last executing test programs:

9.955668962s ago: executing program 2 (id=706):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r2, 0x4068aea3, &(0x7f0000000900))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20)
recvmsg(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

9.015090702s ago: executing program 2 (id=708):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc")
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x50, 0xffffffffffffffff, 0x5738d000)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}], [{@flag='nolazytime'}, {@appraise_type}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]})
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r4, 0x0, 0x2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
keyctl$set_timeout(0xf, r0, 0x6)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
dup3(0xffffffffffffffff, r3, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="0082a1464e47180000f504000000040078e4"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48)

8.36157143s ago: executing program 3 (id=710):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000840)=""/262, 0x37, 0x106, 0x1}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f00000000c0)={0x0, 0x0, 0x40006})
dup(0xffffffffffffffff)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x7, 0x4, 0x80, 0x7, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@getnexthop={0x20, 0x76, 0x401, 0x0, 0x0, {}, [@NHA_ID={0x8, 0x1, 0x8000}]}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

7.529207262s ago: executing program 3 (id=712):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000900))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r5, 0x26}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)

6.504935788s ago: executing program 3 (id=715):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) (fail_nth: 1)

5.989186666s ago: executing program 0 (id=716):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20)
recvmsg(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)

5.586072566s ago: executing program 3 (id=718):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000840)=""/262, 0x37, 0x106, 0x1}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
dup(r7)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x7, 0x4, 0x80, 0x7, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@getnexthop={0x20, 0x76, 0x401, 0x0, 0x0, {}, [@NHA_ID={0x8, 0x1, 0x8000}]}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

4.892114198s ago: executing program 2 (id=719):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000580), 0x1, 0x24f, &(0x7f00000002c0)="$eJzs3U1oFGcYB/BnZnfzuZS0vRQKbaGU0gZCeiv0kl5aCJRQeii0QkTEi5IIMcHbricvHvSskpOXIN6MHiWX4EURPEXNIV4EDR4MHvSwsl8SccGQTXY08/vBZDKz887zDjP/d2YPwwaQWyMRMRERhYgYjYhSRCTbN/iuOY20FhcHV6cjarV/nieN7ZrLTe12wxFRjYhfI2IlTeJ4MWJh+f+Nl2t//nhuvvTDleX/Bnt6kC2bG+t/bV2eOnt98peFu/efTiUxEeV3jmvvJR3WFZOIL/aj2EciKWbdA3bi79PXHtRz/2VEfN/IfynSaJ6883N9K6X4+VLnlrXKhWf3vu5tb4G9VquV6vfAag3InTQiyq2H1Mb/kaZjY81n+IeFofTE7Nyp0WOz8zNHsx6pgD1S//69/sfN/hvDjcwn6Vgr/08KzfwDB1WlNV96VP+7Vci2N0BvlSPWRw9Xfgr5h9yRf8ivVv4HQv7h09W3u2bu/5Bf8g/5Jf+QX/IP+SX/kF/yD/kl/5Bf2/MPAORLrX+HLwpX2w2AgyLj4QcAAAAAAAAAAAAAAAAAAOhgcXB1uj3tw+4HOq28fTFi8/eIKHaqX2j8HnG76dCLpL7ZW0mzWVcOfdvlDrp0NeO3rz97nG39O99kW78yE1E9ExHjxeL711/Suv527/MPfF460mWBLv32b7b1Xy9lW39yLeJWffwZ7zT+pPFVY955/CnXz1+X9U++6nIHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MybAAAA//9RD2XY")
ioctl$F2FS_IOC_RESIZE_FS(r1, 0x4008f510, &(0x7f0000000100)=0x56)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000040), 0x12)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000840)=ANY=[@ANYBLOB="2c00000012009702000000000000000007"], 0x2c}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x0, 0x1, 0x0, 0x80, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1, 0x8}})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @empty}, 0x107})
r7 = socket$igmp6(0xa, 0x3, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c00000015000100000000000000001f01"], 0x1c}}, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x8, @none, 0x6, 0x1}, 0xe)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x0, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)

4.799077344s ago: executing program 0 (id=720):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x552d, &(0x7f000000d000)="$eJzs3M1rI2UYAPAn7Xa7X65FPHjbgUVoYRM23Q/0VnUXP7BLWfXgSdMkDdlNMqVJ09qTB4/iwf9EFDx59G/w4NmbeFC8CUpmJrpdFVybtN3294PJM/PmnWeeN5TCMxMSwKm1kPz6cykux/mImI2ISxHZfqnYMit5eCEirkTEzCNbqRj/c+BsRFyIiMtxbnx6qXjr82vDq7d+euuXb76bP3Pxi6+/P5IFA8fCixHR3cz3d7p5TFt5fFCM14btLHZvDouYv9F9WBynedxprmcZdmrjebUs3mjl89PN7f4obnRq9VFstTey8c1efsH+sDXOk53woLaVHTea61ls99Mstvbyunb38v+Xe/1BnqdR5PsoSx+DwTjm483dZr6ezYdZrPcGxXieN200d0dxWMTiclFPO42sjvWDfNLH29vt3vZuMmxu9dtpL7lVqb5Uqd4uV7fSRnPQvFmudRu3byaLrc5oWnnQrHVXWmna6jQr9bS7lCy26vVytZos3mmut2u9pFqt3KhcL99aKvauJa/fey/pNJLFUXy13dsetDv9ZCPdSvIzlpLlyo2Xl5Kr1eSd1bVk7f7du6tr735w5/17r6y++Vox6W9lJYvL15eXy9Xr5eXq0ila/ydF0RNcPxxI6cmmz0+rDoCnyBT7/4iFPKf+H3jc9Pr/rfsR0+//Q/8/EU9V/3va+/8prB8O5An7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATo4f5r58I9tZyI8vFuPPFEPPFceliJiJiN//wWyc3Zdztsgz9y/z5x6r4dtSZBlG15gvtgsRsVJsvz077U8BAAAATq6vPr7yWd6t5y8LR10Qhym/aTNz6cMJ5StFxNzCjxPKNjN6eX5CybK/7zOxO6Fs2Q2scxNKlt9yOzOpbP/J7L5w7pFQysPMoZYDAAAciv2dwOF2IQAAABymT4+6AI5GKcaPMsfPgrNv3v/1QPD8viMAAADgKM3/v9NKk64DAAAAOHay/t/v/wEAAMDJlv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAHO3eUozQQxwH435YKikZifDTxKPoGx/AIPvpoOICX4Ah4BS/AGfDNIxjY0OmSZcNudtNp2d18X9IO0ww/Zgg8zEwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQp7/1evH75+dfXXN2+27yjAYAAAA4Z1uvF82LWapP2+fv2kcf2noREWVEnJu7V/HqJLOKiE8RUd/Rvr7Vhz8RTcLhM8bt9SYivrbX//d9fwsAAADwcm2Wq3marafb7NIdYkhp0aZ8+y1TXhER9exfprTykPcxU1jz+x7Fj0xpzQLWJFNYWnIb5Up7kObvfly1m9woilSU978/29gBAIABVSfFsLMQAAAAhvT9cPty6V7QXfW45kVcb2UetwLHqWi3916f1AAAAIBnqLh0BwAAAIDeNfP/vs7/mzr/DwAAAJ6EdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfdrW68VmuZp3zdntu8kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J/fDIhhKIqjd2Yy/75V9r/YuqS6hCrnEH7yJDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu5H/EY50zXo0tyUjybLx7PZN8Omp8O2r8+mCuD8e8cCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY2bmf1ziqOADgb2Z2tmlVXKPkEBELHvRi021t7U08KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1v+h5xZ6qbcecqjguTK/kpc04KpkZtP9fODN+84wmfd9sxDynTdZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY/v93TgrNoMqTutj9x7fWi36+/v6wp3NB4tFK+KkzaSPhtfinWQh2plrPxkAAABmQ9bU9yGEh/nWctGng7L+z5tzipr/hxequKnn99f9Td/U/kX7/bdHr+wMNKjGKS56aW08Ov10Kr3Dm+V0e/Efz+iVd7589pKVH0j60cbL23l5P5Pv7t79oF+Gx9rIFgD4L041fR00fw8V/bDLxACYGb2o8G7q/2zQbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdjeCM81cRJCWOztxoX7j2+tHtTf2Xyw2LTzt29vxtcsLpGHEC6tjUenw1yLs5lu12/cvLIyHo+utR+8HkLoavT36ulf+WSCk0M4pDROdnTnZyxI6w97WvI5GkGHv5QAAHgm5XUr6vqH+dZycSyZD+HJj3vr/zejOExY/z/69Py9eKy4/h+2NsPpt7R+9cul6zduvr12deXy6PLo83fODN8dnr1w7tyFpfJZSbXtOk0AAACOsH7d4vo/nX96/f9EFIcJ6/+vvh9+E4+Vqf8PtLvo13UmAAAAs+2lk3/9mRxwPOn3w9cr6+vXhtV2Z/9Mte0g1X/tWN3i+j+b7zorAAAAoA3bG8me9f+LURwmXP9//qdXf4mvmYUQjtfr/6dWvxhfbG86U+1//Idw6E34413PEQAAgHY92fciw/G6xev/efn+f7pzZhpCeOuNKq6/BnCi+j/78Nuf47Hi9//PHvI8p126UN2Psl8IobfQdUYAAAA8y+bKNijr/z/yreXPfj3xcd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+zsAAP//RP895g==")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc000000140001000000000000000000ffffffff000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000004400"], 0xfc}}, 0x0)

4.742221919s ago: executing program 1 (id=721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r4, 0x0, 0xc, &(0x7f0000000000)=0xb, 0x4)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x2d, 0x0) (fail_nth: 6)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000002c00)={0xb0, 0x0, 0x0, [{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}}, {0x0, 0x0, 0x1, 0x0, '/'}}]}, 0xb0)

4.737138459s ago: executing program 3 (id=722):
bpf$MAP_CREATE(0x141e000000000000, &(0x7f00000000c0)=@base={0x6, 0x4, 0x6c03, 0xee, 0x0, 0xffffffffffffffff, 0xa803}, 0x48)

4.650610465s ago: executing program 2 (id=723):
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
ptrace$peeksig(0x4209, r0, &(0x7f0000000040)={0x0, 0x0, 0x6}, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}])
sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x40012002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x2004, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000800000000007fff000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES32=r4, @ANYRESHEX=r2, @ANYRES16=0x0, @ANYRESOCT=r1, @ANYRES8=0x0, @ANYRES8=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00001400000000000000000000000800120000000200000000000000000006000000000000000000000000000000ad1e0001000017000000000000000000ac141400000000000000000000000000050005003616686a0a00001000000000fe8000000000000000000000001800aa000000000000000005000600000000000a"], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00'}, 0x10)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x34)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
dup(r8)

4.600025169s ago: executing program 3 (id=724):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11c2, 0x2208, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x8, 0x7fe2, 0x1, 0x0, r1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xb, &(0x7f00000003c0)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x0, 0x0, 0x8}, 0x48)
setgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x38}, 0x1, 0x300}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000500000005006874a7"], 0x0, 0x0, 0x0, 0x0}, 0x0)

4.229559387s ago: executing program 4 (id=725):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000790000ff000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x804810, &(0x7f0000000d40), 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")
close(0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={0x1}, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="1800000000faff000000004800000000850000e0683b21000e000000efdc52a10de0988a41d20501c3494d97acff03000052abfbd8f2c3e381", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000e40), 0x0, 0x0)

4.140799673s ago: executing program 2 (id=726):
write$vga_arbiter(0xffffffffffffffff, 0x0, 0xd)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000320, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f2ff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202d437b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='mm_page_alloc\x00', r4}, 0x10)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070d00be0083"], 0x0}, 0x0)
pipe2(0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1403000027fe9029120001000020000000000000"], 0x14}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b708000006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.736133913s ago: executing program 1 (id=727):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f00000001c0)={0x0, 0x0, 0x1, 0x2}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r2}, 0x10)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x1, 0x0)
ioctl$MON_IOCT_RING_SIZE(r3, 0x9204, 0xdd218)

3.735776853s ago: executing program 1 (id=728):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r9, r8, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20)
recvmsg(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

3.663745659s ago: executing program 4 (id=729):
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x60, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x28, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xe, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6}}]}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x60}}, 0x0)
connect$can_bcm(r2, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r1, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x4}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x4, 0x1, 0x0, r6, 0x0, '\x00', r1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)

3.032366525s ago: executing program 0 (id=730):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [{@appraise}], 0x2c})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="be"], 0x1)
r2 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x107000, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000200)={0x80000002})
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f00000044c0)=[{{0x0, 0x0, &(0x7f0000000600)}}], 0x4e8, 0x0) (fail_nth: 11)

