.102781][T14005] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.17137: bg 0: block 234: padding at end of block bitmap is not set
[ 1821.128785][T14005] EXT4-fs (loop3): Remounting filesystem read-only
[ 1821.327557][T13072] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1821.820840][ T5980] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1821.828750][T14025] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17144'.
[ 1821.841642][T14025] netlink: 12 bytes leftover after parsing attributes in process `syz.0.17144'.
[ 1822.135553][ T5980] usb 5-1: config 0 has no interfaces?
[ 1822.144507][ T5980] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[ 1822.164325][ T5980] usb 5-1: New USB device strings: Mfr=1, Product=234, SerialNumber=2
[ 1822.197422][ T5980] usb 5-1: Product: syz
[ 1822.210608][ T5980] usb 5-1: Manufacturer: syz
[ 1822.224803][T14032] loop3: detected capacity change from 0 to 512
[ 1822.232412][ T5980] usb 5-1: SerialNumber: syz
[ 1822.249435][T14032] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1822.281269][ T5980] usb 5-1: config 0 descriptor??
[ 1822.350684][T14032] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:482: comm syz.3.17147: Invalid block bitmap block 0 in block_group 0
[ 1822.401234][T14032] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[ 1822.435190][T14032] EXT4-fs error (device loop3): ext4_clear_blocks:874: inode #11: comm syz.3.17147: attempt to clear invalid blocks 983261 len 1
[ 1822.536883][T14032] EXT4-fs error (device loop3): __ext4_get_inode_loc:4860: comm syz.3.17147: Invalid inode table block 0 in block_group 0
[ 1822.558436][ T5980] usb 5-1: USB disconnect, device number 3
[ 1822.605384][T14032] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[ 1822.634129][T14032] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1822.640860][T14039] block nbd4: server does not support multiple connections per device.
[ 1822.659361][T14032] EXT4-fs error (device loop3): __ext4_get_inode_loc:4860: comm syz.3.17147: Invalid inode table block 0 in block_group 0
[ 1822.666223][T14039] block nbd4: shutting down sockets
[ 1822.734640][T14032] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[ 1822.786473][T14032] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.17147: mark_inode_dirty error
[ 1822.786808][   T30] audit: type=1326 audit(2000000301.759:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1822.843156][T14032] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1822.894234][T14032] EXT4-fs error (device loop3): __ext4_get_inode_loc:4860: comm syz.3.17147: Invalid inode table block 0 in block_group 0
[ 1822.907190][   T30] audit: type=1326 audit(2000000301.809:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1822.939198][   T30] audit: type=1326 audit(2000000301.809:5558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1822.962723][   T30] audit: type=1326 audit(2000000301.809:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1822.985417][   T30] audit: type=1326 audit(2000000301.809:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1823.042304][T14032] EXT4-fs (loop3): 1 truncate cleaned up
[ 1823.052123][T14032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1823.070568][   T30] audit: type=1326 audit(2000000301.809:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1823.140931][   T30] audit: type=1326 audit(2000000301.809:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2c58ebe9 code=0x7ffc0000
[ 1823.246939][   T30] audit: type=1326 audit(2000000301.819:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0a2c585ba7 code=0x7ffc0000
[ 1823.288785][   T30] audit: type=1326 audit(2000000301.819:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14044 comm="syz.0.17154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0a2c52adb9 code=0x7ffc0000
[ 1823.339175][T14057] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1823.374432][T14032] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1823.509617][T13072] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1823.737350][T14069] sit0: entered promiscuous mode
[ 1823.757675][T14069] netlink: 'syz.2.17166': attribute type 1 has an invalid length.
[ 1823.797970][T14069] netlink: 1 bytes leftover after parsing attributes in process `syz.2.17166'.
[ 1823.813152][   T10] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[ 1823.972748][   T10] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[ 1823.981104][   T10] usb 5-1: config 0 has no interface number 0
[ 1823.998800][   T10] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[ 1824.031912][   T10] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1824.059417][   T10] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1824.083205][   T10] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1824.092693][   T10] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1824.111535][   T10] usb 5-1: Product: syz
[ 1824.122560][   T10] usb 5-1: SerialNumber: syz
[ 1824.138390][   T10] usb 5-1: config 0 descriptor??
[ 1824.140989][   T44] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1824.151737][   T10] cm109 5-1:0.8: invalid payload size 0, expected 4
[ 1824.173935][   T10] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input151
[ 1824.345746][   T44] usb 2-1: Using ep0 maxpacket: 16
[ 1824.368883][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1824.368952][   T44] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1824.368999][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1824.372201][   T44] usb 2-1: config 0 descriptor??
[ 1824.872647][   T44] mcp2221 0003:04D8:00DD.0129: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[ 1825.040252][T14079] loop3: detected capacity change from 0 to 32768
[ 1825.188469][T14079] find_entry called with index = 0
[ 1825.209605][T14079] read_mapping_page failed!
[ 1825.209649][T14079] ERROR: (device loop3): txAbort: 
[ 1825.209649][T14079] 
[ 1825.418356][T20436] usb 2-1: USB disconnect, device number 15
[ 1825.459374][T13072] ERROR: (device loop3): diFree: wmap shows inode already free
[ 1825.459374][T13072] 
[ 1825.722753][    C0] cm109_urb_ctl_callback: 52 callbacks suppressed
[ 1825.722787][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.736396][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.744263][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.751449][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.759813][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.766964][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.774801][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.781958][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.789181][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.796420][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1825.804863][   T10] usb 5-1: USB disconnect, device number 4
[ 1825.810763][    C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1825.838115][   T10] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1826.501516][   T10] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[ 1826.663056][   T10] usb 3-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[ 1826.687779][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1826.731090][   T10] usb 3-1: config 0 descriptor??
[ 1826.772139][   T10] usb 3-1: selecting invalid altsetting 3
[ 1826.777907][   T10] comedi comedi4: could not set alternate setting 3 in high speed
[ 1826.814992][   T10] usbduxsigma 3-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[ 1826.847031][   T10] usbduxsigma 3-1:0.0: probe with driver usbduxsigma failed with error -22
[ 1827.048895][T14118] loop3: detected capacity change from 0 to 64
[ 1827.131139][T14118] overlay: filesystem on ./file0 not supported
[ 1827.276171][   T10] usb 3-1: USB disconnect, device number 31
[ 1827.331946][T13072] VFS: Lookup of '�.' in minix loop3 would have caused loop
[ 1827.358623][T13072] VFS: Lookup of '�.' in minix loop3 would have caused loop
[ 1827.849722][T14129] loop7: detected capacity change from 0 to 128
[ 1827.888451][T14129] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1827.949473][T14129] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1828.100931][T14129] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1828.256419][T32741] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1828.341560][T13495] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1828.649273][T32741] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1828.979137][T32741] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1829.735028][T32741] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1830.005643][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1830.005669][   T30] audit: type=1400 audit(2000000308.969:5574): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=14172 comm=""
[ 1830.044547][ T4525] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1830.057066][ T4525] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1830.077037][ T4525] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1830.100772][ T4525] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1830.113066][ T4525] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1830.684177][T14194] netlink: 'syz.7.17224': attribute type 27 has an invalid length.
[ 1830.711942][T14194] netlink: 'syz.7.17224': attribute type 1 has an invalid length.
[ 1830.720056][T14194] bridge0: port 1(bridge_slave_0) entered learning state
[ 1831.170892][T32741] bridge_slave_1: left allmulticast mode
[ 1831.191338][T32741] bridge_slave_1: left promiscuous mode
[ 1831.197147][T32741] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1831.329413][T32741] bridge_slave_0: left allmulticast mode
[ 1831.341299][T32741] bridge_slave_0: left promiscuous mode
[ 1831.347088][T32741] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1831.638331][ T5931] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1831.811113][ T5931] usb 2-1: Using ep0 maxpacket: 32
[ 1831.820422][ T5931] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1831.832106][ T5931] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1831.846916][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1831.865377][ T5931] usb 2-1: Product: syz
[ 1831.875102][ T5931] usb 2-1: Manufacturer: syz
[ 1831.879976][ T5931] usb 2-1: SerialNumber: syz
[ 1831.894038][ T5931] usb 2-1: config 0 descriptor??
[ 1832.229767][T13075] Bluetooth: hci5: command tx timeout
[ 1832.357084][ T5931] gs_usb 2-1:0.0: Configuring for 1 interfaces
[ 1832.570065][T32741] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1832.597685][T32741] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1832.605723][T14236] loop7: detected capacity change from 0 to 2048
[ 1832.636457][T32741] bond0 (unregistering): Released all slaves
[ 1832.686408][T14238] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1832.699015][T14176] chnl_net:caif_netlink_parms(): no params data found
[ 1832.759571][ T5931] gs_usb 2-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[ 1832.771444][T14234] team0: No ports can be present during mode change
[ 1832.806529][ T5931] gs_usb 2-1:0.0: Couldn't register candev for channel 0 (-EINVAL)
[ 1832.858332][ T5931] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22
[ 1832.953907][ T5931] usb 2-1: USB disconnect, device number 16
[ 1833.455634][T14252] sctp: [Deprecated]: syz.4.17247 (pid 14252) Use of int in max_burst socket option.
[ 1833.455634][T14252] Use struct sctp_assoc_value instead
[ 1833.843701][T14176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1833.871848][T14176] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1833.879164][T14176] bridge_slave_0: entered allmulticast mode
[ 1833.912936][T14176] bridge_slave_0: entered promiscuous mode
[ 1833.999416][T14176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1834.010701][T14176] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1834.040402][T14176] bridge_slave_1: entered allmulticast mode
[ 1834.068395][T14176] bridge_slave_1: entered promiscuous mode
[ 1834.304555][T13075] Bluetooth: hci5: command tx timeout
[ 1834.548610][T14176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1834.631207][T12309] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1834.643791][T14176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1834.776590][T32741] hsr_slave_0: left promiscuous mode
[ 1834.811744][T32741] hsr_slave_1: left promiscuous mode
[ 1834.825834][T12309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[ 1834.838110][T32741] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1834.856372][T12309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1834.873107][T32741] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1834.880383][T12309] usb 5-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[ 1834.889683][T12309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1834.899987][T32741] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1834.910147][T32741] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1834.918405][T12309] usb 5-1: config 0 descriptor??
[ 1835.004287][T32741] veth1_macvtap: left promiscuous mode
[ 1835.009883][T32741] veth0_macvtap: left promiscuous mode
[ 1835.032067][T32741] veth1_vlan: left promiscuous mode
[ 1835.037412][T32741] veth0_vlan: left promiscuous mode
[ 1835.355153][T12309] aquacomputer_d5next 0003:0C70:F011.012A: hidraw0: USB HID v0.00 Device [HID 0c70:f011] on usb-dummy_hcd.4-1/input0
[ 1835.552681][T12309] usb 5-1: USB disconnect, device number 5
[ 1836.131443][T32741] team0 (unregistering): Port device team_slave_1 removed
[ 1836.252826][T32741] team0 (unregistering): Port device team_slave_0 removed
[ 1836.396682][T13075] Bluetooth: hci5: command tx timeout
[ 1837.317148][T14287] netlink: 830 bytes leftover after parsing attributes in process `syz.0.17263'.