3.020703166s ago: executing program 4 (id=731):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000280)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5f0, &(0x7f0000000640)="$eJzs3c9vVNUeAPDvnWlLf/BeC3l57+FCmhgDidDSAoYYF7A1pMEfcePGSgsiBRpao0UTSoIbE+PGGBNXLsT/QolsWenKhRtXhoSoYWnimDu9t3TaO6WddjrI/XySoffeM7fne5l+e86cnnMngNIaTv+pROyLiNkkYjBZXC7riqxweOl5D/748Gz6SKJWe/W3JJLsWP78JPs6kJ3cGxE/fJ/E3uraeucWrl2cnJmZvprtj85fmh2dW7h2+MKlyfPT56cvjz8/fuL4seMnxo60dF3XC46dvvnOe4MfT7zx9Zd/JmPf/DyRxMl4KXviyuvYLsMxXP8/SdYWDZzY7so6pJr9nKx8iZOuDgbEpuSvX3dE/C8GoxoPX7zB+OjljgYHtFUtiagBJZXIfyipvB+Qv7df/T64UtBnONS/I10ToM3un1oaAFib/11LY4PRWx8b6H+QxMphnSQiWhuZa7Q7Iu7embh57s7EzWgchysYNQS20+KNiPh/Uf4n9fwfit4Yqud/pSH/037BmexrevyVFutfPVTcjnF4oNhS/veum//RJP/fXJH/b7VY//DDzbf7GvK/r9VLAgAAAAAAgNK6fSoiDhX9/b+yPP8nCub/DETEyW2of3jV/tq//1fubUM1QIH7pyJeLJz/W8ln/w5Vs61/1ecDdCfnLsxMH4mIf0fEwejele6PrVPH4U/2ftGsbDib/5c/0vrvZnMBszjude1qPGdqcn5yq9cNRNy/EfFU4fzfZLn9Twra//T3wewG69j77K0zzcoenf9Au9S+ijhQ2P4/vGtFsv79OUbr/YHRvFew1tMffPpts/pbzX+3mICtS9v//vXzfyhZeb+euc3XcXShq9asrNX+f0/yWn19UE927P3J+fmrYxE9yelqerTh+PjmY4YnUZ4Peb6k+X/wmfXH/4r6/30Rsbjqeye/N64pzv33r4FfmsWj/w+dk+b/1Kba/81vjN8a+q5Z/Rtr/4/V2/qD2RHjf7Dk8zxNexqPF6RjV1HRTscLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+CSkTsjqQysrxdqYyMRAxExH+ivzJzZW7+uXNX3r08lZbVP/+/kn/S7+DSfpJ//v/Qiv3xVftHI2JPRHxW7avvj5y9MjPV6YsHAAAAAAAAAAAAAAAAAACAx8RAk/X/qV+rnY4OaLuuTgcAdExB/v/YiTiAnaf9h/KS/1Be8h/KS/5Decl/KC/5D+W10fzvbXMcwM7T/gMAAAAAwBNlz/7bPyURsfhCX/2R6snKujsaGdBulU4HAHSMW/xAeZn6A+XlPT6QPKK8cOp/spEz1zN7dgsnAwAAAAAAAAAAAEDpHNhn/T+UlfX/UF7W/0N55ev/93c4DmDneY8PxCNW8jf/6L+trP8HAAAAAAAAAAAAADZjbuHaxcmZmemrNl5/PMLYyY1arXY9/Sl4XOL5h2/kU+G3+n2q0ZYI87V+Gzurc7+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACARn8HAAD//9zcJCQ=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioperm(0x0, 0x2, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = fcntl$dupfd(r3, 0x406, r0)
setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, &(0x7f0000001800)={0x2, {{0xa, 0x4e21, 0x2b, @mcast1, 0x443}}, 0x1, 0x2, [{{0xa, 0x4e22, 0x5, @local, 0x7407}}, {{0xa, 0x4e22, 0xcc9, @mcast2, 0x6}}]}, 0x190)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x2d)
r10 = syz_open_procfs(0xffffffffffffffff, 0x0)
r11 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r11, r10, 0x0, 0x80000000)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

2.888966616s ago: executing program 1 (id=732):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x24044040)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000500)="04", 0x1, 0x20000004, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r7, &(0x7f0000000480)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c)
r8 = dup2(r7, r7)
sendmmsg$inet6(r8, &(0x7f0000003f00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="3840000000000007e4ce8b2e44e6fb44858386d2a320b7531a3aff6b5b01702b8de4ab9c33af8b87", 0x28}], 0x1}}], 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$setstatus(r4, 0x4, 0x800)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r9, 0x0, 0x2e, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @empty}}}, 0x108)

2.052088338s ago: executing program 0 (id=733):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000840)=""/262, 0x37, 0x106, 0x1}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f00000000c0)={0x0, 0x0, 0x40006})
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
dup(r7)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x7, 0x4, 0x80, 0x7, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@getnexthop={0x20, 0x76, 0x401, 0x0, 0x0, {}, [@NHA_ID={0x8, 0x1, 0x8000}]}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

2.037717249s ago: executing program 4 (id=734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r2, 0x4068aea3, &(0x7f0000000900))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000feff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20)
recvmsg(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)

2.018185111s ago: executing program 1 (id=735):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f0000000040)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x100002, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000001c0)={@loopback, 0x800, 0x1}, 0x20)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@setlink={0x20, 0x13, 0x501}, 0x20}}, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x7a11, 0x0, 0x0)

1.120813157s ago: executing program 0 (id=736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="a903000000000000000032"], 0x1c}}, 0x0) (fail_nth: 6)

1.006351266s ago: executing program 4 (id=737):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b00000000000000001804", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000180)='./bus\x00', 0x910cc3, 0x0, 0x8, 0x0, &(0x7f0000000040))
mkdir(&(0x7f0000000380)='./file0\x00', 0x0)
mount$incfs(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007", @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0xd8, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000540)='./bus\x00', 0x100000, &(0x7f0000000440)=ANY=[], 0x4, 0x0, 0x0)
openat$incfs(0xffffffffffffff9c, 0x0, 0x1a10c1, 0x0)
rmdir(&(0x7f0000001100)='./file1\x00')

953.71103ms ago: executing program 1 (id=738):
r0 = geteuid()
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
syz_mount_image$f2fs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000540)={[{@alloc_mode_reuse}, {@checkpoint_diasble}, {@alloc_mode_def}, {@fastboot}, {@inline_data}, {@nogc_merge}, {@extent_cache}, {@nodiscard}, {@heap}, {@inline_data}, {@io_bits={'io_bits', 0x3d, 0x7b}}, {@compress_chksum}, {@user_xattr}, {@noextent_cache}, {@block_mode}], [{@uid_gt={'uid>', r1}}, {@euid_gt={'euid>', r0}}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r5 = dup(r3)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f00003d2000/0x3000)=nil, 0x3000, 0x1000001, 0x13, r3, 0xdb8a7000)

87.019194ms ago: executing program 4 (id=739):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x30000, 0x0, 0x41, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3014490, &(0x7f0000000400)={[{@nombcache}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@mblk_io_submit}, {@mblk_io_submit}, {@i_version}, {@barrier_val}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="104146d2ca200d346849ff53dc41856e50f4eceb7c2c57e3a1d56f28ed524660350adf0a243b7b8d93d9edacc821a3ba3654654e76587ab7fad709aad9eeee8630c60391f89bf8c2657373e8915698ebc9148a6a695302f4010f63e4d54c7d9f4a532468c78a5c5bbc35fa6cd540659559f4211911735504382ad2bd1d3d357e59da98bb548d", @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000380)='net/protocols\x00')
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)

45.315437ms ago: executing program 2 (id=740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000900))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r5, 0x26}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x8e80}], 0x1}, 0x0)

0s ago: executing program 0 (id=741):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x552d, &(0x7f000000d000)="$eJzs3M1rI2UYAPAn7Xa7X65FPHjbgUVoYRM23Q/0VnUXP7BLWfXgSdMkDdlNMqVJ09qTB4/iwf9EFDx59G/w4NmbeFC8CUpmJrpdFVybtN3294PJM/PmnWeeN5TCMxMSwKm1kPz6cykux/mImI2ISxHZfqnYMit5eCEirkTEzCNbqRj/c+BsRFyIiMtxbnx6qXjr82vDq7d+euuXb76bP3Pxi6+/P5IFA8fCixHR3cz3d7p5TFt5fFCM14btLHZvDouYv9F9WBynedxprmcZdmrjebUs3mjl89PN7f4obnRq9VFstTey8c1efsH+sDXOk53woLaVHTea61ls99Mstvbyunb38v+Xe/1BnqdR5PsoSx+DwTjm483dZr6ezYdZrPcGxXieN200d0dxWMTiclFPO42sjvWDfNLH29vt3vZuMmxu9dtpL7lVqb5Uqd4uV7fSRnPQvFmudRu3byaLrc5oWnnQrHVXWmna6jQr9bS7lCy26vVytZos3mmut2u9pFqt3KhcL99aKvauJa/fey/pNJLFUXy13dsetDv9ZCPdSvIzlpLlyo2Xl5Kr1eSd1bVk7f7du6tr735w5/17r6y++Vox6W9lJYvL15eXy9Xr5eXq0ila/ydF0RNcPxxI6cmmz0+rDoCnyBT7/4iFPKf+H3jc9Pr/rfsR0+//Q/8/EU9V/3va+/8prB8O5An7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATo4f5r58I9tZyI8vFuPPFEPPFceliJiJiN//wWyc3Zdztsgz9y/z5x6r4dtSZBlG15gvtgsRsVJsvz077U8BAAAATq6vPr7yWd6t5y8LR10Qhym/aTNz6cMJ5StFxNzCjxPKNjN6eX5CybK/7zOxO6Fs2Q2scxNKlt9yOzOpbP/J7L5w7pFQysPMoZYDAAAciv2dwOF2IQAAABymT4+6AI5GKcaPMsfPgrNv3v/1QPD8viMAAADgKM3/v9NKk64DAAAAOHay/t/v/wEAAMDJlv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAHO3eUozQQxwH435YKikZifDTxKPoGx/AIPvpoOICX4Ah4BS/AGfDNIxjY0OmSZcNudtNp2d18X9IO0ww/Zgg8zEwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQp7/1evH75+dfXXN2+27yjAYAAAA4Z1uvF82LWapP2+fv2kcf2noREWVEnJu7V/HqJLOKiE8RUd/Rvr7Vhz8RTcLhM8bt9SYivrbX//d9fwsAAADwcm2Wq3marafb7NIdYkhp0aZ8+y1TXhER9exfprTykPcxU1jz+x7Fj0xpzQLWJFNYWnIb5Up7kObvfly1m9woilSU978/29gBAIABVSfFsLMQAAAAhvT9cPty6V7QXfW45kVcb2UetwLHqWi3916f1AAAAIBnqLh0BwAAAIDeNfP/vs7/mzr/DwAAAJ6EdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfdrW68VmuZp3zdntu8kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J/fDIhhKIqjd2Yy/75V9r/YuqS6hCrnEH7yJDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu5H/EY50zXo0tyUjybLx7PZN8Omp8O2r8+mCuD8e8cCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY2bmf1ziqOADgb2Z2tmlVXKPkEBELHvRi021t7U08KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1v+h5xZ6qbcecqjguTK/kpc04KpkZtP9fODN+84wmfd9sxDynTdZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY/v93TgrNoMqTutj9x7fWi36+/v6wp3NB4tFK+KkzaSPhtfinWQh2plrPxkAAABmQ9bU9yGEh/nWctGng7L+z5tzipr/hxequKnn99f9Td/U/kX7/bdHr+wMNKjGKS56aW08Ov10Kr3Dm+V0e/Efz+iVd7589pKVH0j60cbL23l5P5Pv7t79oF+Gx9rIFgD4L041fR00fw8V/bDLxACYGb2o8G7q/2zQbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdjeCM81cRJCWOztxoX7j2+tHtTf2Xyw2LTzt29vxtcsLpGHEC6tjUenw1yLs5lu12/cvLIyHo+utR+8HkLoavT36ulf+WSCk0M4pDROdnTnZyxI6w97WvI5GkGHv5QAAHgm5XUr6vqH+dZycSyZD+HJj3vr/zejOExY/z/69Py9eKy4/h+2NsPpt7R+9cul6zduvr12deXy6PLo83fODN8dnr1w7tyFpfJZSbXtOk0AAACOsH7d4vo/nX96/f9EFIcJ6/+vvh9+E4+Vqf8PtLvo13UmAAAAs+2lk3/9mRxwPOn3w9cr6+vXhtV2Z/9Mte0g1X/tWN3i+j+b7zorAAAAoA3bG8me9f+LURwmXP9//qdXf4mvmYUQjtfr/6dWvxhfbG86U+1//Idw6E34413PEQAAgHY92fciw/G6xev/efn+f7pzZhpCeOuNKq6/BnCi+j/78Nuf47Hi9//PHvI8p126UN2Psl8IobfQdUYAAAA8y+bKNijr/z/yreXPfj3xcd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+zsAAP//RP895g==")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc000000140001000000000000000000ffffffff000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000004400"], 0xfc}}, 0x0)

kernel console output (not intermixed with test programs):

or" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdae3b79eb9 code=0x7fc00000
[  148.223702][ T2391] syz.3.473: attempt to access beyond end of device
[  148.223702][ T2391] loop3: rw=524288, sector=1049272, nr_sectors = 16 limit=16
[  148.325027][ T2391] syz.3.473: attempt to access beyond end of device
[  148.325027][ T2391] loop3: rw=524288, sector=376, nr_sectors = 16 limit=16
[  148.346629][ T2391] syz.3.473: attempt to access beyond end of device
[  148.346629][ T2391] loop3: rw=524288, sector=384, nr_sectors = 16 limit=16
[  148.362438][ T2391] syz.3.473: attempt to access beyond end of device
[  148.362438][ T2391] loop3: rw=524288, sector=720, nr_sectors = 16 limit=16
[  148.376038][ T2391] syz.3.473: attempt to access beyond end of device
[  148.376038][ T2391] loop3: rw=524288, sector=728, nr_sectors = 16 limit=16
[  148.377102][  T297] EXT4-fs (loop4): unmounting filesystem.
[  148.390118][ T2391] syz.3.473: attempt to access beyond end of device
[  148.390118][ T2391] loop3: rw=524288, sector=525144, nr_sectors = 16 limit=16
[  148.408894][ T2391] syz.3.473: attempt to access beyond end of device
[  148.408894][ T2391] loop3: rw=524288, sector=525152, nr_sectors = 16 limit=16
[  148.425432][ T2391] syz.3.473: attempt to access beyond end of device
[  148.425432][ T2391] loop3: rw=524288, sector=13478624032, nr_sectors = 16 limit=16
[  148.439652][ T2391] syz.3.473: attempt to access beyond end of device
[  148.439652][ T2391] loop3: rw=524288, sector=13478624040, nr_sectors = 16 limit=16
[  150.254093][ T2421] netlink: 'syz.1.480': attribute type 4 has an invalid length.
[  150.261634][ T2421] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.480'.
[  150.299080][  T318] snd-usb-audio: probe of 2-1:0.2 failed with error -12
[  150.306448][  T298] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  150.319164][  T318] usb 2-1: USB disconnect, device number 21
[  150.330460][ T2425] loop1: detected capacity change from 0 to 512
[  150.343825][ T2425] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  150.354446][ T2425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c019, mo2=0002]
[  150.362272][ T2425] System zones: 1-12
[  150.367199][ T2425] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2810: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  150.380278][ T2425] EXT4-fs (loop1): 1 truncate cleaned up
[  150.385746][ T2425] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  151.120569][ T2425] xt_TCPMSS: Only works on TCP SYN packets
[  151.137047][ T2435] loop0: detected capacity change from 0 to 512
[  151.143253][ T2435] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.149794][ T2435] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  151.160922][ T2435] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.484: corrupted in-inode xattr
[  151.172965][ T2435] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.484: couldn't read orphan inode 15 (err -117)
[  151.184956][ T2435] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  151.636458][  T298] usb 3-1: unable to read config index 0 descriptor/all
[  151.644320][  T298] usb 3-1: can't read configurations, error -71
[  151.692285][ T2338] EXT4-fs (loop1): unmounting filesystem.
[  153.078760][ T1894] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  153.091903][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  153.103522][ T2475] netlink: 'syz.0.493': attribute type 4 has an invalid length.
[  153.111130][ T2475] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.493'.
[  153.336414][ T1894] usb 2-1: Using ep0 maxpacket: 16
[  153.496557][ T1894] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  153.504791][ T1894] usb 2-1: config 0 has no interface number 0
[  153.510921][ T1894] usb 2-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  153.520819][ T1894] usb 2-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  153.942952][ T2491] loop3: detected capacity change from 0 to 512
[  153.949281][ T2491] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.955834][ T2491] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  153.968018][ T2491] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.497: corrupted in-inode xattr
[  153.980238][ T2491] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.497: couldn't read orphan inode 15 (err -117)
[  153.992094][ T2491] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  154.026481][ T1894] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  154.035542][ T1894] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  154.043394][ T1894] usb 2-1: Product: syz
[  154.047438][ T1894] usb 2-1: SerialNumber: syz
[  154.052188][ T1894] usb 2-1: config 0 descriptor??
[  154.266232][ T2498] loop4: detected capacity change from 0 to 512
[  154.272542][ T2498] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.279173][ T2498] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  154.286453][  T386] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  154.290228][ T2498] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.499: corrupted in-inode xattr
[  154.308239][ T2498] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.499: couldn't read orphan inode 15 (err -117)
[  154.319989][ T2498] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  154.507001][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  154.526434][  T386] usb 1-1: Using ep0 maxpacket: 16
[  154.828095][  T386] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  154.836149][  T386] usb 1-1: config 0 has no interface number 0
[  154.843081][  T297] EXT4-fs (loop4): unmounting filesystem.
[  154.862484][  T386] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  154.872008][  T386] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  154.943793][ T2511] loop4: detected capacity change from 0 to 1024
[  154.951059][ T2511] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  154.959748][ T2511] EXT4-fs (loop4): orphan cleanup on readonly fs
[  154.966127][ T2511] Quota error (device loop4): v2_read_file_info: Can't read info structure
[  154.974656][ T2511] EXT4-fs warning (device loop4): ext4_enable_quotas:6999: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  154.980539][ T2507] loop2: detected capacity change from 0 to 40427
[  154.995157][ T2511] EXT4-fs (loop4): Cannot turn on quotas: error -5
[  155.001553][  T386] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  155.002063][ T2511] EXT4-fs (loop4): 1 truncate cleaned up
[  155.011291][  T386] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  155.015990][ T2511] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  155.023854][  T386] usb 1-1: Product: syz
[  155.036493][  T386] usb 1-1: SerialNumber: syz
[  155.037017][ T2507] F2FS-fs (loop2): Found nat_bits in checkpoint
[  155.041511][  T386] usb 1-1: config 0 descriptor??
[  155.066811][ T2507] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  155.189316][ T2520] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  155.197704][ T2520] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 16: comm syz.4.502: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  155.328376][  T386] snd-usb-audio: probe of 1-1:0.2 failed with error -12
[  155.336896][  T386] usb 1-1: USB disconnect, device number 20
[  155.430326][   T28] audit: type=1400 audit(1725229991.868:780): avc:  denied  { ioctl } for  pid=2523 comm="syz.3.503" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=27368 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  155.776519][  T297] EXT4-fs (loop4): unmounting filesystem.
[  155.794254][ T2528] loop4: detected capacity change from 0 to 512
[  155.800554][ T2528] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.814108][ T2528] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  155.863845][ T2533] netlink: 'syz.2.505': attribute type 4 has an invalid length.
[  155.872067][ T1894] snd-usb-audio: probe of 2-1:0.2 failed with error -12
[  155.872106][ T2533] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.505'.
[  155.879503][ T1894] usb 2-1: USB disconnect, device number 22
[  155.906567][ T2528] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.504: corrupted in-inode xattr
[  155.918719][ T2528] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.504: couldn't read orphan inode 15 (err -117)
[  155.930692][ T2528] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  155.967611][ T2541] loop2: detected capacity change from 0 to 1024
[  155.984169][ T2541] ext4: Bad value for 'resgid'
[  156.684536][ T2553] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  156.773432][ T2558] loop0: detected capacity change from 0 to 512
[  156.780525][ T2558] EXT4-fs (loop0): can't mount with both data=journal and delalloc
[  156.789257][  T297] EXT4-fs (loop4): unmounting filesystem.
[  156.804986][   T28] audit: type=1400 audit(1725229993.238:781): avc:  denied  { ioctl } for  pid=2562 comm="syz.2.514" path="/dev/input/event0" dev="devtmpfs" ino=168 ioctlcmd=0x4580 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  156.830380][   T28] audit: type=1400 audit(1725229993.238:782): avc:  denied  { setopt } for  pid=2562 comm="syz.2.514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  156.833725][ T2560] loop4: detected capacity change from 0 to 512
[  156.857685][ T2560] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.864238][ T2560] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  156.893570][ T2560] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.513: corrupted in-inode xattr
[  156.905672][ T2560] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.513: couldn't read orphan inode 15 (err -117)
[  156.917701][ T2560] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  157.042238][ T2573] loop0: detected capacity change from 0 to 256
[  157.106145][ T2573] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  157.247632][ T2576] netlink: 'syz.3.518': attribute type 4 has an invalid length.
[  157.255191][ T2576] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.518'.
[  157.535681][  T297] EXT4-fs (loop4): unmounting filesystem.
[  157.634111][ T2589] loop0: detected capacity change from 0 to 512
[  157.640376][ T2589] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.647002][ T2589] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  157.658571][ T2589] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.523: corrupted in-inode xattr
[  157.671166][ T2589] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.523: couldn't read orphan inode 15 (err -117)
[  157.683532][ T2589] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  157.826437][  T386] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  158.017485][ T2598] loop2: detected capacity change from 0 to 512
[  158.036286][ T2598] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  158.045323][ T2598] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff)
[  158.110169][  T386] usb 2-1: Using ep0 maxpacket: 16
[  158.195945][ T2603] loop3: detected capacity change from 0 to 512
[  158.207891][ T2603] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  158.216876][ T2603] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038 (0x7fffffff)
[  158.266488][  T386] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  158.275520][ T2603] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 18: comm syz.3.526: lblock 23 mapped to illegal pblock 18 (length 1)
[  158.301302][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  158.341994][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  158.342730][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  158.368888][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  158.389454][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  158.410171][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  158.431343][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  158.451531][ T2603] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 18: comm syz.3.526: lblock 23 mapped to illegal pblock 18 (length 1)
[  158.465735][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 19: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  158.466613][  T386] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  158.486044][ T2603] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 20: comm syz.3.526: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  158.494516][  T386] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.522180][  T386] usb 2-1: Product: syz
[  158.526339][  T386] usb 2-1: Manufacturer: syz
[  158.530899][  T386] usb 2-1: SerialNumber: syz
[  158.546802][  T386] usb 2-1: config 0 descriptor??
[  158.587060][  T386] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  158.594613][  T386] usb 2-1: Detected FT232R
[  158.656433][   T60] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  158.696446][  T298] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  158.877333][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  159.027139][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  159.036485][  T386] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  159.036499][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.054039][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.063604][  T386] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  159.063905][  T298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.070478][   T60] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  159.083835][ T2616] netlink: 'syz.3.530': attribute type 4 has an invalid length.
[  159.089994][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.097357][  T386] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  159.105659][   T60] usb 1-1: config 0 descriptor??
[  159.112970][  T298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.113006][  T298] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  159.117772][ T2616] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.530'.
[  159.129509][  T386] usb 2-1: USB disconnect, device number 23
[  159.150901][  T298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.159291][  T298] usb 5-1: config 0 descriptor??
[  159.164975][  T386] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  159.174140][  T315] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  159.181925][  T386] ftdi_sio 2-1:0.0: device disconnected
[  159.560060][ T2621] loop1: detected capacity change from 0 to 1024
[  159.566482][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.567183][ T2621] JBD2: no valid journal superblock found
[  159.577226][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.582847][ T2621] EXT4-fs (loop1): error loading journal
[  159.592357][  T315] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  159.592380][  T315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.614991][  T315] usb 3-1: config 0 descriptor??
[  159.627111][   T60] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  159.633908][   T60] lg-g15 0003:046D:C222.0029: item fetching failed at offset 10/11