[ 1837.342251][T14176] team0: Port device team_slave_0 added
[ 1837.371820][T14176] team0: Port device team_slave_1 added
[ 1837.590252][T14176] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1837.624647][T14176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1837.702166][T14176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1837.737066][T14176] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1837.761956][T14176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1837.822849][T14176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1838.023928][T14176] hsr_slave_0: entered promiscuous mode
[ 1838.051600][T14176] hsr_slave_1: entered promiscuous mode
[ 1838.057975][T14176] debugfs: 'hsr0' already exists in 'hsr'
[ 1838.096316][T14176] Cannot create hsr debugfs directory
[ 1838.460628][T13075] Bluetooth: hci5: command tx timeout
[ 1838.567162][T14325] openvswitch: netlink: VXLAN extension 2 out of range max 1
[ 1839.290565][ T5931] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1839.442920][ T5931] usb 3-1: Using ep0 maxpacket: 32
[ 1839.445155][T14176] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1839.462743][ T5931] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1839.472484][T14176] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1839.495295][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1839.524717][T14176] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1839.530513][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1839.580842][ T5931] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1839.584725][T14176] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1839.620683][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1839.660684][ T5931] usb 3-1: config 0 descriptor??
[ 1839.667226][T14335] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1839.686766][ T5931] hub 3-1:0.0: USB hub found
[ 1839.897926][ T5931] hub 3-1:0.0: 2 ports detected
[ 1839.942242][T14176] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1840.001277][T14176] 8021q: adding VLAN 0 to HW filter on device team0
[ 1840.079250][T32741] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1840.086467][T32741] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1840.114426][T32741] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1840.121660][T32741] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1840.308702][ T5931] hub 3-1:0.0: set hub depth failed
[ 1840.345921][ T5931] usb 3-1: USB disconnect, device number 32
[ 1840.422252][T14341] loop7: detected capacity change from 0 to 32768
[ 1840.444302][T14341] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.17289 (14341)
[ 1840.488601][T14341] BTRFS info (device loop7): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1840.521349][T14341] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[ 1840.566907][T14341] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1840.709886][T14176] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1840.724202][T14341] BTRFS info (device loop7): rebuilding free space tree
[ 1840.789474][T14341] BTRFS info (device loop7): disabling free space tree
[ 1840.821053][T14341] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1840.832393][T14341] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1840.876161][T14341] BTRFS info (device loop7): enabling ssd optimizations
[ 1840.887775][T14341] BTRFS info (device loop7): enabling disk space caching
[ 1840.905854][T14341] BTRFS info (device loop7): force clearing of disk cache
[ 1840.930581][T14341] BTRFS info (device loop7): use zstd compression, level 3
[ 1841.518716][T13495] BTRFS info (device loop7): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1841.902409][T14176] veth0_vlan: entered promiscuous mode
[ 1841.976875][T14176] veth1_vlan: entered promiscuous mode
[ 1842.133599][T14176] veth0_macvtap: entered promiscuous mode
[ 1842.178524][T14176] veth1_macvtap: entered promiscuous mode
[ 1842.284927][T14176] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1842.342252][T14176] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1842.431487][T10947] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.508300][T10947] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.527865][T10947] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.587124][T10947] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.812343][T32741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1842.842937][T32741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1842.950738][  T598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1842.991621][  T598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1843.338629][T14410] loop7: detected capacity change from 0 to 2048
[ 1843.416213][T14418] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1843.524658][   T30] audit: type=1800 audit(2000000578.500:5575): pid=14410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.17317" name="file2" dev="loop7" ino=16 res=0 errno=0
[ 1843.922762][T14424] loop8: detected capacity change from 0 to 128
[ 1844.015560][T14424] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1844.299235][T32741] FAT-fs (loop8): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1844.404893][T14435] netlink: zone id is out of range
[ 1844.444062][T14435] netlink: zone id is out of range
[ 1844.572028][T14435] netlink: set zone limit has 4 unknown bytes
[ 1845.405010][T14455] ptrace attach of "./syz-executor exec"[5868] was attempted by "./syz-executor exec"[14455]
[ 1846.275219][T14472] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1846.823942][   T30] audit: type=1326 audit(2000000581.800:5576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14482 comm="syz.7.17330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247938ebe9 code=0x7fc00000
[ 1846.883847][T14487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17337'.
[ 1847.403381][T14479] loop8: detected capacity change from 0 to 32768
[ 1847.409963][   T30] audit: type=1326 audit(2000000582.380:5577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14482 comm="syz.7.17330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f247938ebe9 code=0x7fc00000
[ 1847.435827][T14479] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.17334 (14479)
[ 1847.479549][T14479] BTRFS info (device loop8): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1847.520297][T14479] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[ 1847.527676][T14505] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1847.551593][T14479] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1847.686035][T14479] BTRFS info (device loop8): rebuilding free space tree
[ 1847.743595][T14479] BTRFS info (device loop8): disabling free space tree
[ 1847.771290][ T5931] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1847.780657][T14479] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1847.823427][T14479] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1847.846717][T14479] BTRFS info (device loop8): enabling ssd optimizations
[ 1847.871521][T14479] BTRFS info (device loop8): enabling disk space caching
[ 1847.889516][T14479] BTRFS info (device loop8): force clearing of disk cache
[ 1847.906557][T14479] BTRFS info (device loop8): use zstd compression, level 3
[ 1847.944260][ T5931] usb 5-1: Using ep0 maxpacket: 16
[ 1847.944584][T14528] netlink: 'syz.7.17349': attribute type 29 has an invalid length.
[ 1847.963180][ T5931] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1847.968053][T14528] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17349'.
[ 1847.991888][ T5931] usb 5-1: config 0 has no interface number 0
[ 1848.025513][ T5931] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1848.061840][ T5931] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1848.105207][ T5931] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1848.133237][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1848.144872][T14532] A link change request failed with some changes committed already. Interface veth0_virt_wifi may have been left with an inconsistent configuration, please check.
[ 1848.164177][ T5931] usb 5-1: config 0 descriptor??
[ 1848.220210][T14176] BTRFS info (device loop8): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1848.275356][T14534] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.17351'.
[ 1848.573858][T14539] loop7: detected capacity change from 0 to 1024
[ 1848.667181][T14539] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1848.791878][ T5931] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.012B/input/input152
[ 1848.805443][T14544] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17355'.
[ 1848.863633][ T5931] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.012B/input/input153
[ 1848.917559][ T5931] uclogic 0003:28BD:0071.012B: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.4-1/input1
[ 1849.064562][T10930] usb 5-1: USB disconnect, device number 6
[ 1849.220418][T13495] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1849.485571][T14554] loop8: detected capacity change from 0 to 4096
[ 1849.536118][T14554] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[ 1849.604590][T14554] ntfs3(loop8): Failed to initialize $Secure::$SII (-22).
[ 1849.619650][T14554] ntfs3(loop8): Failed to initialize $Secure (-22).
[ 1849.691917][T14562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17360'.
[ 1849.730811][T14562] netlink: 'syz.2.17360': attribute type 7 has an invalid length.
[ 1849.771339][T14562] netlink: 'syz.2.17360': attribute type 8 has an invalid length.
[ 1849.779161][T14562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17360'.
[ 1850.260038][T14571] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.17365'.
[ 1850.804992][T14563] loop7: detected capacity change from 0 to 131072
[ 1850.940200][T14563] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1850.970630][T14563] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1851.051785][T14563] F2FS-fs (loop7): sanity_check_inode: inode (ino=4) has corrupted i_extra_isize: 6, max: 36
[ 1851.360638][T11394] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 1851.561688][T11394] usb 9-1: Using ep0 maxpacket: 16
[ 1851.599118][T11394] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1851.627479][T11394] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1851.652321][T11394] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1851.699361][T11394] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1851.722027][T11394] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1851.781692][T12309] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1851.801805][T11394] usb 9-1: config 0 descriptor??
[ 1851.943119][T12309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1851.968560][T12309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1852.008765][T12309] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1852.048770][T12309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1852.083994][T12309] usb 3-1: config 0 descriptor??
[ 1852.243696][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.263469][T11394] microsoft 0003:045E:07DA.012C: ignoring exceeding usage max
[ 1852.302171][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.326879][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.344702][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.364998][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.384935][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.400608][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.418121][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.434581][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.453332][T11394] microsoft 0003:045E:07DA.012C: unknown main item tag 0x0
[ 1852.529589][T11394] microsoft 0003:045E:07DA.012C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[ 1852.550604][   T30] audit: type=1800 audit(2000000587.510:5578): pid=14612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.17381" name="SYSV00000000" dev="tmpfs" ino=6 res=0 errno=0
[ 1852.598439][T12309] hid-steam 0003:28DE:1142.012D: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1852.610287][T11394] microsoft 0003:045E:07DA.012C: no inputs found
[ 1852.634223][T11394] microsoft 0003:045E:07DA.012C: could not initialize ff, continuing anyway
[ 1852.710600][T12309] hid-steam 0003:28DE:1142.012D: Steam wireless receiver connected
[ 1852.751055][T12309] hid-steam 0003:28DE:1142.012D: No HID_FEATURE_REPORT submitted -  nothing to read
[ 1852.776138][T14600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1852.799938][T14600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1852.859346][T11394] usb 9-1: USB disconnect, device number 42
[ 1852.865865][T12309] hid-steam 0003:28DE:1142.012E: hidraw1: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1852.918948][T12309] usb 3-1: USB disconnect, device number 33
[ 1852.954222][T12309] hid-steam 0003:28DE:1142.012D: Steam wireless receiver disconnected
[ 1854.221679][ T5931] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1854.372412][ T5931] usb 2-1: Using ep0 maxpacket: 32
[ 1854.393453][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1854.424718][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1854.452714][ T5931] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1854.469143][ T5931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1854.507363][ T5931] usb 2-1: config 0 descriptor??
[ 1855.152948][ T5931] ft260 0003:0403:6030.012F: chip code: 6424 8183
[ 1855.311013][T12309] kernel write not supported for file /40/loginuid (pid: 12309 comm: kworker/0:5)
[ 1855.620974][   T44] usb 2-1: USB disconnect, device number 17
[ 1856.422011][T12309] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[ 1856.581855][T12309] usb 9-1: Using ep0 maxpacket: 32
[ 1856.601170][T12309] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1856.631103][T12309] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1856.653038][T12309] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1856.685097][T12309] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1856.722455][T12309] usb 9-1: config 0 descriptor??
[ 1856.742516][T12309] hub 9-1:0.0: USB hub found
[ 1856.949471][T12309] hub 9-1:0.0: config failed, can't read hub descriptor (err -90)
[ 1857.352137][T14752] netlink: 'syz.2.17443': attribute type 9 has an invalid length.
[ 1857.386185][T12309] hid-generic 0003:046D:C31C.0130: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.8-1/input0
[ 1857.408299][T14752] netlink: 'syz.2.17443': attribute type 6 has an invalid length.
[ 1857.425766][T14752] netlink: 'syz.2.17443': attribute type 7 has an invalid length.
[ 1857.434072][T14752] netlink: 'syz.2.17443': attribute type 8 has an invalid length.
[ 1857.706038][T12309] usb 9-1: USB disconnect, device number 43
[ 1858.065107][T14773] loop7: detected capacity change from 0 to 128
[ 1858.114594][ T5931] Process accounting resumed
[ 1858.327600][T14785] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17454'.
[ 1858.862233][T13075] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[ 1858.876210][T11808] Bluetooth: hci6: command 0xfc11 tx timeout
[ 1859.661760][T11808] Bluetooth: hci1: command 0x0406 tx timeout
[ 1859.880869][ T5980] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 1860.043486][ T5980] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1860.074879][ T5980] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 96, setting to 64
[ 1860.096801][ T5980] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1860.118333][ T5980] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1860.135361][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1860.160633][ T5980] usb 2-1: SerialNumber: syz
[ 1860.170746][ T5931] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1860.179349][T14818] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1860.190018][ T5980] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1860.196992][ T5980] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1860.332502][ T5931] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1860.350807][ T5931] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1860.371469][ T5931] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1860.402375][ T5931] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1860.417801][ T5931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1860.421407][T14818] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1860.436243][ T5931] usb 5-1: Product: syz
[ 1860.440419][ T5931] usb 5-1: Manufacturer: syz
[ 1860.467709][ T5931] usb 5-1: SerialNumber: syz
[ 1860.714887][ T5931] cdc_ncm 5-1:1.0: skipping garbage
[ 1860.720246][ T5931] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1860.741653][ T5931] cdc_ncm 5-1:1.0: bind() failure
[ 1860.770697][ T5931] usb 5-1: USB disconnect, device number 7
[ 1860.871359][T14829] loop8: detected capacity change from 0 to 40427
[ 1860.880163][T14829] F2FS-fs (loop8): build fault injection rate: 14
[ 1860.896459][ T5980] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 1860.898847][T14829] F2FS-fs (loop8): build fault injection type: 0x3bfe8c
[ 1860.924052][T14829] F2FS-fs (loop8): invalid crc value
[ 1860.936161][    C1] F2FS-fs (loop8): inject read IO error in f2fs_read_end_io of bio_endio+0x713/0x860
[ 1860.960799][    C0] F2FS-fs (loop8): inject read IO error in f2fs_read_end_io of bio_endio+0x713/0x860
[ 1861.026076][T14829] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1861.035158][T14829] F2FS-fs (loop8): inject page alloc in f2fs_grab_cache_folio of f2fs_recover_fsync_data+0x49d/0x98b0
[ 1861.054296][T14829] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1861.073599][T14829] F2FS-fs (loop8): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0
[ 1861.089160][T14829] F2FS-fs (loop8): inject dquot initialize in f2fs_dquot_initialize of f2fs_convert_inline_inode+0x482/0x1080
[ 1861.110887][ T4525] Bluetooth: hci6: command 0x1003 tx timeout
[ 1861.112060][T13075] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1861.190954][ T5931] usb 2-1: USB disconnect, device number 18
[ 1861.200179][ T5931] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[ 1861.239169][T14176] syz-executor: attempt to access beyond end of device
[ 1861.239169][T14176] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1861.261854][T14176] CPU: 0 UID: 0 PID: 14176 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 1861.261900][T14176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1861.261923][T14176] Call Trace:
[ 1861.261935][T14176]  <TASK>
[ 1861.261950][T14176]  dump_stack_lvl+0x16c/0x1f0
[ 1861.262016][T14176]  f2fs_handle_critical_error+0x624/0x9f0
[ 1861.262075][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.262120][T14176]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1861.262173][T14176]  f2fs_write_end_io+0x958/0xcf0
[ 1861.262231][T14176]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1861.262290][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.262346][T14176]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1861.262398][T14176]  bio_endio+0x713/0x860
[ 1861.262464][T14176]  submit_bio_noacct+0x306/0x1ed0
[ 1861.262525][T14176]  __submit_merged_bio+0x33c/0x770
[ 1861.262584][T14176]  __submit_merged_write_cond+0x319/0x3f0
[ 1861.262648][T14176]  f2fs_write_cache_pages+0x2067/0x2570
[ 1861.262739][T14176]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1861.262806][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.262851][T14176]  ? __lock_acquire+0x62e/0x1ce0
[ 1861.262920][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.262964][T14176]  ? __lock_acquire+0x62e/0x1ce0
[ 1861.263071][T14176]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1861.263165][T14176]  ? __lock_acquire+0x62e/0x1ce0
[ 1861.263231][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.263284][T14176]  f2fs_write_data_pages+0x4ad/0xd90
[ 1861.263354][T14176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1861.263411][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.263467][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.263517][T14176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1861.263580][T14176]  do_writepages+0x27a/0x600
[ 1861.263635][T14176]  ? __pfx_do_writepages+0x10/0x10
[ 1861.263680][T14176]  ? do_raw_spin_unlock+0x172/0x230
[ 1861.263721][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.263764][T14176]  ? _raw_spin_unlock+0x28/0x50
[ 1861.263818][T14176]  filemap_fdatawrite_wbc+0x104/0x160
[ 1861.263871][T14176]  __filemap_fdatawrite_range+0xb9/0x100
[ 1861.263931][T14176]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[ 1861.264059][T14176]  ? find_held_lock+0x2b/0x80
[ 1861.264107][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264152][T14176]  ? do_raw_spin_unlock+0x172/0x230
[ 1861.264193][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264245][T14176]  f2fs_sync_dirty_inodes+0x2a9/0x990
[ 1861.264305][T14176]  block_operations+0x2b0/0xfe0
[ 1861.264353][T14176]  ? __pfx_block_operations+0x10/0x10
[ 1861.264454][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264499][T14176]  ? down_write+0x14d/0x200
[ 1861.264535][T14176]  ? __pfx_down_write+0x10/0x10
[ 1861.264573][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264620][T14176]  ? rcu_is_watching+0x12/0xc0
[ 1861.264668][T14176]  f2fs_write_checkpoint+0x2b8/0x4c60
[ 1861.264703][T14176]  ? __pfx_try_to_wake_up+0x10/0x10
[ 1861.264746][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264785][T14176]  ? kfree+0x2b4/0x4d0
[ 1861.264824][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264868][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264907][T14176]  ? rcu_is_watching+0x12/0xc0
[ 1861.264947][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.264986][T14176]  ? kthread_stop+0x273/0x630
[ 1861.265022][T14176]  kill_f2fs_super+0x3c2/0x470
[ 1861.265074][T14176]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1861.265106][T14176]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1861.265175][T14176]  deactivate_locked_super+0xc1/0x1a0
[ 1861.265228][T14176]  deactivate_super+0xde/0x100
[ 1861.265284][T14176]  cleanup_mnt+0x225/0x450
[ 1861.265341][T14176]  task_work_run+0x150/0x240
[ 1861.265379][T14176]  ? __pfx_task_work_run+0x10/0x10
[ 1861.265414][T14176]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1861.265456][T14176]  ? __pfx___x64_sys_umount+0x10/0x10
[ 1861.265499][T14176]  exit_to_user_mode_loop+0xeb/0x110
[ 1861.265536][T14176]  do_syscall_64+0x3f6/0x4c0
[ 1861.265570][T14176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1861.265603][T14176] RIP: 0033:0x7f030c98ff17
[ 1861.265629][T14176] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1861.265661][T14176] RSP: 002b:00007ffda71622d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1861.265692][T14176] RAX: 0000000000000000 RBX: 00007f030ca11c05 RCX: 00007f030c98ff17
[ 1861.265714][T14176] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffda7162390
[ 1861.265735][T14176] RBP: 00007ffda7162390 R08: 0000000000000000 R09: 0000000000000000
[ 1861.265755][T14176] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffda7163420
[ 1861.265776][T14176] R13: 00007f030ca11c05 R14: 00000000001c65d9 R15: 00007ffda7163460
[ 1861.265823][T14176]  </TASK>
[ 1861.265843][T14176] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1861.343624][T14843] loop7: detected capacity change from 0 to 16
[ 1861.483894][T14849] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1861.551197][T14843] erofs (device loop7): mounted with root inode @ nid 36.
[ 1861.972246][T14843] overlayfs: failed to get redirect (-117)
[ 1862.685010][T14872] netlink: 'syz.4.17493': attribute type 1 has an invalid length.
[ 1862.718693][T14872] netlink: 16150 bytes leftover after parsing attributes in process `syz.4.17493'.
[ 1862.766922][  T600] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1862.980360][  T600] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1863.106951][  T600] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1863.462144][T10930] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1863.576180][T14888] loop8: detected capacity change from 0 to 16
[ 1863.602072][  T600] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1863.620610][T10930] usb 2-1: Using ep0 maxpacket: 32
[ 1863.631562][T14888] erofs (device loop8): mounted with root inode @ nid 36.
[ 1863.632328][T10930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1863.702468][T10930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1863.750621][T10930] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1863.766898][T10930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.784864][T14888] overlayfs: failed to get redirect (-117)
[ 1863.794916][T10930] usb 2-1: config 0 descriptor??
[ 1864.164432][  T600] bridge_slave_1: left allmulticast mode
[ 1864.170123][  T600] bridge_slave_1: left promiscuous mode
[ 1864.204052][  T600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1864.268436][  T600] bridge_slave_0: left allmulticast mode
[ 1864.279875][  T600] bridge_slave_0: left promiscuous mode
[ 1864.314575][  T600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1864.332453][ T4525] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1864.347727][ T4525] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1864.356502][T10930] savu 0003:1E7D:2D5A.0131: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[ 1864.372244][ T4525] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1864.390065][ T4525] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1864.405432][ T4525] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1864.489500][T14903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17508'.
[ 1864.573594][ T5980] usb 2-1: USB disconnect, device number 19
[ 1864.820854][T10930] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1864.970614][T10930] usb 5-1: Using ep0 maxpacket: 16
[ 1864.983690][T10930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1864.995735][T10930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1865.005638][T10930] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1865.018741][T10930] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1865.028377][T10930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1865.047702][T10930] usb 5-1: config 0 descriptor??
[ 1865.089903][  T600] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1865.137983][  T600] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1865.167804][  T600] bond0 (unregistering): Released all slaves
[ 1865.206697][T14912] input: syz0 as /devices/virtual/input/input154
[ 1865.499972][T10930] hid_parser_main: 8 callbacks suppressed
[ 1865.500004][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.514737][T10930] microsoft 0003:045E:07DA.0132: ignoring exceeding usage max
[ 1865.526467][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.535446][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.555806][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.566124][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.601487][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.608751][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.623412][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.636801][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.650414][T10930] microsoft 0003:045E:07DA.0132: unknown main item tag 0x0
[ 1865.710230][T10930] microsoft 0003:045E:07DA.0132: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[ 1865.730723][T10930] microsoft 0003:045E:07DA.0132: no inputs found
[ 1865.741895][T10930] microsoft 0003:045E:07DA.0132: could not initialize ff, continuing anyway
[ 1865.943388][  T600] hsr_slave_0: left promiscuous mode
[ 1865.984322][  T600] hsr_slave_1: left promiscuous mode
[ 1866.017748][  T600] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1866.040672][  T600] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1866.060302][T10930] usb 5-1: USB disconnect, device number 8
[ 1866.101931][  T600] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1866.131607][  T600] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1866.200991][  T600] veth1_macvtap: left promiscuous mode
[ 1866.217614][  T600] veth0_macvtap: left promiscuous mode
[ 1866.230698][  T600] veth1_vlan: left promiscuous mode
[ 1866.240710][  T600] veth0_vlan: left promiscuous mode
[ 1866.391665][   T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1866.461468][T13075] Bluetooth: hci4: command tx timeout
[ 1866.571552][   T10] usb 2-1: Using ep0 maxpacket: 16
[ 1866.594229][   T10] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[ 1866.622803][   T10] usb 2-1: config 0 has no interface number 0
[ 1866.641440][   T10] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1866.657284][ T4525] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1866.657704][   T10] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1866.677194][ T4525] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1866.686315][ T4525] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1866.719225][ T4525] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1866.734099][ T4525] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1866.803493][   T10] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1866.815628][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1866.825833][   T10] usb 2-1: Product: syz
[ 1866.830087][   T10] usb 2-1: Manufacturer: syz
[ 1866.834813][   T10] usb 2-1: SerialNumber: syz
[ 1866.843827][   T10] usb 2-1: config 0 descriptor??