[  159.637264][  T298] sony 0003:054C:0268.002A: unknown main item tag 0x0
[  159.641881][   T60] lg-g15: probe of 0003:046D:C222.0029 failed with error -22
[  159.648416][  T298] sony 0003:054C:0268.002A: unknown main item tag 0x0
[  159.664037][  T298] sony 0003:054C:0268.002A: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0
[  159.676002][  T298] sony 0003:054C:0268.002A: failed to claim input
[  159.819244][ T2623] loop1: detected capacity change from 0 to 256
[  159.828538][ T2623] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  159.842064][ T2623] exFAT-fs (loop1): error, invalid access to FAT bad cluster (entry 0x00000005)
[  159.851158][ T2623] exFAT-fs (loop1): failed to initialize root inode
[  159.899907][  T298] usb 1-1: USB disconnect, device number 21
[  159.914309][  T386] usb 5-1: USB disconnect, device number 15
[  160.097030][  T315] sony 0003:054C:0268.002B: unknown main item tag 0x0
[  160.103652][  T315] sony 0003:054C:0268.002B: unknown main item tag 0x0
[  160.111117][  T315] sony 0003:054C:0268.002B: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0
[  160.122783][  T315] sony 0003:054C:0268.002B: failed to claim input
[  160.286455][  T318] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  160.300386][  T315] usb 3-1: USB disconnect, device number 22
[  160.413073][ T2630] loop1: detected capacity change from 0 to 1024
[  160.420265][ T2630] JBD2: no valid journal superblock found
[  160.426136][ T2630] EXT4-fs (loop1): error loading journal
[  160.443177][ T2635] loop4: detected capacity change from 0 to 512
[  160.449954][ T2635] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.456753][ T2635] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  160.469160][ T2635] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.537: corrupted in-inode xattr
[  160.481302][ T2635] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.537: couldn't read orphan inode 15 (err -117)
[  160.496181][ T2635] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  160.646497][  T318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.662227][  T318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.674336][  T318] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  160.683312][  T318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.683445][ T2630] loop1: detected capacity change from 0 to 256
[  160.696787][  T318] usb 4-1: config 0 descriptor??
[  160.708441][ T2630] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  160.720768][ T2630] exFAT-fs (loop1): error, invalid access to FAT bad cluster (entry 0x00000005)
[  160.729675][ T2630] exFAT-fs (loop1): failed to initialize root inode
[  161.115694][  T297] EXT4-fs (loop4): unmounting filesystem.
[  161.128406][ T2648] loop4: detected capacity change from 0 to 512
[  161.137996][ T2648] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  161.146988][ T2648] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038 (0x7fffffff)
[  161.177419][  T318] sony 0003:054C:0268.002C: unknown main item tag 0x0
[  161.184042][  T318] sony 0003:054C:0268.002C: unknown main item tag 0x0
[  161.192064][  T318] sony 0003:054C:0268.002C: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0
[  161.203869][  T318] sony 0003:054C:0268.002C: failed to claim input
[  161.336441][ T2657] netlink: 'syz.0.541': attribute type 4 has an invalid length.
[  161.344307][ T2657] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.541'.
[  161.528585][  T386] usb 4-1: USB disconnect, device number 15
[  162.451515][  T297] EXT4-fs (loop4): unmounting filesystem.
[  162.584839][ T2683] FAULT_INJECTION: forcing a failure.
[  162.584839][ T2683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.598281][ T2683] CPU: 1 PID: 2683 Comm: syz.0.547 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  162.607735][ T2683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  162.617717][ T2683] Call Trace:
[  162.620840][ T2683]  <TASK>
[  162.623617][ T2683]  dump_stack_lvl+0x151/0x1b7
[  162.628136][ T2683]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  162.633443][ T2683]  dump_stack+0x15/0x1c
[  162.637417][ T2683]  should_fail_ex+0x3d0/0x520
[  162.638301][ T2685] loop2: detected capacity change from 0 to 512
[  162.641928][ T2683]  should_fail+0xb/0x10
[  162.641953][ T2683]  should_fail_usercopy+0x1a/0x20
[  162.641973][ T2683]  _copy_to_user+0x1e/0x90
[  162.648115][   T28] audit: type=1400 audit(1725229999.068:783): avc:  denied  { getopt } for  pid=2681 comm="syz.2.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  162.651991][ T2683]  bpf_test_finish+0x2f3/0x950
[  162.652017][ T2683]  ? convert_skb_to___skb+0x4f0/0x4f0
[  162.657731][ T2686] fuse: Bad value for 'fd'
[  162.661106][ T2683]  ? __kasan_check_write+0x14/0x20
[  162.661129][ T2683]  ? _copy_from_user+0x90/0xc0
[  162.682997][ T2686] tmpfs: Bad value for 'nr_blocks'
[  162.684739][ T2683]  ? bpf_test_init+0x169/0x190
[  162.692679][ T2686] loop4: detected capacity change from 0 to 256
[  162.694175][ T2683]  bpf_prog_test_run_xdp+0x8ce/0x1130
[  162.699280][ T2686] exfat: Unknown parameter '184467440737095516150x0000000000000000'
[  162.703732][ T2683]  ? dev_put+0x80/0x80
[  162.717348][ T2676] loop3: detected capacity change from 0 to 40427
[  162.719781][ T2683]  ? __kasan_check_write+0x14/0x20
[  162.719803][ T2683]  ? fput+0x15b/0x1b0
[  162.725794][ T2676] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  162.732810][ T2683]  ? dev_put+0x80/0x80
[  162.732837][ T2683]  bpf_prog_test_run+0x3b0/0x630
[  162.732858][ T2683]  ? bpf_prog_query+0x260/0x260
[  162.732875][ T2683]  ? selinux_bpf+0xd2/0x100
[  162.777064][ T2683]  ? security_bpf+0x82/0xb0
[  162.781400][ T2683]  __sys_bpf+0x59f/0x7f0
[  162.785479][ T2683]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  162.790688][ T2683]  ? __ia32_sys_read+0x90/0x90
[  162.795290][ T2683]  ? debug_smp_processor_id+0x17/0x20
[  162.800494][ T2683]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  162.806402][ T2683]  __x64_sys_bpf+0x7c/0x90
[  162.810674][ T2683]  x64_sys_call+0x87f/0x9a0
[  162.814988][ T2683]  do_syscall_64+0x3b/0xb0
[  162.819249][ T2683]  ? clear_bhb_loop+0x55/0xb0
[  162.823763][ T2683]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  162.829498][ T2683] RIP: 0033:0x7ff9aff79eb9
[  162.833736][ T2683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.853177][ T2683] RSP: 002b:00007ff9b0cab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  162.861423][ T2683] RAX: ffffffffffffffda RBX: 00007ff9b0115f80 RCX: 00007ff9aff79eb9
[  162.869233][ T2683] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a
[  162.877048][ T2683] RBP: 00007ff9b0cab090 R08: 0000000000000000 R09: 0000000000000000
[  162.884855][ T2683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.892670][ T2683] R13: 0000000000000000 R14: 00007ff9b0115f80 R15: 00007ffd32d25088
[  162.900497][ T2683]  </TASK>
[  162.903834][ T2676] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  162.912943][ T2676] F2FS-fs (loop3): invalid crc value
[  162.919829][ T2676] F2FS-fs (loop3): Found nat_bits in checkpoint
[  162.924283][ T2685] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  162.936527][ T2685] ext4 filesystem being mounted at /63/bus supports timestamps until 2038 (0x7fffffff)
[  162.937717][ T2693] loop0: detected capacity change from 0 to 512
[  162.966713][ T2693] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.977176][ T2693] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  162.988907][ T2693] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.549: corrupted in-inode xattr
[  163.000982][ T2676] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  163.007915][ T2676] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  163.009553][ T2693] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.549: couldn't read orphan inode 15 (err -117)
[  163.030015][ T2693] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  163.440658][  T435] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  163.456759][  T435] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  163.801111][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  163.835405][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  165.537741][ T2723] loop2: detected capacity change from 0 to 512
[  165.547291][ T2723] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.553958][ T2723] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  165.565508][ T2723] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.556: corrupted in-inode xattr
[  165.577980][ T2723] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.556: couldn't read orphan inode 15 (err -117)
[  165.592069][ T2723] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  165.746751][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  166.037078][ T2736] loop1: detected capacity change from 0 to 16
[  166.047078][   T24] usb 5-1: Using ep0 maxpacket: 8
[  166.052667][ T2736] erofs: (device loop1): mounted with root inode @ nid 36.
[  166.216558][   T24] usb 5-1: config 0 has no interfaces?
[  166.232866][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  167.622154][ T2752] netlink: 'syz.1.561': attribute type 4 has an invalid length.
[  167.629748][ T2752] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.561'.
[  167.664915][   T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  167.670222][ T2757] loop0: detected capacity change from 0 to 16
[  167.675179][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.687730][   T24] usb 5-1: Product: syz
[  167.691716][   T24] usb 5-1: Manufacturer: syz
[  167.696746][ T2757] erofs: (device loop0): mounted with root inode @ nid 36.
[  167.722780][   T24] usb 5-1: SerialNumber: syz
[  167.838394][   T24] usb 5-1: config 0 descriptor??
[  167.864622][ T2754] loop1: detected capacity change from 0 to 40427
[  167.871315][ T2754] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  167.878858][ T2754] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  168.130638][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 205 @ nid 36
[  168.139690][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 197 @ nid 36
[  168.148589][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 192 @ nid 36
[  168.157593][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 180 @ nid 36
[  168.166663][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 172 @ nid 36
[  168.175564][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 168 @ nid 36
[  168.184644][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 160 @ nid 36
[  168.193721][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 149 @ nid 36
[  168.203087][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 144 @ nid 36
[  168.212183][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 140 @ nid 36
[  168.221387][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 92 @ nid 36
[  168.230370][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 77 @ nid 36
[  168.239319][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 69 @ nid 36
[  168.248353][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 64 @ nid 36
[  168.257253][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 60 @ nid 36
[  168.266363][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 40 @ nid 36
[  168.275299][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 36 @ nid 36
[  168.284380][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 32 @ nid 36
[  168.293291][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36
[  168.302678][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 19 @ nid 36
[  168.311538][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 18 @ nid 36
[  168.320378][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 17 @ nid 36
[  168.329272][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 16 @ nid 36
[  168.338213][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 12 @ nid 36
[  168.347053][ T2761] erofs: (device loop0): z_erofs_readahead: readahead error at page 8 @ nid 36
[  168.355862][ T2761] bio_check_eod: 49 callbacks suppressed
[  168.355874][ T2761] syz.0.564: attempt to access beyond end of device
[  168.355874][ T2761] loop0: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  168.374912][ T2761] syz.0.564: attempt to access beyond end of device
[  168.374912][ T2761] loop0: rw=524288, sector=1049272, nr_sectors = 16 limit=16
[  168.388787][ T2761] syz.0.564: attempt to access beyond end of device
[  168.388787][ T2761] loop0: rw=524288, sector=376, nr_sectors = 16 limit=16
[  168.402236][ T2761] syz.0.564: attempt to access beyond end of device
[  168.402236][ T2761] loop0: rw=524288, sector=384, nr_sectors = 16 limit=16
[  168.415815][ T2761] syz.0.564: attempt to access beyond end of device
[  168.415815][ T2761] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16
[  168.429152][ T2761] syz.0.564: attempt to access beyond end of device
[  168.429152][ T2761] loop0: rw=524288, sector=728, nr_sectors = 16 limit=16
[  168.442572][ T2761] syz.0.564: attempt to access beyond end of device
[  168.442572][ T2761] loop0: rw=524288, sector=525144, nr_sectors = 16 limit=16
[  168.456229][ T2761] syz.0.564: attempt to access beyond end of device
[  168.456229][ T2761] loop0: rw=524288, sector=525152, nr_sectors = 16 limit=16
[  168.469736][ T2761] syz.0.564: attempt to access beyond end of device
[  168.469736][ T2761] loop0: rw=524288, sector=13478624032, nr_sectors = 16 limit=16
[  168.483750][ T2761] syz.0.564: attempt to access beyond end of device
[  168.483750][ T2761] loop0: rw=524288, sector=13478624040, nr_sectors = 16 limit=16
[  168.598305][ T2754] F2FS-fs (loop1): invalid crc value
[  168.605321][   T24] usb 5-1: USB disconnect, device number 16
[  168.609785][ T2673] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  168.653094][ T2754] F2FS-fs (loop1): Found nat_bits in checkpoint
[  168.707363][ T2754] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  168.714361][ T2754] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  168.764533][ T2774] loop4: detected capacity change from 0 to 128
[  168.771312][ T2774] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  169.085445][ T2782] netlink: 172 bytes leftover after parsing attributes in process `syz.1.562'.
[  169.237440][   T28] audit: type=1400 audit(1725230005.608:784): avc:  denied  { getopt } for  pid=2784 comm="syz.4.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  169.330898][ T2787] loop1: detected capacity change from 0 to 512
[  169.337184][ T2787] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.343673][ T2787] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  169.354761][ T2787] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.570: corrupted in-inode xattr
[  169.366697][ T2787] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.570: couldn't read orphan inode 15 (err -117)