[ 1866.849827][T14924] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1866.858100][T14924] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1867.179671][T14924] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1867.210930][T14924] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1867.873272][   T10] asix 2-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0xc2
[ 1868.132897][   T44] usb 2-1: USB disconnect, device number 20
[ 1868.169623][  T600] team0 (unregistering): Port device team_slave_1 removed
[ 1868.232920][  T600] team0 (unregistering): Port device team_slave_0 removed
[ 1868.554452][T13075] Bluetooth: hci4: command tx timeout
[ 1868.861404][T13075] Bluetooth: hci5: command tx timeout
[ 1869.437569][T14900] chnl_net:caif_netlink_parms(): no params data found
[ 1870.067554][T14985] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1870.426620][T14900] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1870.456777][T14900] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1870.480398][T14900] bridge_slave_0: entered allmulticast mode
[ 1870.503536][T14900] bridge_slave_0: entered promiscuous mode
[ 1870.516944][T14972] overlayfs: overlapping lowerdir path
[ 1870.529391][T14900] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1870.555672][T14900] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1870.574235][T14900] bridge_slave_1: entered allmulticast mode
[ 1870.588965][T14900] bridge_slave_1: entered promiscuous mode
[ 1870.604955][T14931] chnl_net:caif_netlink_parms(): no params data found
[ 1870.621462][T13075] Bluetooth: hci4: command tx timeout
[ 1870.776931][T14900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1870.855198][T14900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1870.940957][T13075] Bluetooth: hci5: command tx timeout
[ 1871.045309][T14900] team0: Port device team_slave_0 added
[ 1871.164322][  T600] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1871.286609][T14900] team0: Port device team_slave_1 added
[ 1871.306394][T14931] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1871.316081][T14931] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1871.323893][T14931] bridge_slave_0: entered allmulticast mode
[ 1871.334264][T14931] bridge_slave_0: entered promiscuous mode
[ 1871.407235][  T600] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1871.483528][T14931] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1871.505969][T14931] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1871.520016][T14931] bridge_slave_1: entered allmulticast mode
[ 1871.572582][T14931] bridge_slave_1: entered promiscuous mode
[ 1871.749067][T14900] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1871.780535][T14900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1871.861366][T14900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1872.013626][  T600] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1872.099575][T14900] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1872.117899][T14900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1872.143869][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1872.161072][ T5931] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1872.189174][T14900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1872.225105][T14931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1872.245007][T14931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1872.332898][ T5931] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1872.351273][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1872.379251][ T5931] usb 3-1: config 0 descriptor??
[ 1872.379666][  T600] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1872.394587][ T5931] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1872.428186][T15038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17559'.
[ 1872.702612][T13075] Bluetooth: hci4: command tx timeout
[ 1872.716194][T14931] team0: Port device team_slave_0 added
[ 1872.803322][T14900] hsr_slave_0: entered promiscuous mode
[ 1872.807371][ T5931] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[ 1872.830577][T14900] hsr_slave_1: entered promiscuous mode
[ 1872.836949][T14900] debugfs: 'hsr0' already exists in 'hsr'
[ 1872.860671][T14900] Cannot create hsr debugfs directory
[ 1872.891975][T14931] team0: Port device team_slave_1 added
[ 1873.021841][T13075] Bluetooth: hci5: command tx timeout
[ 1873.158601][T14931] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1873.166819][T14931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1873.197037][T14931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1873.212461][ T5931] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[ 1873.255486][T14931] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1873.265015][T14931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1873.293782][T14931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1873.446126][   T10] usb 3-1: USB disconnect, device number 34
[ 1873.557995][  T600] bridge_slave_1: left allmulticast mode
[ 1873.564411][  T600] bridge_slave_1: left promiscuous mode
[ 1873.571302][  T600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1873.585437][  T600] bridge_slave_0: left allmulticast mode
[ 1873.592700][  T600] bridge_slave_0: left promiscuous mode
[ 1873.605729][  T600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1874.306626][  T600] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1874.341648][  T600] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1874.374342][  T600] bond0 (unregistering): Released all slaves
[ 1874.573149][T14931] hsr_slave_0: entered promiscuous mode
[ 1874.585324][T14931] hsr_slave_1: entered promiscuous mode
[ 1874.604741][T14931] debugfs: 'hsr0' already exists in 'hsr'
[ 1874.621777][T14931] Cannot create hsr debugfs directory
[ 1875.110956][T13075] Bluetooth: hci5: command tx timeout
[ 1875.772745][  T600] hsr_slave_0: left promiscuous mode
[ 1875.794123][  T600] hsr_slave_1: left promiscuous mode
[ 1875.800233][  T600] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1875.841388][  T600] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1875.862372][  T600] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1875.879181][  T600] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1875.942344][  T600] veth1_macvtap: left promiscuous mode
[ 1875.952206][  T600] veth0_macvtap: left promiscuous mode
[ 1875.957881][  T600] veth1_vlan: left promiscuous mode
[ 1875.983802][  T600] veth0_vlan: left promiscuous mode
[ 1877.543746][  T600] team0 (unregistering): Port device team_slave_1 removed
[ 1877.608787][  T600] team0 (unregistering): Port device team_slave_0 removed
[ 1878.386246][T15131] netlink: 348 bytes leftover after parsing attributes in process `syz.0.17595'.
[ 1879.370222][T14900] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1879.395248][T14900] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1879.459482][T14900] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1879.478469][T14900] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1879.957948][T14900] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1880.255729][T14900] 8021q: adding VLAN 0 to HW filter on device team0
[ 1880.321899][T10947] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1880.329072][T10947] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1880.398443][T10947] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1880.405633][T10947] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1880.427547][T15173] pim6reg1: entered promiscuous mode
[ 1880.438060][T15173] pim6reg1: entered allmulticast mode
[ 1880.466083][T14931] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1880.597611][T14931] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1880.637141][T14931] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1880.702475][T14931] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1881.249343][T14931] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1881.328844][T14931] 8021q: adding VLAN 0 to HW filter on device team0
[ 1881.414194][T32704] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1881.421408][T32704] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1881.479016][T32741] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1881.486221][T32741] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1881.598031][T15219] vivid-000: =================  START STATUS  =================
[ 1881.648052][T15219] vivid-000: Test Pattern: 75% Colorbar
[ 1881.665148][T15219] vivid-000: Fill Percentage of Frame: 100
[ 1881.673775][T15219] vivid-000: Horizontal Movement: No Movement
[ 1881.685904][T15219] vivid-000: Vertical Movement: No Movement
[ 1881.704962][T15219] vivid-000: OSD Text Mode: All
[ 1881.717832][T15219] vivid-000: Show Border: false
[ 1881.735634][T15219] vivid-000: Show Square: false
[ 1881.749931][T15219] vivid-000: Sensor Flipped Horizontally: false
[ 1881.773801][T15219] vivid-000: Sensor Flipped Vertically: false
[ 1881.785171][T15219] vivid-000: Insert SAV Code in Image: false
[ 1881.852171][T15219] vivid-000: Insert EAV Code in Image: false
[ 1881.861321][T14900] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1881.870801][T15219] vivid-000: Insert Video Guard Band: false
[ 1881.878027][T15219] vivid-000: Reduced Framerate: true
[ 1881.887161][T15219] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1881.919014][T15219] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1881.936829][T15219] vivid-000: Enable Capture Cropping: true
[ 1881.982188][T15230] netlink: 'syz.4.17630': attribute type 13 has an invalid length.
[ 1882.000608][T15219] 
[ 1882.005268][T15219] vivid-000: Enable Capture Composing: true
[ 1882.015322][T15219] vivid-000: Enable Capture Scaler: true
[ 1882.029938][T15230] netlink: 'syz.4.17630': attribute type 17 has an invalid length.
[ 1882.044692][T15219] vivid-000: Timestamp Source: End of Frame
[ 1882.076118][T15219] vivid-000: Colorspace: Rec. 709
[ 1882.103239][T15219] vivid-000: Transfer Function: Default
[ 1882.116832][T15219] vivid-000: Y'CbCr Encoding: Default
[ 1882.127187][T15219] vivid-000: HSV Encoding: Hue 0-179
[ 1882.136773][T15219] vivid-000: Quantization: Limited Range
[ 1882.152432][T15219] vivid-000: Apply Alpha To Red Only: true
[ 1882.164701][T15219] vivid-000: Standard Aspect Ratio: 4x3
[ 1882.183391][T15219] vivid-000: DV Timings Signal Mode: Current DV Timings
[ 1882.201153][T15219] vivid-000: DV Timings: 640x480p59 inactive
[ 1882.216270][T15219] vivid-000: DV Timings Aspect Ratio: 4x3
[ 1882.233336][T15219] vivid-000: Maximum EDID Blocks: 2
[ 1882.257258][T15230] bridge0: port 3(gretap0) entered blocking state
[ 1882.263846][T15230] bridge0: port 3(gretap0) entered listening state
[ 1882.273705][T15219] vivid-000: Limited RGB Range (16-235): true
[ 1882.290197][T15219] vivid-000: Rx RGB Quantization Range: Automatic
[ 1882.296920][T15219] vivid-000: Power Present: 0x00000001
[ 1882.305440][T15230] bridge0: left allmulticast mode
[ 1882.316108][T15219] 
[ 1882.318446][T15219] tpg source WxH: 1280x720 (Y'CbCr)
[ 1882.332028][T15219] tpg field: 1
[ 1882.349737][T15219] tpg crop: (64,6)/256x16
[ 1882.355969][T15219] tpg compose: (0,0)/1024x64
[ 1882.371908][T15219] tpg colorspace: 3
[ 1882.379787][T15219] tpg transfer function: 0/1
[ 1882.386670][T15219] tpg Y'CbCr encoding: 0/2
[ 1882.392607][T15219] tpg quantization: 2/2
[ 1882.398146][T15219] tpg RGB range: 0/1
[ 1882.403642][T15219] vivid-000: ==================  END STATUS  ==================
[ 1882.416472][T15230] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1882.441890][T15230] 8021q: adding VLAN 0 to HW filter on device team0
[ 1882.471227][T15230] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1882.530152][T32741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1882.956506][T32718] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1882.976938][T14931] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1882.985989][T15249] pim6reg1: entered promiscuous mode
[ 1883.001003][T15249] pim6reg1: entered allmulticast mode
[ 1883.215181][T14900] veth0_vlan: entered promiscuous mode
[ 1883.267928][T14900] veth1_vlan: entered promiscuous mode
[ 1883.291406][ T5980] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1883.376049][T14900] veth0_macvtap: entered promiscuous mode
[ 1883.403871][T14900] veth1_macvtap: entered promiscuous mode
[ 1883.475430][ T5980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1883.492392][T14900] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1883.499683][ T5980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1883.516595][T14900] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1883.524480][ T5980] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1883.544816][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1883.567504][ T5980] usb 2-1: config 0 descriptor??
[ 1883.579573][T32741] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1883.589267][T32741] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1883.624538][T32741] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1883.648434][T32741] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1883.983953][  T598] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1883.985469][T15267] syzkaller1: entered promiscuous mode
[ 1884.000787][T15267] syzkaller1: entered allmulticast mode
[ 1884.015875][  T598] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1884.033653][ T5980] hid_parser_main: 4 callbacks suppressed
[ 1884.033679][ T5980] cp2112 0003:10C4:EA90.0133: unknown main item tag 0x0
[ 1884.084603][ T5980] cp2112 0003:10C4:EA90.0133: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[ 1884.229913][ T5980] cp2112 0003:10C4:EA90.0133: Part Number: 0x82 Device Version: 0xFE
[ 1884.230119][  T598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1884.293157][  T598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1884.300853][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1884.380999][T14931] veth0_vlan: entered promiscuous mode
[ 1884.425999][T14931] veth1_vlan: entered promiscuous mode
[ 1884.539565][T14931] veth0_macvtap: entered promiscuous mode
[ 1884.560009][T14931] veth1_macvtap: entered promiscuous mode
[ 1884.607023][T14931] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1884.634714][ T5980] cp2112 0003:10C4:EA90.0133: error setting SMBus config
[ 1884.660028][ T5980] cp2112 0003:10C4:EA90.0133: probe with driver cp2112 failed with error -71
[ 1884.672261][T14931] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1884.711507][T32741] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1884.714039][ T5980] usb 2-1: USB disconnect, device number 21
[ 1884.755517][T32741] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1884.804278][T32741] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1884.843866][T32741] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.002448][T32741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.027642][T32741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.089580][  T598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.099829][  T598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.149807][T15288] netlink: 212164 bytes leftover after parsing attributes in process `syz.9.17649'.
[ 1885.547865][T15302] netlink: 512 bytes leftover after parsing attributes in process `syz.1.17653'.
[ 1885.701720][T11394] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1885.905649][T11394] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[ 1885.905868][T15306] loop9: detected capacity change from 0 to 4096
[ 1885.920577][T11394] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1885.932601][T15306] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[ 1885.944662][T11394] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1885.972376][T11394] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1885.984480][T11394] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1885.999506][T11394] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1886.009428][T11394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1886.023928][T11394] usb 5-1: config 0 descriptor??
[ 1886.028028][T15294] loop5: detected capacity change from 0 to 32768
[ 1886.029944][T15298] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1886.038485][T15294] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.17515 (15294)
[ 1886.056908][T15306] ntfs3(loop9): ino=1a, mi_enum_attr
[ 1886.062751][T15306] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1886.075568][T15306] ntfs3(loop9): ino=1a, mi_enum_attr
[ 1886.079010][T15294] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1886.098979][T15294] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[ 1886.109407][T15306] ntfs3(loop9): Failed to initialize $Extend/$Reparse.
[ 1886.149558][T15306] ntfs3(loop9): ino=5, "/" ntfs_readdir
[ 1886.220934][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1886.267639][T15294] BTRFS info (device loop5): enabling ssd optimizations
[ 1886.316142][T15294] BTRFS info (device loop5): enabling free space tree
[ 1886.468982][T11394] plantronics 0003:047F:FFFF.0134: reserved main item tag 0xd
[ 1886.513729][T11394] plantronics 0003:047F:FFFF.0134: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1886.780729][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1886.802324][T14931] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1886.811975][T20436] usb 5-1: USB disconnect, device number 9
[ 1886.941141][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1887.690870][  T486] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1887.840550][  T486] usb 10-1: Using ep0 maxpacket: 16
[ 1887.856663][  T486] usb 10-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1887.890372][  T486] usb 10-1: config 0 has an invalid interface number: 125 but max is 1
[ 1887.909676][  T486] usb 10-1: config 0 has an invalid interface number: 125 but max is 1
[ 1887.929601][  T486] usb 10-1: config 0 has an invalid interface number: 125 but max is 1
[ 1887.938032][  T486] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1887.956893][  T486] usb 10-1: config 0 has no interface number 0
[ 1887.965835][  T486] usb 10-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1888.006640][  T486] usb 10-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1888.046029][  T486] usb 10-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1888.085701][  T486] usb 10-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1888.111329][  T486] usb 10-1: config 0 interface 125 has no altsetting 0
[ 1888.118212][  T486] usb 10-1: config 0 interface 125 has no altsetting 2
[ 1888.156832][  T486] usb 10-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1888.189974][  T486] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1888.217323][  T486] usb 10-1: Product: syz
[ 1888.221746][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1888.259693][  T486] usb 10-1: Manufacturer: syz
[ 1888.280821][  T486] usb 10-1: SerialNumber: syz
[ 1888.311532][  T486] usb 10-1: config 0 descriptor??
[ 1888.336911][  T486] usb 10-1: selecting invalid altsetting 2
[ 1888.695792][T15384] vlan1: entered promiscuous mode
[ 1889.370781][   T10] usb 10-1: USB disconnect, device number 19
[ 1889.486385][T15404] loop5: detected capacity change from 0 to 256
[ 1889.562474][T15404] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[ 1889.611605][T15404] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1889.704898][   T30] audit: type=1800 audit(2000000624.680:5579): pid=15404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.17693" name="file2" dev="loop5" ino=1049040 res=0 errno=0
[ 1889.779680][   T30] audit: type=1800 audit(2000000624.740:5580): pid=15404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.17693" name="file2" dev="loop5" ino=1049040 res=0 errno=0
[ 1889.801066][T20436] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1890.001828][T20436] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1890.030056][T20436] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1890.069688][T20436] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1890.112081][T20436] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1890.153934][T20436] usb 5-1: Product: syz
[ 1890.158116][T20436] usb 5-1: Manufacturer: syz
[ 1890.173611][T20436] usb 5-1: SerialNumber: syz
[ 1890.194145][T20436] usb 5-1: config 0 descriptor??
[ 1890.199920][T15406] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1890.217692][T15406] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1890.220930][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1890.238556][T15412] netlink: 360 bytes leftover after parsing attributes in process `syz.2.17698'.
[ 1890.360168][   T44] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1890.493237][T15406] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1890.541448][T15406] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1890.561544][   T44] usb 10-1: Using ep0 maxpacket: 32
[ 1890.573082][   T44] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1890.604091][   T44] usb 10-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1890.623547][   T44] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1890.650709][   T44] usb 10-1: Product: syz
[ 1890.665328][   T44] usb 10-1: Manufacturer: syz
[ 1890.670052][   T44] usb 10-1: SerialNumber: syz
[ 1890.732019][   T44] usb 10-1: config 0 descriptor??
[ 1891.012192][T15395] overlayfs: overlapping lowerdir path
[ 1891.194773][   T44] gs_usb 10-1:0.0: Configuring for 1 interfaces
[ 1891.354237][T15429] input: syz0 as /devices/virtual/input/input156
[ 1891.424387][T20436] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[ 1891.614398][T20436] dm9601 5-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet, 6e:00:00:00:00:00
[ 1891.657529][T20436] usb 5-1: USB disconnect, device number 10
[ 1891.680330][T20436] dm9601 5-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet
[ 1891.820853][ T5980] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1891.827634][  T486] usb 10-1: USB disconnect, device number 20
[ 1892.151366][   T30] audit: type=1326 audit(2000000627.080:5581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15449 comm="syz.2.17715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f262138ebe9 code=0x7ffc0000
[ 1892.220748][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1892.277973][   T30] audit: type=1326 audit(2000000627.080:5582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15449 comm="syz.2.17715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f262138ebe9 code=0x7ffc0000
[ 1892.302220][T15448] loop5: detected capacity change from 0 to 32768
[ 1892.311911][   T30] audit: type=1326 audit(2000000627.080:5583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15449 comm="syz.2.17715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f262138ebe9 code=0x7ffc0000
[ 1892.335026][T15448] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.17714 (15448)
[ 1892.352395][ T5980] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1892.359029][T15448] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1892.369225][T15448] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[ 1892.378184][ T5980] usb 2-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[ 1892.388388][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1892.402669][ T5980] usb 2-1: config 0 descriptor??
[ 1892.589182][T15448] BTRFS info (device loop5): allowing degraded mounts
[ 1892.596324][T15448] BTRFS info (device loop5): enabling ssd optimizations
[ 1892.603369][T15448] BTRFS info (device loop5): enabling free space tree
[ 1892.610170][T15448] BTRFS info (device loop5): force zlib compression, level 3
[ 1892.726139][T15475] loop9: detected capacity change from 0 to 512
[ 1892.847766][T14931] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1892.859064][T15475] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1892.921632][T15475] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1893.155075][T15475] EXT4-fs (loop9): shut down requested (2)
[ 1893.373822][T14900] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1893.504329][ T5980] video4linux radio48: keene_cmd_set failed (-71)
[ 1893.529573][ T5980] radio-keene 2-1:0.0: V4L2 device registered as radio48
[ 1893.586087][ T5980] usb 2-1: USB disconnect, device number 22
[ 1893.834587][T15494] netlink: 4 bytes leftover after parsing attributes in process `syz.5.17723'.
[ 1894.220671][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1894.617322][T15511] loop5: detected capacity change from 0 to 2048
[ 1894.700995][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1894.709841][T15511] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1894.835289][T15452] overlayfs: overlapping lowerdir path
[ 1894.996658][T15523] loop9: detected capacity change from 0 to 256
[ 1895.342049][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1895.748566][T15546] loop9: detected capacity change from 0 to 22
[ 1895.782845][T15546] MTD: Attempt to mount non-MTD device "/dev/loop9"
[ 1895.921776][T15546] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1895.971454][T15550] netlink: 36 bytes leftover after parsing attributes in process `syz.5.17754'.
[ 1896.220643][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1896.424430][T15558] loop9: detected capacity change from 0 to 2048
[ 1896.440218][T15558] EXT4-fs: Ignoring removed nobh option
[ 1896.484229][T15558] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1896.550792][T15558] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1896.637484][   T30] audit: type=1800 audit(2000000631.610:5584): pid=15558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.17756" name="file0" dev="loop9" ino=13 res=0 errno=0
[ 1896.858080][T14900] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1897.248150][T15583] netlink: 'syz.9.17767': attribute type 1 has an invalid length.
[ 1897.262738][T15583] netlink: 216 bytes leftover after parsing attributes in process `syz.9.17767'.
[ 1897.877287][T15604] vlan5: entered promiscuous mode
[ 1897.889839][T15604] bridge0: entered promiscuous mode
[ 1897.892505][T15606] loop9: detected capacity change from 0 to 512
[ 1897.907244][    C0] bridge0: port 3(gretap0) entered learning state
[ 1897.957476][T15606] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1897.983202][T15606] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1898.220595][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1898.228602][T15616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17781'.
[ 1898.246773][T15616] netlink: 24 bytes leftover after parsing attributes in process `syz.4.17781'.
[ 1898.274805][T14900] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1898.614363][T15573] loop5: detected capacity change from 0 to 65536
[ 1898.636986][T15627] netlink: 'syz.1.17786': attribute type 13 has an invalid length.
[ 1898.646313][T15627] netlink: 'syz.1.17786': attribute type 17 has an invalid length.
[ 1898.699943][T15573] XFS (loop5): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1898.773727][T15573] XFS (loop5): Ending clean mount
[ 1898.794981][T15573] XFS (loop5): Quotacheck needed: Please wait.
[ 1898.801195][T15627] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1898.845648][T15640] netlink: 40 bytes leftover after parsing attributes in process `syz.0.17788'.
[ 1898.905816][T15573] XFS (loop5): Quotacheck: Done.
[ 1898.970919][   T30] audit: type=1326 audit(2000000633.940:5585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15643 comm="syz.9.17789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7bfe38ebe9 code=0x0
[ 1899.117002][T14931] XFS (loop5): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1899.322481][T15651] netlink: 36 bytes leftover after parsing attributes in process `syz.4.17794'.
[ 1899.377767][T15653] unknown channel width for channel at 909000KHz?
[ 1899.385214][T15653] unknown channel width for channel at 909000KHz?
[ 1899.395366][T15653] unknown channel width for channel at 909000KHz?
[ 1900.220783][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1900.233005][T15677] netlink: 'syz.5.17805': attribute type 13 has an invalid length.
[ 1900.266046][T15677] netlink: 'syz.5.17805': attribute type 17 has an invalid length.