[  169.378478][ T2787] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  169.426506][ T2673] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.437346][ T2673] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.446882][ T2673] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  169.459493][ T2673] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[  169.466420][   T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  169.468340][ T2673] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.483967][ T2673] usb 4-1: config 0 descriptor??
[  169.509883][ T2791] loop2: detected capacity change from 0 to 512
[  169.516486][ T2791] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  169.527813][ T2791] EXT4-fs (loop2): 1 truncate cleaned up
[  169.533257][ T2791] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  169.543435][   T28] audit: type=1400 audit(1725230005.978:785): avc:  denied  { unlink } for  pid=2790 comm="syz.2.571" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  169.586790][ T2796] netlink: 'syz.0.573': attribute type 4 has an invalid length.
[  169.594348][ T2796] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.573'.
[  169.726424][   T24] usb 5-1: Using ep0 maxpacket: 8
[  169.906732][   T24] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  169.914982][   T24] usb 5-1: config 179 has no interface number 0
[  169.924717][   T24] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  169.935723][   T24] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  169.936567][ T2338] EXT4-fs (loop1): unmounting filesystem.
[  169.947077][   T24] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  169.963557][   T24] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  169.973334][   T24] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  169.986544][   T24] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  169.996713][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.096480][ T2785] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  170.117377][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input6
[  170.354593][ T2810] netlink: 24 bytes leftover after parsing attributes in process `syz.3.563'.
[  170.396761][   T28] audit: type=1400 audit(1725230006.798:786): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=1058 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  170.562969][ T2673] betop 0003:11C2:2208.002D: item fetching failed at offset 4/5
[  170.584845][ T2673] betop 0003:11C2:2208.002D: parse failed
[  170.590683][ T2673] betop: probe of 0003:11C2:2208.002D failed with error -22
[  170.595276][   T28] audit: type=1400 audit(1725230006.808:787): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1058 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  170.622002][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  170.927462][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  170.958704][  T386] usb 5-1: USB disconnect, device number 17
[  170.976477][  T386] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  171.206414][   T24] usb 3-1: Using ep0 maxpacket: 8
[  171.356533][   T24] usb 3-1: config 0 has no interfaces?
[  171.537163][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  171.546065][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.553974][   T24] usb 3-1: Product: syz
[  171.558018][   T24] usb 3-1: Manufacturer: syz
[  171.562398][   T24] usb 3-1: SerialNumber: syz
[  171.567902][   T24] usb 3-1: config 0 descriptor??
[  171.628136][  T644] usb 4-1: USB disconnect, device number 16
[  171.642408][ T2829] loop3: detected capacity change from 0 to 512
[  171.765061][ T2829] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  171.774068][ T2829] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038 (0x7fffffff)
[  172.334902][ T2831] loop0: detected capacity change from 0 to 40427
[  172.341532][ T2831] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  172.349051][ T2831] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  172.357745][ T2831] F2FS-fs (loop0): invalid crc value
[  172.364489][ T2831] F2FS-fs (loop0): Found nat_bits in checkpoint
[  172.390417][ T2831] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  172.397412][ T2831] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  172.762524][ T2851] netlink: 172 bytes leftover after parsing attributes in process `syz.0.580'.
[  172.915286][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  172.934105][ T2854] loop4: detected capacity change from 0 to 512
[  172.940815][ T2854] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.967178][ T2854] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  172.992313][ T2854] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.585: corrupted in-inode xattr
[  173.007554][ T2854] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.585: couldn't read orphan inode 15 (err -117)
[  173.019679][ T2854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  173.031452][ T2860] netlink: 'syz.0.584': attribute type 4 has an invalid length.
[  173.038982][ T2860] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.584'.
[  173.737115][ T1042] usb 3-1: USB disconnect, device number 23
[  174.077420][  T297] EXT4-fs (loop4): unmounting filesystem.
[  174.216444][  T386] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  174.293070][ T2879] loop0: detected capacity change from 0 to 40427
[  174.299974][ T2879] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  174.307656][ T2879] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  174.316460][ T2879] F2FS-fs (loop0): invalid crc value
[  174.322918][ T2879] F2FS-fs (loop0): Found nat_bits in checkpoint
[  174.360480][ T2879] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  174.367410][ T2879] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  174.431703][   T28] audit: type=1326 audit(1725230010.868:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.454948][   T28] audit: type=1326 audit(1725230010.868:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.478091][   T28] audit: type=1326 audit(1725230010.868:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.496432][  T386] usb 4-1: device descriptor read/64, error -71
[  174.507333][   T28] audit: type=1400 audit(1725230010.868:791): avc:  denied  { ioctl } for  pid=2878 comm="syz.0.590" path="/90/bus/cgroup.controllers" dev="loop0" ino=10 ioctlcmd=0x5404 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  174.532311][   T28] audit: type=1326 audit(1725230010.868:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.546994][    T8] bio_check_eod: 51 callbacks suppressed
[  174.547012][    T8] kworker/u4:0: attempt to access beyond end of device
[  174.547012][    T8] loop0: rw=1, sector=45096, nr_sectors = 128 limit=40427
[  174.555642][   T28] audit: type=1326 audit(1725230010.868:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.630739][   T28] audit: type=1326 audit(1725230010.868:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.654230][   T28] audit: type=1326 audit(1725230010.868:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  174.677336][   T28] audit: type=1326 audit(1725230010.868:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2878 comm="syz.0.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aff79eb9 code=0x7ffc0000
[  175.145990][  T386] usb 4-1: device descriptor read/64, error -71
[  176.860279][ T2922] loop3: detected capacity change from 0 to 512
[  176.941093][ T2924] loop1: detected capacity change from 0 to 512
[  176.948658][ T2924] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.956151][ T2924] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  176.981364][ T1042] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  177.003945][ T2922] EXT4-fs (loop3): 1 truncate cleaned up
[  177.011096][ T2922] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  177.019922][ T2924] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.600: corrupted in-inode xattr
[  177.031846][ T2924] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.600: couldn't read orphan inode 15 (err -117)
[  177.043653][ T2924] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  177.044239][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  177.066472][   T60] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  177.326476][   T60] usb 3-1: Using ep0 maxpacket: 8
[  177.356530][ T1042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.367386][ T1042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.376944][ T1042] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  177.385784][ T1042] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.394029][ T1042] usb 1-1: config 0 descriptor??
[  177.446788][   T60] usb 3-1: config 0 has no interfaces?
[  177.570807][ T2338] EXT4-fs (loop1): unmounting filesystem.
[  177.656913][   T60] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  177.726410][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.734322][   T60] usb 3-1: Product: syz
[  177.738417][   T60] usb 3-1: Manufacturer: syz
[  177.742729][   T60] usb 3-1: SerialNumber: syz
[  177.745796][   T28] audit: type=1326 audit(1725230014.178:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2944 comm="syz.4.604" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcae3579eb9 code=0x0
[  177.747716][   T60] usb 3-1: config 0 descriptor??
[  177.877004][ T1042] sony 0003:054C:0268.002E: unknown main item tag 0x0
[  177.883668][ T1042] sony 0003:054C:0268.002E: unknown main item tag 0x0
[  177.890967][ T1042] sony 0003:054C:0268.002E: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[  177.902655][ T1042] sony 0003:054C:0268.002E: failed to claim input
[  177.916426][   T24] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  178.080443][ T1042] usb 1-1: USB disconnect, device number 22
[  178.346484][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.357462][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.366957][   T24] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  178.375818][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.384229][   T24] usb 2-1: config 0 descriptor??
[  178.628120][ T2957] FAULT_INJECTION: forcing a failure.
[  178.628120][ T2957] name failslab, interval 1, probability 0, space 0, times 0
[  178.640643][ T2957] CPU: 1 PID: 2957 Comm: syz.4.607 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  178.650102][ T2957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  178.660088][ T2957] Call Trace:
[  178.663207][ T2957]  <TASK>
[  178.665983][ T2957]  dump_stack_lvl+0x151/0x1b7
[  178.670499][ T2957]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  178.675811][ T2957]  ? release_sock+0x163/0x1b0
[  178.680420][ T2957]  dump_stack+0x15/0x1c
[  178.684418][ T2957]  should_fail_ex+0x3d0/0x520
[  178.688924][ T2957]  ? __alloc_skb+0xcc/0x2d0
[  178.693258][ T2957]  __should_failslab+0xaf/0xf0
[  178.697859][ T2957]  should_failslab+0x9/0x20
[  178.702200][ T2957]  kmem_cache_alloc_node+0x3e/0x2d0
[  178.707244][ T2957]  __alloc_skb+0xcc/0x2d0
[  178.711399][ T2957]  netlink_sendmsg+0x7a6/0xd30
[  178.716001][ T2957]  ? netlink_getsockopt+0x540/0x540
[  178.721035][ T2957]  ? security_socket_sendmsg+0x82/0xb0
[  178.726764][ T2957]  ? netlink_getsockopt+0x540/0x540
[  178.731795][ T2957]  ____sys_sendmsg+0x5d3/0x9a0
[  178.736399][ T2957]  ? __sys_sendmsg_sock+0x40/0x40
[  178.741257][ T2957]  __sys_sendmsg+0x2a9/0x390
[  178.745681][ T2957]  ? ____sys_sendmsg+0x9a0/0x9a0
[  178.750541][ T2957]  ? __kasan_check_write+0x14/0x20
[  178.755488][ T2957]  ? mutex_unlock+0xb2/0x260
[  178.759921][ T2957]  ? __kasan_check_write+0x14/0x20
[  178.764863][ T2957]  ? __ia32_sys_read+0x90/0x90
[  178.769463][ T2957]  ? debug_smp_processor_id+0x17/0x20
[  178.774668][ T2957]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  178.780571][ T2957]  __x64_sys_sendmsg+0x7f/0x90
[  178.785176][ T2957]  x64_sys_call+0x16a/0x9a0
[  178.789512][ T2957]  do_syscall_64+0x3b/0xb0
[  178.793763][ T2957]  ? clear_bhb_loop+0x55/0xb0
[  178.798279][ T2957]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  178.804005][ T2957] RIP: 0033:0x7fcae3579eb9
[  178.808258][ T2957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.827710][ T2957] RSP: 002b:00007fcae43db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.835951][ T2957] RAX: ffffffffffffffda RBX: 00007fcae3715f80 RCX: 00007fcae3579eb9
[  178.843756][ T2957] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003
[  178.851576][ T2957] RBP: 00007fcae43db090 R08: 0000000000000000 R09: 0000000000000000
[  178.859377][ T2957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.867198][ T2957] R13: 0000000000000000 R14: 00007fcae3715f80 R15: 00007ffe71da50c8
[  178.875005][ T2957]  </TASK>
[  178.922504][ T2961] xt_TCPMSS: Only works on TCP SYN packets
[  179.127677][   T24] lg-g15 0003:046D:C222.002F: unknown main item tag 0x0
[  179.134636][   T24] lg-g15 0003:046D:C222.002F: item fetching failed at offset 10/11
[  179.143301][   T24] lg-g15: probe of 0003:046D:C222.002F failed with error -22
[  179.206437][  T386] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  179.327678][   T24] usb 2-1: USB disconnect, device number 24
[  179.500901][   T28] audit: type=1400 audit(1725230015.938:798): avc:  denied  { sys_module } for  pid=2967 comm="syz.0.610" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  179.529496][ T2968] loop0: detected capacity change from 0 to 2048
[  179.535834][   T28] audit: type=1400 audit(1725230015.968:799): avc:  denied  { mounton } for  pid=2967 comm="syz.0.610" path="/95/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  179.536688][ T2968] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  179.636485][  T386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.647240][  T386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.656818][  T386] usb 5-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  179.665703][  T386] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.674302][  T386] usb 5-1: config 0 descriptor??
[  179.774926][ T2973] loop0: detected capacity change from 0 to 1024
[  179.781942][ T2973] JBD2: no valid journal superblock found
[  179.787965][ T2973] EXT4-fs (loop0): error loading journal
[  179.809303][   T60] usb 3-1: USB disconnect, device number 24
[  179.933838][ T2963] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  180.593579][ T2963] device pim6reg1 entered promiscuous mode
[  181.424024][ T2997] loop2: detected capacity change from 0 to 512
[  181.555390][ T2997] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.616: iget: bad extended attribute block 1
[  181.568891][ T2997] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.616: couldn't read orphan inode 15 (err -117)
[  181.638604][ T2997] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  182.446489][   T60] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  182.636246][  T386] usbhid 5-1:0.0: can't add hid device: -71
[  182.642367][  T386] usbhid: probe of 5-1:0.0 failed with error -71
[  182.648996][  T386] usb 5-1: USB disconnect, device number 18
[  182.706464][  T318] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  182.866465][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.877214][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.886713][   T60] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  182.895575][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.903795][   T60] usb 1-1: config 0 descriptor??
[  183.006462][  T386] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  183.116501][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.127467][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.137104][  T318] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  183.156022][  T318] usb 2-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[  183.164934][  T318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.173413][  T318] usb 2-1: config 0 descriptor??
[  183.256438][  T386] usb 5-1: Using ep0 maxpacket: 16
[  183.469590][   T60] sony 0003:054C:0268.0030: unknown main item tag 0x0
[  183.476216][   T60] sony 0003:054C:0268.0030: unknown main item tag 0x0
[  183.483615][   T60] sony 0003:054C:0268.0030: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[  183.495278][   T60] sony 0003:054C:0268.0030: failed to claim input
[  183.691936][   T60] usb 1-1: USB disconnect, device number 23
[  183.746631][  T386] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  183.755562][  T386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.827894][ T3018] netlink: 24 bytes leftover after parsing attributes in process `syz.1.615'.
[  183.989653][  T318] betop 0003:11C2:2208.0031: item fetching failed at offset 4/5
[  183.997302][  T386] usb 5-1: Product: syz
[  184.002064][  T318] betop 0003:11C2:2208.0031: parse failed
[  184.002074][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  184.013530][  T386] usb 5-1: Manufacturer: syz
[  184.017980][  T318] betop: probe of 0003:11C2:2208.0031 failed with error -22
[  184.025634][  T386] usb 5-1: SerialNumber: syz
[  184.031154][  T386] r8152-cfgselector 5-1: config 0 descriptor??
[  184.039203][   T28] audit: type=1400 audit(1725230020.478:800): avc:  denied  { ioctl } for  pid=3019 comm="syz.2.621" path="socket:[30036]" dev="sockfs" ino=30036 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  184.356486][ T1042] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  184.397510][  T386] r8152-cfgselector 5-1: Unknown version 0x0000
[  184.438175][ T3028] loop0: detected capacity change from 0 to 128
[  184.616491][ T1042] usb 3-1: Using ep0 maxpacket: 8
[  184.666890][ T3006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.675847][ T3006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.720065][  T386] r8152-cfgselector 5-1: Unknown version 0x0000
[  184.736395][  T386] r8152-cfgselector 5-1: USB disconnect, device number 19
[  184.736475][ T1042] usb 3-1: config 0 has no interfaces?
[  184.906500][ T1042] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  184.915401][ T1042] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.923238][ T1042] usb 3-1: Product: syz
[  184.927171][ T1042] usb 3-1: Manufacturer: syz
[  184.931583][ T1042] usb 3-1: SerialNumber: syz
[  184.936507][ T1042] usb 3-1: config 0 descriptor??
[  185.212541][ T1042] usb 2-1: USB disconnect, device number 25
[  185.364575][ T3041] loop1: detected capacity change from 0 to 256
[  185.580634][   T28] audit: type=1400 audit(1725230022.018:801): avc:  denied  { mounton } for  pid=3040 comm="syz.1.627" path="/28/bus/bus" dev="loop1" ino=1048649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  185.612265][ T3052] loop4: detected capacity change from 0 to 256
[  185.623635][ T3052] FAT-fs (loop4): Directory bread(block 64) failed
[  185.630040][ T3052] FAT-fs (loop4): Directory bread(block 65) failed
[  185.636344][ T3052] FAT-fs (loop4): Directory bread(block 66) failed
[  185.642679][ T3052] FAT-fs (loop4): Directory bread(block 67) failed
[  185.649533][ T3052] FAT-fs (loop4): Directory bread(block 68) failed
[  185.655890][ T3052] FAT-fs (loop4): Directory bread(block 69) failed
[  185.662313][ T3052] FAT-fs (loop4): Directory bread(block 70) failed
[  185.668696][ T3052] FAT-fs (loop4): Directory bread(block 71) failed
[  185.675014][ T3052] FAT-fs (loop4): Directory bread(block 72) failed
[  185.681405][ T3052] FAT-fs (loop4): Directory bread(block 73) failed
[  185.713255][   T28] audit: type=1400 audit(1725230022.148:802): avc:  denied  { unmount } for  pid=2338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  185.740338][ T3058] netlink: 16 bytes leftover after parsing attributes in process `syz.1.631'.
[  185.750256][ T3057] netlink: 16 bytes leftover after parsing attributes in process `syz.1.631'.
[  185.767801][   T28] audit: type=1400 audit(1725230022.208:803): avc:  denied  { ioctl } for  pid=3061 comm="syz.1.632" path="/dev/usbmon7" dev="devtmpfs" ino=160 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  185.844032][ T3065] 9pnet: Could not find request transport: œe¼À³í”µ=0x000000000000000901777777777777777777777
[  185.887925][   T28] audit: type=1400 audit(2000000000.000:804): avc:  denied  { connect } for  pid=3051 comm="syz.4.630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  185.914163][   T28] audit: type=1326 audit(2000000000.000:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  185.947141][   T28] audit: type=1326 audit(2000000000.000:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  185.970345][   T28] audit: type=1326 audit(2000000000.000:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  185.993517][   T28] audit: type=1326 audit(2000000000.000:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  186.016915][   T28] audit: type=1326 audit(2000000000.000:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  186.040184][   T28] audit: type=1326 audit(2000000000.000:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3051 comm="syz.4.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7fcae3579eb9 code=0x7ffc0000
[  187.061396][ T3081] loop3: detected capacity change from 0 to 512
[  187.068927][ T3081] EXT4-fs: Ignoring removed mblk_io_submit option
[  187.075595][ T3081] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  187.115566][  T386] usb 3-1: USB disconnect, device number 25
[  187.138438][ T3089] loop2: detected capacity change from 0 to 2048
[  187.161287][ T3081] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.636: corrupted in-inode xattr
[  187.174760][ T3081] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.636: couldn't read orphan inode 15 (err -117)
[  187.187769][ T3089] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  187.200245][ T3081] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  187.266493][ T3089] loop2: detected capacity change from 2048 to 2047
[  187.273228][ T3094] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.638: bg 0: block 14130: padding at end of block bitmap is not set
[  187.871697][ T1195] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /78/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  187.894464][   T10] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #18: comm kworker/u4:1: corrupted in-inode xattr
[  187.906765][   T10] EXT4-fs error (device loop2): ext4_map_blocks:721: inode #18: block 62218: comm kworker/u4:1: lblock 0 mapped to illegal pblock 62218 (length 1)
[  187.921963][   T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 117
[  187.934056][   T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[  187.934056][   T10] 
[  187.943783][    T8] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #18: comm kworker/u4:0: corrupted in-inode xattr
[  187.956206][ T1195] EXT4-fs (loop2): Inode 18 (ffff88813473e138): i_reserved_data_blocks (1) not cleared!
[  187.966240][ T1195] EXT4-fs (loop2): unmounting filesystem.
[  188.104338][ T3108] loop4: detected capacity change from 0 to 2048
[  188.149743][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  188.224499][ T3111] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.231528][ T3111] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.239325][ T3111] device bridge_slave_0 entered promiscuous mode
[  188.249012][ T3111] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.255972][ T3111] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.263123][ T3111] device bridge_slave_1 entered promiscuous mode
[  188.301970][ T3111] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.308827][ T3111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.315891][ T3111] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.322710][ T3111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.447934][ T1042] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  188.776897][  T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  188.784771][  T318] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.792091][  T318] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.810514][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.818806][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.825664][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.827290][ T1042] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  188.844287][ T1042] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.855524][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.863980][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.870853][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.885787][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  188.893982][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.901926][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  189.080811][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  189.088948][ T1042] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  189.105949][ T1042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.115604][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  189.123578][ T1042] usb 2-1: Product: syz
[  189.128632][    T8] device bridge_slave_1 left promiscuous mode
[  189.134582][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.141592][ T1042] usb 2-1: Manufacturer: syz
[  189.146127][ T1042] usb 2-1: SerialNumber: syz
[  189.146289][    T8] device bridge_slave_0 left promiscuous mode
[  189.156734][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.164695][    T8] device veth1_macvtap left promiscuous mode
[  189.170540][    T8] device veth0_vlan left promiscuous mode
[  189.217407][ T1042] usb 2-1: selecting invalid altsetting 1
[  189.260426][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  189.267931][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  189.275700][ T3111] device veth0_vlan entered promiscuous mode
[  189.286064][ T3111] device veth1_macvtap entered promiscuous mode
[  189.292694][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  189.300626][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  189.308762][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  189.426539][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  189.488908][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  189.496991][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  189.505819][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  189.513826][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  189.553123][ T3137] netlink: 'syz.2.644': attribute type 4 has an invalid length.
[  189.560788][ T3137] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.644'.
[  189.676433][   T24] usb 5-1: Using ep0 maxpacket: 8
[  189.681439][ T3142] loop0: detected capacity change from 0 to 512
[  189.697877][ T3142] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  189.706789][ T3142] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038 (0x7fffffff)
[  189.796495][   T24] usb 5-1: config 0 has no interfaces?
[  189.875315][ T1894] kernel write not supported for file bpf-prog (pid: 1894 comm: kworker/1:9)
[  189.892351][ T3147] loop2: detected capacity change from 0 to 512
[  189.896476][ T1042] cdc_ncm 2-1:1.1: SET_NTB_FORMAT failed
[  189.906357][ T3147] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.650: iget: bad extended attribute block 1
[  189.918984][ T3147] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.650: couldn't read orphan inode 15 (err -117)
[  189.924761][ T1042] usb 2-1: selecting invalid altsetting 1
[  189.930797][ T3147] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  189.941614][ T1042] cdc_ncm 2-1:1.1: bind() failure
[  189.960213][ T1042] usb 2-1: USB disconnect, device number 26
[  189.966622][   T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  189.978316][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.987575][   T24] usb 5-1: Product: syz
[  190.011161][   T24] usb 5-1: Manufacturer: syz
[  190.015731][   T24] usb 5-1: SerialNumber: syz
[  190.038680][   T24] usb 5-1: config 0 descriptor??
[  190.138473][ T3150] loop3: detected capacity change from 0 to 2048
[  190.152392][ T3150] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  190.216440][ T3150] loop3: detected capacity change from 2048 to 2047
[  190.225550][ T3150] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.652: bg 0: block 14130: padding at end of block bitmap is not set
[  190.338019][ T2106] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /51/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  190.366054][    T8] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #18: comm kworker/u4:0: corrupted in-inode xattr
[  190.378661][    T8] EXT4-fs error (device loop3): ext4_map_blocks:721: inode #18: block 62218: comm kworker/u4:0: lblock 0 mapped to illegal pblock 62218 (length 1)
[  190.411827][    T8] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 117
[  190.613347][    T8] EXT4-fs (loop3): This should not happen!! Data will be lost
[  190.613347][    T8] 
[  190.669512][    T8] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #18: comm kworker/u4:0: corrupted in-inode xattr
[  190.685908][ T2106] EXT4-fs (loop3): Inode 18 (ffff8881372d05b8): i_reserved_data_blocks (1) not cleared!
[  190.696736][ T2106] EXT4-fs (loop3): unmounting filesystem.
[  190.713308][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  190.994373][ T3156] loop1: detected capacity change from 0 to 40427
[  191.008227][ T3156] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  191.025941][ T3156] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  191.058468][ T3161] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.065325][ T3161] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.073239][ T3156] F2FS-fs (loop1): invalid crc value
[  191.093156][ T3161] device bridge_slave_0 entered promiscuous mode
[  191.100086][ T3156] F2FS-fs (loop1): Found nat_bits in checkpoint
[  191.129643][ T3161] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.142926][ T3158] loop0: detected capacity change from 0 to 40427
[  191.149628][ T3161] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.156573][ T3158] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  191.163972][ T3158] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  191.172440][ T3161] device bridge_slave_1 entered promiscuous mode