[ 1900.452274][T15681] netlink: 'syz.4.17808': attribute type 10 has an invalid length.
[ 1900.472800][T15677] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1900.486353][T15681] netlink: 40 bytes leftover after parsing attributes in process `syz.4.17808'.
[ 1902.220852][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1902.291037][T15719] af_packet: tpacket_rcv: packet too big, clamped from 2 to 4294967272. macoff=96
[ 1903.265670][T15732] loop5: detected capacity change from 0 to 512
[ 1903.438985][T15732] EXT4-fs (loop5): 1 orphan inode deleted
[ 1903.450752][  T598] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1903.496212][T15732] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1903.530646][  T598] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:51: Failed to release dquot type 1
[ 1903.574457][T15732] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1903.605013][T15743] netlink: 'syz.1.17833': attribute type 29 has an invalid length.
[ 1903.670896][T15745] netlink: 'syz.1.17833': attribute type 29 has an invalid length.
[ 1903.711555][T15743] netlink: 52 bytes leftover after parsing attributes in process `syz.1.17833'.
[ 1903.717358][T14931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1903.766575][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1904.136800][T15755] input: syz0 as /devices/virtual/input/input157
[ 1904.175384][T15755] input: failed to attach handler leds to device input157, error: -6
[ 1904.220970][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1904.260614][ T5980] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[ 1904.288149][T15730] loop9: detected capacity change from 0 to 40427
[ 1904.306874][T15730] F2FS-fs (loop9): invalid crc value
[ 1904.420609][ T5980] usb 6-1: Using ep0 maxpacket: 8
[ 1904.442644][ T5980] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 1904.460766][ T5980] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1904.473747][T15730] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1904.480755][ T5980] usb 6-1: Product: syz
[ 1904.487377][T15730] F2FS-fs (loop9): Start checkpoint disabled!
[ 1904.498360][ T5980] usb 6-1: Manufacturer: syz
[ 1904.513293][T15730] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[ 1904.517139][ T5980] usb 6-1: SerialNumber: syz
[ 1904.541608][ T5980] usb 6-1: config 0 descriptor??
[ 1904.622257][T15730] syz.9.17828: attempt to access beyond end of device
[ 1904.622257][T15730] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1904.736952][T32741] kworker/u8:44: attempt to access beyond end of device
[ 1904.736952][T32741] loop9: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1904.780250][T15764] macvtap0: refused to change device tx_queue_len
[ 1904.802461][T32741] CPU: 0 UID: 0 PID: 32741 Comm: kworker/u8:44 Not tainted syzkaller #0 PREEMPT(full) 
[ 1904.802510][T32741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1904.802536][T32741] Workqueue: writeback wb_workfn (flush-7:9)
[ 1904.802599][T32741] Call Trace:
[ 1904.802612][T32741]  <TASK>
[ 1904.802626][T32741]  dump_stack_lvl+0x16c/0x1f0
[ 1904.802689][T32741]  f2fs_handle_critical_error+0x624/0x9f0
[ 1904.802742][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.802789][T32741]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1904.802846][T32741]  f2fs_write_end_io+0x958/0xcf0
[ 1904.802907][T32741]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1904.802969][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803028][T32741]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1904.803081][T32741]  bio_endio+0x713/0x860
[ 1904.803149][T32741]  submit_bio_noacct+0x306/0x1ed0
[ 1904.803215][T32741]  __submit_merged_bio+0x33c/0x770
[ 1904.803278][T32741]  __submit_merged_write_cond+0x319/0x3f0
[ 1904.803352][T32741]  f2fs_write_cache_pages+0x2067/0x2570
[ 1904.803450][T32741]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1904.803517][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803562][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803607][T32741]  ? find_held_lock+0x2b/0x80
[ 1904.803657][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803707][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803752][T32741]  ? do_raw_spin_unlock+0x172/0x230
[ 1904.803814][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.803859][T32741]  ? f2fs_available_free_memory+0x279/0xa30
[ 1904.803989][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804034][T32741]  ? lock_acquire+0x179/0x350
[ 1904.804095][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804151][T32741]  f2fs_write_data_pages+0x4ad/0xd90
[ 1904.804224][T32741]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1904.804301][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804351][T32741]  ? __lock_acquire+0xb97/0x1ce0
[ 1904.804413][T32741]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1904.804479][T32741]  do_writepages+0x27a/0x600
[ 1904.804538][T32741]  ? __pfx_do_writepages+0x10/0x10
[ 1904.804584][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804629][T32741]  ? reacquire_held_locks+0xcd/0x1f0
[ 1904.804688][T32741]  ? writeback_sb_inodes+0x3b0/0xfa0
[ 1904.804747][T32741]  __writeback_single_inode+0x160/0xfb0
[ 1904.804803][T32741]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1904.804852][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804896][T32741]  ? do_raw_spin_unlock+0x172/0x230
[ 1904.804939][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.804994][T32741]  writeback_sb_inodes+0x60d/0xfa0
[ 1904.805089][T32741]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1904.805140][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805184][T32741]  ? find_held_lock+0x2b/0x80
[ 1904.805317][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805361][T32741]  ? rcu_is_watching+0x12/0xc0
[ 1904.805408][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805451][T32741]  ? queue_io+0x3f6/0x520
[ 1904.805498][T32741]  wb_writeback+0x419/0xb70
[ 1904.805560][T32741]  ? __pfx_wb_writeback+0x10/0x10
[ 1904.805605][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805662][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805706][T32741]  ? mark_held_locks+0x49/0x80
[ 1904.805771][T32741]  wb_workfn+0x14d/0xbe0
[ 1904.805828][T32741]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1904.805886][T32741]  ? __pfx_wb_workfn+0x10/0x10
[ 1904.805941][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.805990][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.806040][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.806083][T32741]  ? rcu_is_watching+0x12/0xc0
[ 1904.806138][T32741]  process_one_work+0x9cf/0x1b70
[ 1904.806203][T32741]  ? __pfx_process_one_work+0x10/0x10
[ 1904.806243][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.806301][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.806348][T32741]  ? assign_work+0x1a0/0x250
[ 1904.806391][T32741]  worker_thread+0x6c8/0xf10
[ 1904.806460][T32741]  ? __pfx_worker_thread+0x10/0x10
[ 1904.806502][T32741]  kthread+0x3c5/0x780
[ 1904.806541][T32741]  ? __pfx_kthread+0x10/0x10
[ 1904.806582][T32741]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1904.806625][T32741]  ? rcu_is_watching+0x12/0xc0
[ 1904.806670][T32741]  ? __pfx_kthread+0x10/0x10
[ 1904.806711][T32741]  ret_from_fork+0x5d7/0x6f0
[ 1904.806744][T32741]  ? __pfx_kthread+0x10/0x10
[ 1904.806783][T32741]  ret_from_fork_asm+0x1a/0x30
[ 1904.806858][T32741]  </TASK>
[ 1904.806872][T32741] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[ 1904.993112][ T5980] usb read operation failed. (-71)
[ 1905.308313][ T5980] usb write operation failed. (-71)
[ 1905.365532][ T5980] usb write operation failed. (-71)
[ 1905.375275][ T5980] usb write operation failed. (-71)
[ 1905.400293][ T5980] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in cold state
[ 1905.420316][ T5980] usb 6-1: Direct firmware load for dvb-usb-terratec-h7-az6007.fw failed with error -2
[ 1905.450544][ T5980] usb 6-1: Falling back to sysfs fallback for: dvb-usb-terratec-h7-az6007.fw
[ 1905.996678][T20436] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1906.171297][T20436] usb 2-1: Using ep0 maxpacket: 16
[ 1906.181186][T20436] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[ 1906.196151][T20436] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1906.220624][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1906.241860][T20436] usb 2-1: config 0 descriptor??
[ 1906.675921][T20436] koneplus 0003:1E7D:2E22.0135: unknown main item tag 0x0
[ 1906.698008][T20436] koneplus 0003:1E7D:2E22.0135: unknown main item tag 0x0
[ 1906.717808][T20436] koneplus 0003:1E7D:2E22.0135: unknown main item tag 0x0
[ 1906.726009][T20436] koneplus 0003:1E7D:2E22.0135: unknown main item tag 0x0
[ 1906.738179][T20436] koneplus 0003:1E7D:2E22.0135: unknown main item tag 0x0
[ 1906.749501][T20436] koneplus 0003:1E7D:2E22.0135: hidraw0: USB HID v20.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.1-1/input0
[ 1906.933937][   T44] usb 2-1: USB disconnect, device number 23
[ 1907.048195][T15808] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1907.077098][T15808] overlayfs: maximum fs stacking depth exceeded
[ 1907.991736][T15838] netlink: 'syz.1.17875': attribute type 2 has an invalid length.
[ 1908.220574][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1908.551487][T15850] netlink: 'syz.9.17882': attribute type 13 has an invalid length.
[ 1908.590432][T15850] netlink: 'syz.9.17882': attribute type 17 has an invalid length.
[ 1908.682290][T15853] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1908.790750][T15850] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1909.530904][T20436] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 1909.693331][T20436] usb 10-1: Using ep0 maxpacket: 16
[ 1909.709812][T20436] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1909.733031][T20436] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1909.757517][T20436] usb 10-1: Product: syz
[ 1909.766376][T20436] usb 10-1: Manufacturer: syz
[ 1909.778166][T20436] usb 10-1: SerialNumber: syz
[ 1909.795616][T20436] usb 10-1: config 0 descriptor??
[ 1909.810958][T20436] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected
[ 1909.832368][T20436] usb 10-1: Detected FT232H
[ 1910.019532][T20436] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1910.186725][T15913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17909'.
[ 1910.220585][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1910.439684][T20436] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1910.701793][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1910.704424][T20436] usb 10-1: USB disconnect, device number 21
[ 1910.773143][T20436] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1910.805262][T20436] ftdi_sio 10-1:0.0: device disconnected
[ 1911.340647][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1911.840640][T11394] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 1911.958532][T15921] loop5: detected capacity change from 0 to 32768
[ 1911.968925][T15921] XFS: attr2 mount option is deprecated.
[ 1912.017513][T11394] usb 10-1: Using ep0 maxpacket: 8
[ 1912.036640][T15921] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1912.062279][T11394] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1912.083948][T11394] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1912.098209][T11394] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1912.108552][T11394] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1912.122876][T11394] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1912.132077][T11394] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1912.220596][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1912.344486][T15921] XFS (loop5): Ending clean mount
[ 1912.385044][T11394] usb 10-1: GET_CAPABILITIES returned 0
[ 1912.392058][T15921] XFS (loop5): Quotacheck needed: Please wait.
[ 1912.412778][T11394] usbtmc 10-1:16.0: can't read capabilities
[ 1912.484973][T15921] XFS (loop5): Quotacheck: Done.
[ 1912.509039][T15956] netlink: 56 bytes leftover after parsing attributes in process `syz.1.17926'.
[ 1912.614547][T20436] usb 10-1: USB disconnect, device number 22
[ 1912.778211][T14931] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1912.849814][T15966] netlink: 180 bytes leftover after parsing attributes in process `syz.1.17931'.
[ 1912.909349][T15966] NCSI netlink: No device for ifindex 0
[ 1913.243993][T15973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17934'.
[ 1913.260625][    C0] bridge0: port 3(gretap0) entered forwarding state
[ 1913.274441][    C0] bridge0: topology change detected, propagating
[ 1913.296577][T10947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.357820][T11394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.368690][T10947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.520249][T15977] loop9: detected capacity change from 0 to 1024
[ 1913.591261][T15977] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1913.612064][T11394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.643230][T15977] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1913.761744][T11394] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.796250][T15992] syzkaller1: entered promiscuous mode
[ 1913.802396][T15992] syzkaller1: entered allmulticast mode
[ 1914.098423][T14900] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1914.220587][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1914.265673][T16000] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17944'.