[  191.179380][ T3111] EXT4-fs (loop2): unmounting filesystem.
[  191.185938][ T3158] F2FS-fs (loop0): invalid crc value
[  191.191468][ T3156] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  191.193587][ T3158] F2FS-fs (loop0): Found nat_bits in checkpoint
[  191.198417][ T3156] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  191.285047][ T3158] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  191.292194][ T3158] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  191.362305][ T3161] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.369189][ T3161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.376301][ T3161] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.383077][ T3161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.937754][ T3178] netlink: 172 bytes leftover after parsing attributes in process `syz.1.654'.
[  192.296446][ T3180] netlink: 172 bytes leftover after parsing attributes in process `syz.0.655'.
[  192.536802][ T1127] syz-executor: attempt to access beyond end of device
[  192.536802][ T1127] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  192.543718][  T644] usb 5-1: USB disconnect, device number 20
[  192.557363][ T2338] syz-executor: attempt to access beyond end of device
[  192.557363][ T2338] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  192.573069][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.589650][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.626877][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  192.634464][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  192.645410][ T1042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  192.656828][ T1042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  192.673846][ T3183] syz.4.661[3183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.673913][ T3183] syz.4.661[3183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.720388][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.736209][ T3191] loop0: detected capacity change from 0 to 512
[  192.738279][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.751723][    T8] device bridge_slave_1 left promiscuous mode
[  192.758291][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.765725][    T8] device bridge_slave_0 left promiscuous mode
[  192.771780][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.779633][    T8] device veth1_macvtap left promiscuous mode
[  192.785456][    T8] device veth0_vlan left promiscuous mode
[  192.869281][ T3195] loop4: detected capacity change from 0 to 1024
[  192.876087][ T3195] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  192.887553][ T3195] EXT4-fs (loop4): invalid journal inode
[  192.893285][ T3195] EXT4-fs (loop4): can't get journal size
[  192.899323][ T3195] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #2: comm syz.4.663: blocks 48-48 from inode overlap system zone
[  192.916660][ T3197] incfs: Options parsing error. -22
[  192.916907][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  192.926953][ T3197] incfs: mount failed -22
[  192.930034][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  192.936566][ T3195] EXT4-fs (loop4): failed to initialize system zone (-117)
[  192.942033][ T1894] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.955545][ T1894] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.956451][ T3195] EXT4-fs (loop4): mount failed
[  192.976499][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  192.985181][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  192.993420][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  193.001758][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  193.009410][   T24] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  193.021820][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  193.030033][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  193.042412][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  193.050295][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.060360][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.099428][ T1894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.108957][ T3161] device veth0_vlan entered promiscuous mode
[  193.119276][  T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  193.127210][  T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  193.136182][ T3161] device veth1_macvtap entered promiscuous mode
[  193.147143][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  193.154638][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  193.163343][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  193.374785][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  193.383190][  T386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  193.395500][ T3205] loop0: detected capacity change from 0 to 512
[  193.411129][ T3205] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  193.420322][ T3205] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038 (0x7fffffff)
[  193.426545][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.450083][ T3210] loop3: detected capacity change from 0 to 512
[  193.453273][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.456627][ T3210] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.472794][ T3210] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  193.476704][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  193.483970][ T3210] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.657: corrupted in-inode xattr
[  193.503254][ T3210] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.657: couldn't read orphan inode 15 (err -117)
[  193.505617][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.515157][ T3210] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  193.542698][   T24] usb 3-1: config 0 descriptor??
[  194.037317][   T24] sony 0003:054C:0268.0032: unknown main item tag 0x0
[  194.043960][   T24] sony 0003:054C:0268.0032: unknown main item tag 0x0
[  194.057041][   T24] sony 0003:054C:0268.0032: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0
[  194.068762][   T24] sony 0003:054C:0268.0032: failed to claim input
[  194.236435][  T644] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  194.256408][  T318] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  194.264116][   T24] usb 3-1: USB disconnect, device number 26
[  194.271643][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  194.294824][ T3222] FAULT_INJECTION: forcing a failure.
[  194.294824][ T3222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.308058][ T3222] CPU: 0 PID: 3222 Comm: syz.0.668 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  194.317509][ T3222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  194.327402][ T3222] Call Trace:
[  194.330526][ T3222]  <TASK>
[  194.333305][ T3222]  dump_stack_lvl+0x151/0x1b7
[  194.337822][ T3222]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  194.343112][ T3222]  ? restore_sigcontext+0x633/0x700
[  194.348147][ T3222]  dump_stack+0x15/0x1c
[  194.352147][ T3222]  should_fail_ex+0x3d0/0x520
[  194.356654][ T3222]  should_fail+0xb/0x10
[  194.360644][ T3222]  should_fail_usercopy+0x1a/0x20
[  194.365507][ T3222]  _copy_from_user+0x1e/0xc0
[  194.369930][ T3222]  restore_altstack+0x95/0x150
[  194.374535][ T3222]  ? __ia32_sys_sigaltstack+0x260/0x260
[  194.379929][ T3222]  __do_sys_rt_sigreturn+0x160/0x1e0
[  194.385033][ T3222]  ? x32_copy_siginfo_to_user+0x270/0x270
[  194.390593][ T3222]  ? debug_smp_processor_id+0x17/0x20
[  194.395805][ T3222]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  194.401705][ T3222]  ? exit_to_user_mode_prepare+0x39/0xa0
[  194.407168][ T3222]  x64_sys_call+0x91/0x9a0
[  194.411420][ T3222]  do_syscall_64+0x3b/0xb0
[  194.415669][ T3222]  ? clear_bhb_loop+0x55/0xb0
[  194.420182][ T3222]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  194.425911][ T3222] RIP: 0033:0x7ff9aff79eb7
[  194.430162][ T3222] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  194.449608][ T3222] RSP: 002b:00007ff9b0cab038 EFLAGS: 00000246
[  194.455504][ T3222] RAX: 0000000000000013 RBX: 00007ff9b0115f80 RCX: 00007ff9aff79eb9
[  194.463314][ T3222] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000004
[  194.471128][ T3222] RBP: 00007ff9b0cab090 R08: 0000000000000000 R09: 0000000000000000
[  194.478942][ T3222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.486751][ T3222] R13: 0000000000000000 R14: 00007ff9b0115f80 R15: 00007ffd32d25088
[  194.494571][ T3222]  </TASK>
[  194.503755][ T3161] EXT4-fs (loop3): unmounting filesystem.
[  194.522324][ T3225] loop3: detected capacity change from 0 to 1024
[  194.528896][ T3225] EXT4-fs: Ignoring removed bh option
[  194.537704][ T3225] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  194.553249][ T3161] EXT4-fs (loop3): unmounting filesystem.
[  194.606464][  T644] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.617407][  T644] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.627063][  T644] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  194.639907][  T644] usb 5-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[  194.648932][  T644] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.657925][  T644] usb 5-1: config 0 descriptor??
[  194.691172][ T3229] loop3: detected capacity change from 0 to 40427
[  194.697896][ T3229] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  194.705369][ T3229] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  194.714257][ T3229] F2FS-fs (loop3): invalid crc value
[  194.720879][ T3229] F2FS-fs (loop3): Found nat_bits in checkpoint
[  194.744704][ T3229] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  194.751701][ T3229] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  194.766493][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.777374][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.786967][  T318] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  194.795868][  T318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.804406][  T318] usb 2-1: config 0 descriptor??
[  194.921436][ T3238] netlink: 172 bytes leftover after parsing attributes in process `syz.3.670'.
[  195.043962][ T3240] loop0: detected capacity change from 0 to 512
[  195.050385][ T3240] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.057103][ T3240] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  195.068283][ T3240] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.672: corrupted in-inode xattr
[  195.080359][ T3240] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.672: couldn't read orphan inode 15 (err -117)
[  195.092149][ T3240] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  195.176447][  T316] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  195.282667][ T3244] netlink: 24 bytes leftover after parsing attributes in process `syz.4.666'.
[  195.300437][  T644] betop 0003:11C2:2208.0033: item fetching failed at offset 4/5
[  195.313817][  T644] betop 0003:11C2:2208.0033: parse failed
[  195.319682][  T644] betop: probe of 0003:11C2:2208.0033 failed with error -22
[  195.384483][  T318] lg-g15 0003:046D:C222.0034: unknown main item tag 0x0
[  195.391363][  T318] lg-g15 0003:046D:C222.0034: item fetching failed at offset 10/11
[  195.399301][  T318] lg-g15: probe of 0003:046D:C222.0034 failed with error -22
[  195.426401][ T3161] syz-executor: attempt to access beyond end of device
[  195.426401][ T3161] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  195.579372][ T1894] usb 2-1: USB disconnect, device number 27
[  195.766042][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  195.773258][  T316] usb 3-1: Using ep0 maxpacket: 8
[  195.788332][ T3253] loop0: detected capacity change from 0 to 512
[  195.794619][ T3253] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.801145][ T3253] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  195.812254][ T3253] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.674: corrupted in-inode xattr
[  195.824276][ T3253] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.674: couldn't read orphan inode 15 (err -117)
[  195.836132][ T3253] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  195.906513][  T316] usb 3-1: config 0 has no interfaces?
[  196.076477][  T316] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  196.085772][  T316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.094139][  T316] usb 3-1: Product: syz
[  196.098258][  T316] usb 3-1: Manufacturer: syz
[  196.102993][  T316] usb 3-1: SerialNumber: syz
[  196.108523][  T316] usb 3-1: config 0 descriptor??
[  196.407345][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  196.726441][ T1894] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  196.846482][  T316] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  196.955352][ T3269] netlink: 'syz.1.680': attribute type 4 has an invalid length.
[  196.962932][ T3269] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.680'.
[  196.983384][ T3271] FAULT_INJECTION: forcing a failure.
[  196.983384][ T3271] name failslab, interval 1, probability 0, space 0, times 0
[  196.996010][ T3271] CPU: 0 PID: 3271 Comm: syz.1.681 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  196.999159][  T644] usb 5-1: USB disconnect, device number 21
[  197.005448][ T3271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  197.021080][ T3271] Call Trace:
[  197.024201][ T3271]  <TASK>
[  197.027063][ T3271]  dump_stack_lvl+0x151/0x1b7
[  197.031577][ T3271]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  197.033479][ T3273] device syzkaller0 entered promiscuous mode
[  197.036871][ T3271]  ? kfree+0x7a/0xf0
[  197.036893][ T3271]  dump_stack+0x15/0x1c
[  197.036907][ T3271]  should_fail_ex+0x3d0/0x520
[  197.036927][ T3271]  ? p9_fd_create+0x177/0x520
[  197.036945][ T3271]  __should_failslab+0xaf/0xf0
[  197.036962][ T3271]  should_failslab+0x9/0x20
[  197.036979][ T3271]  __kmem_cache_alloc_node+0x3d/0x250
[  197.036996][ T3271]  ? p9_fd_create+0x177/0x520
[  197.078097][ T3271]  kmalloc_trace+0x2a/0xa0
[  197.082361][ T3271]  p9_fd_create+0x177/0x520
[  197.086685][ T3271]  ? p9_fd_create_unix+0x480/0x480
[  197.091641][ T3271]  ? p9_client_create+0x770/0x11c0
[  197.096580][ T3271]  ? p9_client_create+0x770/0x11c0
[  197.101527][ T3271]  p9_client_create+0x867/0x11c0
[  197.106306][ T3271]  ? do_trace_9p_fid_put+0x110/0x110
[  197.111433][ T3271]  ? kstrdup+0x54/0x70
[  197.115333][ T3271]  v9fs_session_init+0x1f2/0x1950
[  197.120201][ T3271]  ? v9fs_show_options+0x570/0x570
[  197.125139][ T3271]  ? kasan_save_alloc_info+0x1f/0x30
[  197.130261][ T3271]  ? __kasan_kmalloc+0x9c/0xb0
[  197.134858][ T3271]  ? kmalloc_trace+0x44/0xa0
[  197.139281][ T3271]  v9fs_mount+0xca/0xb60
[  197.143365][ T3271]  ? incfs_get_verity_signature+0x420/0x420
[  197.149089][ T3271]  ? cap_capable+0x1d2/0x270
[  197.153517][ T3271]  legacy_get_tree+0xf1/0x190
[  197.158030][ T3271]  ? incfs_get_verity_signature+0x420/0x420
[  197.163761][ T3271]  vfs_get_tree+0x88/0x290
[  197.168011][ T3271]  do_new_mount+0x2ba/0xb30
[  197.172355][ T3271]  ? do_move_mount_old+0x160/0x160