[ 1914.345868][T16004] netlink: 'syz.2.17947': attribute type 1 has an invalid length.
[ 1914.390656][T16004] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.17947'.
[ 1914.640865][T16010] loop8: detected capacity change from 16 to 0
[ 1914.670969][T16015] dvmrp0: entered allmulticast mode
[ 1914.854961][T16022] loop5: detected capacity change from 0 to 256
[ 1914.895646][T16022] exfat: Deprecated parameter 'namecase'
[ 1914.922880][T16022] exfat: Deprecated parameter 'utf8'
[ 1915.020167][T16022] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[ 1915.160545][T11394] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[ 1915.344806][T11394] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1915.376368][T11394] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1915.402530][T11394] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1915.432404][T11394] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1915.479774][T11394] usb 10-1: config 0 descriptor??
[ 1916.125282][T11394] usb 10-1: string descriptor 0 read error: -22
[ 1916.220612][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1916.335658][T11394] input: HID 256c:006d as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:256C:006D.0136/input/input158
[ 1916.376540][T11394] input: HID 256c:006d as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:256C:006D.0136/input/input159
[ 1916.450092][T16050] GUP no longer grows the stack in syz.1.17966 (16050): 200000006000-20000000a000 (200000005000)
[ 1916.453954][T11394] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:256C:006D.0136/input/input160
[ 1916.482209][T16050] CPU: 0 UID: 0 PID: 16050 Comm: syz.1.17966 Not tainted syzkaller #0 PREEMPT(full) 
[ 1916.482257][T16050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1916.482280][T16050] Call Trace:
[ 1916.482291][T16050]  <TASK>
[ 1916.482307][T16050]  dump_stack_lvl+0x16c/0x1f0
[ 1916.482377][T16050]  gup_vma_lookup+0x1d2/0x220
[ 1916.482423][T16050]  __get_user_pages+0x243/0x34a0
[ 1916.482483][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.482530][T16050]  ? down_read_killable+0x220/0x4b0
[ 1916.482569][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.482614][T16050]  ? __lock_acquire+0x62e/0x1ce0
[ 1916.482674][T16050]  ? __pfx___get_user_pages+0x10/0x10
[ 1916.482722][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.482779][T16050]  __gup_longterm_locked+0xa92/0x17e0
[ 1916.482822][T16050]  ? __entry_text_end+0x1020b6/0x1020b9
[ 1916.482878][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.482925][T16050]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1916.482976][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483021][T16050]  ? try_get_folio+0x255/0x730
[ 1916.483058][T16050]  ? find_held_lock+0x2b/0x80
[ 1916.483108][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483163][T16050]  gup_fast_fallback+0xf78/0x23f0
[ 1916.483244][T16050]  ? rcu_is_watching+0x12/0xc0
[ 1916.483293][T16050]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1916.483342][T16050]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1916.483398][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483451][T16050]  ? __lock_acquire+0xb97/0x1ce0
[ 1916.483514][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483567][T16050]  get_user_pages_fast+0xa7/0xf0
[ 1916.483612][T16050]  ? __pfx_get_user_pages_fast+0x10/0x10
[ 1916.483662][T16050]  ? __mutex_trylock_common+0xe9/0x250
[ 1916.483725][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483778][T16050]  __iov_iter_get_pages_alloc+0x818/0x20a0
[ 1916.483826][T16050]  ? trace_contention_end+0xdd/0x130
[ 1916.483887][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.483931][T16050]  ? __mutex_lock+0x1c5/0x1060
[ 1916.483991][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.484038][T16050]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[ 1916.484088][T16050]  ? __pfx___mutex_lock+0x10/0x10
[ 1916.484144][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.484189][T16050]  ? import_ubuf+0x1b6/0x220
[ 1916.484239][T16050]  iov_iter_get_pages2+0xa3/0x100
[ 1916.484279][T16050]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[ 1916.484325][T16050]  ? wait_for_space+0x232/0x2e0
[ 1916.484395][T16050]  __do_sys_vmsplice+0xa47/0x11a0
[ 1916.484471][T16050]  ? __pfx___do_sys_vmsplice+0x10/0x10
[ 1916.484532][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.484578][T16050]  ? futex_private_hash_put+0x18a/0x300
[ 1916.484645][T16050]  ? __pfx_futex_wait+0x10/0x10
[ 1916.484768][T16050]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1916.484825][T16050]  ? do_syscall_64+0xcd/0x4c0
[ 1916.484856][T16050]  do_syscall_64+0xcd/0x4c0
[ 1916.484895][T16050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1916.484933][T16050] RIP: 0033:0x7fc8ddd8ebe9
[ 1916.484962][T16050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1916.485000][T16050] RSP: 002b:00007fc8deb26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1916.485035][T16050] RAX: ffffffffffffffda RBX: 00007fc8ddfc5fa0 RCX: 00007fc8ddd8ebe9
[ 1916.485061][T16050] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000005
[ 1916.485149][T16050] RBP: 00007fc8dde11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1916.485174][T16050] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1916.485198][T16050] R13: 00007fc8ddfc6038 R14: 00007fc8ddfc5fa0 R15: 00007ffeeb4fb8e8
[ 1916.485250][T16050]  </TASK>
[ 1916.949162][T11394] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:256C:006D.0136/input/input161
[ 1916.978537][T11394] uclogic 0003:256C:006D.0136: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.9-1/input0
[ 1916.994920][T11394] usb 10-1: USB disconnect, device number 23
[ 1917.065910][T16053] loop5: detected capacity change from 0 to 8192
[ 1917.660713][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1918.220753][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1920.220575][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1920.542507][T16118] netlink: 'syz.0.17997': attribute type 32 has an invalid length.
[ 1920.563565][T16118] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[ 1920.619064][T16122] loop5: detected capacity change from 0 to 1024
[ 1920.638844][T16122] EXT4-fs: Ignoring removed bh option
[ 1920.695392][T16122] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[ 1920.972990][T16122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1921.105605][   T30] audit: type=1800 audit(2000000656.080:5586): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.17999" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1921.446274][T16107] loop9: detected capacity change from 0 to 32768
[ 1921.492440][T16107] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.17992 (16107)
[ 1921.537013][T16107] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1921.566563][T16107] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[ 1921.652409][T14931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1921.698088][T16107] BTRFS info (device loop9): enabling ssd optimizations
[ 1921.725134][T16107] BTRFS info (device loop9): enabling free space tree
[ 1922.041310][T14900] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1922.163075][T16159] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.18008'.
[ 1922.220666][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1922.293424][   T30] audit: type=1326 audit(2000000657.270:5587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.347451][   T30] audit: type=1326 audit(2000000657.290:5588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.405466][   T30] audit: type=1326 audit(2000000657.290:5589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.451782][   T30] audit: type=1326 audit(2000000657.290:5590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.540648][   T30] audit: type=1326 audit(2000000657.310:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.610001][   T30] audit: type=1326 audit(2000000657.310:5592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.675947][   T30] audit: type=1326 audit(2000000657.310:5593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.679757][T16169] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1922.764304][   T30] audit: type=1326 audit(2000000657.310:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.847240][   T30] audit: type=1326 audit(2000000657.310:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16162 comm="syz.5.18010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f011e58ebe9 code=0x7ffc0000
[ 1922.900821][T16171] netlink: 36 bytes leftover after parsing attributes in process `syz.9.18006'.
[ 1924.220585][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1924.662392][T16230] loop9: detected capacity change from 0 to 256
[ 1925.173536][T16239] loop5: detected capacity change from 0 to 8192
[ 1926.220759][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1926.256165][T16272] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input162
[ 1926.700677][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1927.462692][T16290] loop9: detected capacity change from 0 to 1024
[ 1927.553623][T16290] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1927.583594][T16300] netlink: 'syz.0.18067': attribute type 13 has an invalid length.
[ 1927.597842][T16290] EXT4-fs error (device loop9): mb_free_blocks:2014: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[ 1927.818054][T14900] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1928.699916][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1928.747895][T16316] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.18071'.
[ 1928.938517][T16320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18074'.
[ 1929.127354][T16322] loop9: detected capacity change from 0 to 4096
[ 1929.690701][T11394] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1929.855531][T11394] usb 10-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[ 1929.865883][T11394] usb 10-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[ 1929.884345][T11394] usb 10-1: Product: syz
[ 1929.908714][T11394] usb 10-1: Manufacturer: syz
[ 1929.918834][T11394] usb 10-1: SerialNumber: syz
[ 1929.935819][T11394] usb 10-1: config 0 descriptor??
[ 1929.954144][T11394] ch341 10-1:0.0: ch341-uart converter detected
[ 1930.084458][T16351] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1930.468324][T16300] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1930.487504][T16300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1930.754874][T16300] mac80211_hwsim hwsim33 wlan0: left allmulticast mode
[ 1930.779535][T16320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18074'.
[ 1930.797392][T32704] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.807061][T32704] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.821590][T32704] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.836188][T32704] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.852089][ T1985] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1930.977911][T11394] ch341-uart ttyUSB0: failed to read break control: -71
[ 1930.986063][T11394] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[ 1931.004926][T11394] usb 10-1: USB disconnect, device number 24
[ 1931.010724][  T600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1931.018288][T11394] ch341 10-1:0.0: device disconnected
[ 1931.024214][  T600] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1931.030663][ T1985] usb 5-1: Using ep0 maxpacket: 16
[ 1931.042989][ T1985] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1931.066571][ T1985] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1931.096893][ T1985] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1931.121652][ T1985] usb 5-1: config 0 descriptor??
[ 1931.180660][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1931.554906][ T1985] hid (null): report_id 3899690137 is invalid
[ 1931.567758][ T1985] hid (null): report_id 1862125167 is invalid
[ 1931.786208][ T1985] usb 5-1: USB disconnect, device number 11
[ 1931.903747][T16385] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1932.773374][T16405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18114'.
[ 1932.800689][   T44] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1932.968428][   T44] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1932.993607][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1933.007735][   T44] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1933.025704][   T44] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1933.036950][   T44] usb 5-1: Manufacturer: syz
[ 1933.049263][   T44] usb 5-1: config 0 descriptor??
[ 1933.107506][ T1985] hid-generic 0005:16BF:5505.0138: unknown main item tag 0x0
[ 1933.124951][ T1985] hid-generic 0005:16BF:5505.0138: hidraw0: BLUETOOTH HID vc3.b8 Device [syz0] on aa:aa:aa:aa:aa:aa
[ 1933.171133][   T44] rc_core: IR keymap rc-hauppauge not found
[ 1933.177539][   T44] Registered IR keymap rc-empty
[ 1933.180832][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1933.192030][   T44] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1933.215871][   T44] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input163
[ 1933.269807][T16419] sock: sock_set_timeout: `syz.9.18119' (pid 16419) tries to set negative timeout
[ 1933.363151][T16423] unknown channel width for channel at 909000KHz?
[ 1933.514937][    C1] igorplugusb 5-1:0.0: receive overflow, at least 3 lost
[ 1933.821480][T11394] usb 5-1: USB disconnect, device number 12
[ 1934.585921][T16440] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input164
[ 1935.180686][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1935.225886][T16457] 9pnet: p9_errstr2errno: server reported unknown error �@
[ 1935.323630][T16459] geneve2: entered promiscuous mode
[ 1935.334843][T16459] geneve2: entered allmulticast mode
[ 1935.609800][T16469] netlink: 64 bytes leftover after parsing attributes in process `syz.4.18142'.
[ 1936.073529][   T30] kauditd_printk_skb: 14 callbacks suppressed
[ 1936.073555][   T30] audit: type=1326 audit(2000000671.050:5610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16483 comm="syz.5.18149" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f011e58ebe9 code=0x0
[ 1936.315470][T16491] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input165
[ 1937.180902][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1937.208065][T16526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18166'.
[ 1937.228739][T16526] IPVS: Error joining to the multicast group
[ 1937.434350][T16533] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input166
[ 1938.132697][T32730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1938.146841][T32730] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1938.193042][    C0] ------------[ cut here ]------------
[ 1938.198613][    C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[ 1938.210200][    C0] WARNING: CPU: 0 PID: 32730 at net/mac80211/rate.c:398 __rate_control_send_low+0x661/0x780
[ 1938.220359][    C0] Modules linked in:
[ 1938.224307][    C0] CPU: 0 UID: 0 PID: 32730 Comm: kworker/u8:35 Not tainted syzkaller #0 PREEMPT(full) 
[ 1938.234000][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1938.244117][    C0] Workqueue: krdsd rds_connect_worker
[ 1938.249539][    C0] RIP: 0010:__rate_control_send_low+0x661/0x780
[ 1938.255860][    C0] Code: a4 a0 d4 00 00 00 e8 de 84 b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 c0 02 09 8d e8 10 29 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 7d ee 18 f7 e9 fb fc ff
[ 1938.275530][    C0] RSP: 0018:ffffc90000007948 EFLAGS: 00010282
[ 1938.281655][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3388
[ 1938.289642][    C0] RDX: ffff88803142da00 RSI: ffffffff817a3395 RDI: 0000000000000001
[ 1938.297659][    C0] RBP: ffff888078a9dca8 R08: 0000000000000001 R09: 0000000000000000
[ 1938.305679][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff
[ 1938.313697][    C0] R13: 0000000000000000 R14: 000000000000000c R15: ffff888078a9dcb0
[ 1938.321717][    C0] FS:  0000000000000000(0000) GS:ffff8881246b7000(0000) knlGS:0000000000000000
[ 1938.330699][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1938.337297][    C0] CR2: 0000001b334fdff8 CR3: 0000000038b26000 CR4: 0000000000350ef0
[ 1938.345313][    C0] Call Trace:
[ 1938.348596][    C0]  <IRQ>
[ 1938.351494][    C0]  rate_control_send_low+0x29a/0x820
[ 1938.356830][    C0]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[ 1938.362993][    C0]  rate_control_get_rate+0x1be/0x5e0
[ 1938.368351][    C0]  ieee80211_beacon_get_finish+0x467/0x670
[ 1938.374235][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[ 1938.380653][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.386332][    C0]  __ieee80211_beacon_get+0xc56/0x1e40
[ 1938.391887][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.397553][    C0]  ? __lock_acquire+0xb97/0x1ce0
[ 1938.402571][    C0]  ieee80211_beacon_get_tim+0xa6/0x280
[ 1938.408055][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[ 1938.414190][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.419873][    C0]  mac80211_hwsim_beacon_tx+0x4d9/0xa40
[ 1938.425491][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.431195][    C0]  __iterate_interfaces+0x2e5/0x650
[ 1938.436476][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1938.442611][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1938.448709][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1938.454590][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[ 1938.461700][    C0]  mac80211_hwsim_beacon+0x105/0x200
[ 1938.467033][    C0]  __hrtimer_run_queues+0x202/0xad0
[ 1938.472317][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1938.478065][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.483781][    C0]  hrtimer_run_softirq+0x17d/0x350
[ 1938.488956][    C0]  handle_softirqs+0x219/0x8e0
[ 1938.493798][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1938.499118][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.504821][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[ 1938.510161][    C0]  ? __tcp_close+0x68f/0x1030
[ 1938.514907][    C0]  do_softirq+0xb2/0xf0
[ 1938.519152][    C0]  </IRQ>
[ 1938.522145][    C0]  <TASK>
[ 1938.525112][    C0]  __local_bh_enable_ip+0x100/0x120
[ 1938.530352][    C0]  tcp_close+0x28/0x120
[ 1938.534579][    C0]  inet_release+0xed/0x200
[ 1938.539031][    C0]  sock_release+0x91/0x1d0
[ 1938.543516][    C0]  rds_tcp_conn_path_connect+0x4aa/0x7f0
[ 1938.549198][    C0]  ? __pfx_rds_tcp_conn_path_connect+0x10/0x10
[ 1938.555420][    C0]  ? try_to_wake_up+0x160/0x1870
[ 1938.560387][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.566081][    C0]  ? debug_object_deactivate+0x1ec/0x3a0
[ 1938.571801][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.577479][    C0]  rds_connect_worker+0x1af/0x2c0
[ 1938.582567][    C0]  process_one_work+0x9cf/0x1b70
[ 1938.587549][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1938.592993][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1938.598404][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.604130][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.609797][    C0]  ? assign_work+0x1a0/0x250
[ 1938.614450][    C0]  worker_thread+0x6c8/0xf10
[ 1938.619099][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1938.624271][    C0]  kthread+0x3c5/0x780
[ 1938.628366][    C0]  ? __pfx_kthread+0x10/0x10
[ 1938.633019][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.638691][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1938.643522][    C0]  ? __pfx_kthread+0x10/0x10
[ 1938.648140][    C0]  ret_from_fork+0x5d7/0x6f0
[ 1938.652783][    C0]  ? __pfx_kthread+0x10/0x10
[ 1938.657402][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1938.662258][    C0]  </TASK>
[ 1938.665284][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1938.672576][    C0] CPU: 0 UID: 0 PID: 32730 Comm: kworker/u8:35 Not tainted syzkaller #0 PREEMPT(full) 
[ 1938.682228][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1938.692289][    C0] Workqueue: krdsd rds_connect_worker
[ 1938.697680][    C0] Call Trace:
[ 1938.700951][    C0]  <IRQ>
[ 1938.703793][    C0]  dump_stack_lvl+0x3d/0x1f0
[ 1938.708414][    C0]  vpanic+0x6e8/0x7a0
[ 1938.712427][    C0]  ? __pfx_vpanic+0x10/0x10
[ 1938.716965][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.722620][    C0]  ? __rate_control_send_low+0x661/0x780
[ 1938.728282][    C0]  panic+0xca/0xd0
[ 1938.732032][    C0]  ? __pfx_panic+0x10/0x10
[ 1938.736493][    C0]  ? check_panic_on_warn+0x1f/0xb0
[ 1938.741638][    C0]  check_panic_on_warn+0xab/0xb0
[ 1938.746613][    C0]  __warn+0xf6/0x3c0
[ 1938.750513][    C0]  ? __rate_control_send_low+0x661/0x780
[ 1938.756175][    C0]  report_bug+0x3c3/0x580
[ 1938.760528][    C0]  ? __rate_control_send_low+0x661/0x780
[ 1938.766190][    C0]  handle_bug+0x184/0x210
[ 1938.770532][    C0]  exc_invalid_op+0x17/0x50
[ 1938.775047][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 1938.779906][    C0] RIP: 0010:__rate_control_send_low+0x661/0x780
[ 1938.786171][    C0] Code: a4 a0 d4 00 00 00 e8 de 84 b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 c0 02 09 8d e8 10 29 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 7d ee 18 f7 e9 fb fc ff
[ 1938.805791][    C0] RSP: 0018:ffffc90000007948 EFLAGS: 00010282
[ 1938.811868][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3388
[ 1938.819842][    C0] RDX: ffff88803142da00 RSI: ffffffff817a3395 RDI: 0000000000000001
[ 1938.827813][    C0] RBP: ffff888078a9dca8 R08: 0000000000000001 R09: 0000000000000000
[ 1938.835789][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff
[ 1938.843762][    C0] R13: 0000000000000000 R14: 000000000000000c R15: ffff888078a9dcb0
[ 1938.851748][    C0]  ? __warn_printk+0x198/0x350
[ 1938.856540][    C0]  ? __warn_printk+0x1a5/0x350
[ 1938.861338][    C0]  ? __rate_control_send_low+0x660/0x780
[ 1938.867015][    C0]  rate_control_send_low+0x29a/0x820
[ 1938.872368][    C0]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[ 1938.878475][    C0]  rate_control_get_rate+0x1be/0x5e0
[ 1938.883804][    C0]  ieee80211_beacon_get_finish+0x467/0x670
[ 1938.889646][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[ 1938.896021][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.901689][    C0]  __ieee80211_beacon_get+0xc56/0x1e40
[ 1938.907191][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.912846][    C0]  ? __lock_acquire+0xb97/0x1ce0
[ 1938.917822][    C0]  ieee80211_beacon_get_tim+0xa6/0x280
[ 1938.923300][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[ 1938.929410][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.935067][    C0]  mac80211_hwsim_beacon_tx+0x4d9/0xa40
[ 1938.940642][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.946297][    C0]  __iterate_interfaces+0x2e5/0x650
[ 1938.951522][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1938.957607][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1938.963707][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1938.969536][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[ 1938.976594][    C0]  mac80211_hwsim_beacon+0x105/0x200
[ 1938.981912][    C0]  __hrtimer_run_queues+0x202/0xad0
[ 1938.987160][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1938.992891][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1938.998552][    C0]  hrtimer_run_softirq+0x17d/0x350
[ 1939.003683][    C0]  handle_softirqs+0x219/0x8e0
[ 1939.008477][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1939.013779][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.019429][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[ 1939.024741][    C0]  ? __tcp_close+0x68f/0x1030
[ 1939.029463][    C0]  do_softirq+0xb2/0xf0
[ 1939.033634][    C0]  </IRQ>
[ 1939.036556][    C0]  <TASK>
[ 1939.039478][    C0]  __local_bh_enable_ip+0x100/0x120
[ 1939.044692][    C0]  tcp_close+0x28/0x120
[ 1939.048865][    C0]  inet_release+0xed/0x200
[ 1939.053297][    C0]  sock_release+0x91/0x1d0
[ 1939.057729][    C0]  rds_tcp_conn_path_connect+0x4aa/0x7f0
[ 1939.063388][    C0]  ? __pfx_rds_tcp_conn_path_connect+0x10/0x10
[ 1939.069558][    C0]  ? try_to_wake_up+0x160/0x1870
[ 1939.074510][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.080164][    C0]  ? debug_object_deactivate+0x1ec/0x3a0
[ 1939.085828][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.091483][    C0]  rds_connect_worker+0x1af/0x2c0
[ 1939.096519][    C0]  process_one_work+0x9cf/0x1b70
[ 1939.101479][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1939.106869][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1939.112252][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.117907][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.123553][    C0]  ? assign_work+0x1a0/0x250
[ 1939.128158][    C0]  worker_thread+0x6c8/0xf10
[ 1939.132781][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1939.137910][    C0]  kthread+0x3c5/0x780
[ 1939.141990][    C0]  ? __pfx_kthread+0x10/0x10
[ 1939.146590][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1939.152257][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1939.157037][    C0]  ? __pfx_kthread+0x10/0x10
[ 1939.161650][    C0]  ret_from_fork+0x5d7/0x6f0
[ 1939.166249][    C0]  ? __pfx_kthread+0x10/0x10
[ 1939.170848][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1939.175651][    C0]  </TASK>
[ 1939.178995][    C0] Kernel Offset: disabled
[ 1939.183313][    C0] Rebooting in 86400 seconds..