[  197.177298][ T3271]  ? security_capable+0x87/0xb0
[  197.181986][ T3271]  ? ns_capable+0x89/0xe0
[  197.186150][ T3271]  path_mount+0x671/0x1070
[  197.190403][ T3271]  ? user_path_at_empty+0x14e/0x1a0
[  197.195439][ T3271]  __se_sys_mount+0x2c4/0x3b0
[  197.199951][ T3271]  ? __x64_sys_mount+0xd0/0xd0
[  197.204551][ T3271]  ? debug_smp_processor_id+0x17/0x20
[  197.209759][ T3271]  __x64_sys_mount+0xbf/0xd0
[  197.214272][ T3271]  x64_sys_call+0x49d/0x9a0
[  197.218610][ T3271]  do_syscall_64+0x3b/0xb0
[  197.222863][ T3271]  ? clear_bhb_loop+0x55/0xb0
[  197.227378][ T3271]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  197.233104][ T3271] RIP: 0033:0x7fb1f9779eb9
[  197.237359][ T3271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.256886][ T3271] RSP: 002b:00007fb1fa4ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  197.265133][ T3271] RAX: ffffffffffffffda RBX: 00007fb1f9915f80 RCX: 00007fb1f9779eb9
[  197.272943][ T3271] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[  197.280843][ T3271] RBP: 00007fb1fa4ff090 R08: 0000000020000580 R09: 0000000000000000
[  197.288661][ T3271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  197.296466][ T3271] R13: 0000000000000000 R14: 00007fb1f9915f80 R15: 00007ffcfb9bab48
[  197.304280][ T3271]  </TASK>
[  197.307276][ T1894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.318288][ T1894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.327890][ T1894] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  197.340018][ T1894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.348475][ T1894] usb 1-1: config 0 descriptor??
[  197.496753][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.519568][  T316] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.529439][  T316] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  197.538294][  T316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.546593][  T316] usb 4-1: config 0 descriptor??
[  197.796472][  T644] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  197.841030][ T1894] sony 0003:054C:0268.0035: unknown main item tag 0x0
[  197.847558][ T3288] loop2: detected capacity change from 0 to 128
[  197.847814][ T1894] sony 0003:054C:0268.0035: unknown main item tag 0x0
[  197.854176][ T3288] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  197.861529][ T1894] sony 0003:054C:0268.0035: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[  197.881412][ T1894] sony 0003:054C:0268.0035: failed to claim input
[  197.889598][ T1894] usb 3-1: USB disconnect, device number 27
[  198.041115][  T316] logitech-hidpp-device 0003:046D:C086.0036: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0
[  198.054057][   T24] usb 1-1: USB disconnect, device number 24
[  198.166598][  T644] usb 5-1: config 0 has an invalid interface number: 242 but max is 0
[  198.174575][  T644] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  198.184559][  T644] usb 5-1: config 0 has no interface number 0
[  198.190399][  T644] usb 5-1: config 0 interface 242 altsetting 1 endpoint 0xF has an invalid bInterval 0, changing to 7
[  198.201159][  T644] usb 5-1: config 0 interface 242 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 15
[  198.214051][  T644] usb 5-1: config 0 interface 242 has no altsetting 0
[  198.236575][ T1894] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  198.244366][  T316] usb 4-1: USB disconnect, device number 19
[  198.376515][  T644] usb 5-1: New USB device found, idVendor=8b63, idProduct=6fac, bcdDevice=80.95
[  198.385433][  T644] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.393205][  T644] usb 5-1: Product: syz
[  198.397293][  T644] usb 5-1: Manufacturer: syz
[  198.401677][  T644] usb 5-1: SerialNumber: syz
[  198.406821][  T644] usb 5-1: config 0 descriptor??
[  198.476569][ T1894] usb 3-1: Using ep0 maxpacket: 32
[  198.564374][ T3292] loop0: detected capacity change from 0 to 512
[  198.577956][ T3292] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  198.586753][ T3292] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038 (0x7fffffff)
[  198.596686][ T1894] usb 3-1: config 0 has an invalid interface number: 57 but max is 0
[  198.604643][ T1894] usb 3-1: config 0 has no interface number 0
[  198.616427][ T1894] usb 3-1: too many endpoints for config 0 interface 57 altsetting 96: 144, using maximum allowed: 30
[  198.616464][  T318] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  198.636428][ T1894] usb 3-1: config 0 interface 57 altsetting 96 has 0 endpoint descriptors, different from the interface descriptor's value: 144
[  198.662385][ T1894] usb 3-1: config 0 interface 57 has no altsetting 0
[  198.670119][  T644] usb 5-1: USB disconnect, device number 22
[  198.886970][ T1894] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  198.912301][ T1894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.920255][ T1894] usb 3-1: Product: syz
[  198.924457][ T1894] usb 3-1: Manufacturer: syz
[  198.928975][ T1894] usb 3-1: SerialNumber: syz
[  198.957698][ T1894] usb 3-1: config 0 descriptor??
[  199.116511][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.127263][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.136761][  T318] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  199.145601][  T318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.153908][  T318] usb 2-1: config 0 descriptor??
[  199.329892][ T3288] tipc: Enabling of bearer <euh:v> rejected, media not registered
[  199.473178][ T1127] EXT4-fs (loop0): unmounting filesystem.
[  199.485259][ T3310] netlink: 'syz.0.691': attribute type 4 has an invalid length.
[  199.492770][ T3310] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.691'.
[  199.833569][  T318] lg-g15 0003:046D:C222.0037: unknown main item tag 0x0
[  199.840907][  T318] lg-g15 0003:046D:C222.0037: item fetching failed at offset 10/11
[  199.848877][  T318] lg-g15: probe of 0003:046D:C222.0037 failed with error -22
[  199.981643][  T644] usb 2-1: USB disconnect, device number 28
[  200.343981][ T3330] incfs_lookup_dentry err:-22
[  200.348551][ T3330] incfs: Can't find or create .index dir in ./file0
[  200.355039][ T3330] incfs: mount failed -22
[  200.372368][ T3332] loop4: detected capacity change from 0 to 1024
[  200.379644][ T3332] JBD2: no valid journal superblock found
[  200.385232][ T3332] EXT4-fs (loop4): error loading journal
[  200.468932][ T3334] loop0: detected capacity change from 0 to 128
[  200.860862][ T3347] FAULT_INJECTION: forcing a failure.
[  200.860862][ T3347] name failslab, interval 1, probability 0, space 0, times 0
[  200.870112][  T386] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  200.873511][ T3347] CPU: 1 PID: 3347 Comm: syz.3.700 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  200.890199][ T3347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  200.900089][ T3347] Call Trace:
[  200.903213][ T3347]  <TASK>
[  200.905990][ T3347]  dump_stack_lvl+0x151/0x1b7
[  200.910502][ T3347]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  200.915825][ T3347]  ? is_bpf_text_address+0x172/0x190
[  200.920919][ T3347]  dump_stack+0x15/0x1c
[  200.924911][ T3347]  should_fail_ex+0x3d0/0x520
[  200.929431][ T3347]  ? __alloc_skb+0xcc/0x2d0
[  200.933763][ T3347]  __should_failslab+0xaf/0xf0
[  200.938365][ T3347]  should_failslab+0x9/0x20
[  200.942709][ T3347]  kmem_cache_alloc_node+0x3e/0x2d0
[  200.947856][ T3347]  ? avc_has_perm_noaudit+0x348/0x430
[  200.953071][ T3347]  __alloc_skb+0xcc/0x2d0
[  200.957219][ T3347]  ? avc_has_perm_noaudit+0x2dd/0x430
[  200.962434][ T3347]  tcp_stream_alloc_skb+0x46/0x340
[  200.967377][ T3347]  tcp_sendmsg_locked+0xda6/0x4000
[  200.972324][ T3347]  ? avc_has_perm+0x16f/0x260
[  200.976840][ T3347]  ? __kasan_check_write+0x14/0x20
[  200.981785][ T3347]  ? tcp_set_state+0x6c0/0x6c0
[  200.986385][ T3347]  tcp_sendmsg+0x2f/0x50
[  200.990460][ T3347]  inet_sendmsg+0xa1/0xc0
[  200.994623][ T3347]  ? inet_send_prepare+0x4a0/0x4a0
[  200.999580][ T3347]  __sys_sendto+0x480/0x600
[  201.003914][ T3347]  ? __ia32_sys_getpeername+0x90/0x90
[  201.009205][ T3347]  ? mutex_unlock+0xb2/0x260
[  201.013635][ T3347]  ? __kasan_check_write+0x14/0x20
[  201.018582][ T3347]  ? debug_smp_processor_id+0x17/0x20
[  201.023788][ T3347]  __x64_sys_sendto+0xe5/0x100
[  201.028388][ T3347]  x64_sys_call+0x15c/0x9a0
[  201.032727][ T3347]  do_syscall_64+0x3b/0xb0
[  201.036980][ T3347]  ? clear_bhb_loop+0x55/0xb0
[  201.041491][ T3347]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  201.047221][ T3347] RIP: 0033:0x7f0e6ef79eb9
[  201.051476][ T3347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.070916][ T3347] RSP: 002b:00007f0e6fdd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  201.079162][ T3347] RAX: ffffffffffffffda RBX: 00007f0e6f116058 RCX: 00007f0e6ef79eb9
[  201.086973][ T3347] RDX: 000000000000fe6a RSI: 0000000020000700 RDI: 0000000000000004
[  201.094784][ T3347] RBP: 00007f0e6fdd5090 R08: 0000000000000000 R09: fffffffffffffe93
[  201.102769][ T3347] R10: 0000000000040040 R11: 0000000000000246 R12: 0000000000000001
[  201.110580][ T3347] R13: 0000000000000001 R14: 00007f0e6f116058 R15: 00007ffe0d4ca018
[  201.118396][ T3347]  </TASK>
[  201.130975][ T3349] loop2: detected capacity change from 0 to 512
[  201.177090][ T3349] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  201.186607][ T3349] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[  201.323589][ T3357] netlink: 'syz.0.702': attribute type 4 has an invalid length.
[  201.333678][ T3357] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.702'.
[  201.356513][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.368124][  T386] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.377769][  T386] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  201.390596][  T386] usb 2-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[  201.399705][  T386] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.410105][  T386] usb 2-1: config 0 descriptor??
[  201.986525][  T644] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  202.029588][ T3370] netlink: 24 bytes leftover after parsing attributes in process `syz.1.698'.
[  202.040052][ T1042] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  202.144530][  T386] betop 0003:11C2:2208.0038: item fetching failed at offset 4/5
[  202.146174][ T3111] EXT4-fs (loop2): unmounting filesystem.
[  202.152387][  T386] betop 0003:11C2:2208.0038: parse failed
[  202.163255][  T386] betop: probe of 0003:11C2:2208.0038 failed with error -22
[  202.436600][  T644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.449479][  T644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.459120][ T1042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.469797][  T644] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  202.478597][ T1042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.488183][  T644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.495921][ T1042] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  202.504980][ T1042] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.512948][  T644] usb 4-1: config 0 descriptor??
[  202.517856][   T24] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  202.525646][ T1042] usb 5-1: config 0 descriptor??
[  202.796430][   T24] usb 1-1: device descriptor read/64, error -71
[  202.987302][  T644] hid-steam 0003:28DE:1142.0039: unknown main item tag 0x0
[  202.994401][  T644] hid-steam 0003:28DE:1142.0039: unknown main item tag 0x0
[  203.001434][  T644] hid-steam 0003:28DE:1142.0039: unknown main item tag 0x0
[  203.008647][  T644] hid-steam 0003:28DE:1142.0039: unknown main item tag 0x0
[  203.017550][  T644] hid-steam 0003:28DE:1142.0039: unknown main item tag 0x0
[  203.025194][  T644] hid-steam 0003:28DE:1142.0039: hidraw0: USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  203.037854][ T1042] sony 0003:054C:0268.003A: unknown main item tag 0x0
[  203.044568][ T1042] sony 0003:054C:0268.003A: unknown main item tag 0x0
[  203.052603][ T1042] sony 0003:054C:0268.003A: hiddev96,hidraw1: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0
[  203.064401][ T1042] sony 0003:054C:0268.003A: failed to claim input
[  203.185056][ T3381] loop2: detected capacity change from 0 to 40427
[  203.191795][ T3381] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  203.196906][ T1042] usb 4-1: USB disconnect, device number 20
[  203.198007][ T3381] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  203.214099][ T3381] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  203.225093][   T24] usb 1-1: device descriptor read/64, error -71
[  203.238886][ T3381] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  203.239202][  T644] usb 5-1: USB disconnect, device number 23
[  203.245737][ T3381] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  203.258877][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  203.258892][   T28] audit: type=1400 audit(2000000017.400:832): avc:  denied  { read } for  pid=3380 comm="syz.2.708" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  203.287147][   T28] audit: type=1400 audit(2000000017.400:833): avc:  denied  { open } for  pid=3380 comm="syz.2.708" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  203.289374][ T3381] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  203.506473][   T24] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  203.549733][  T318] usb 2-1: USB disconnect, device number 29
[  203.596497][ T1894] rtl8150 3-1:0.57: couldn't reset the device
[  203.602479][ T1894] rtl8150: probe of 3-1:0.57 failed with error -5
[  203.609317][ T1894] usb 3-1: USB disconnect, device number 28
[  203.816459][   T24] usb 1-1: device descriptor read/64, error -71
[  204.376444][  T318] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  204.376470][ T1894] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  204.627653][   T24] usb 1-1: device descriptor read/64, error -71
[  204.676440][ T1894] usb 3-1: Using ep0 maxpacket: 16
[  204.898599][   T24] usb usb1-port1: attempt power cycle
[  204.936576][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.947340][  T318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.957124][  T318] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  204.965965][  T318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.974164][  T318] usb 2-1: config 0 descriptor??
[  204.996576][ T1894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.007445][ T1894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.016947][ T1894] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  205.029661][ T1894] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  205.038519][ T1894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.046426][  T316] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  205.046908][ T1894] usb 3-1: config 0 descriptor??
[  205.296292][  T316] usb 5-1: Using ep0 maxpacket: 16
[  205.617838][  T318] lg-g15 0003:046D:C222.003B: unknown main item tag 0x0
[  205.624726][  T318] lg-g15 0003:046D:C222.003B: item fetching failed at offset 10/11
[  205.633174][  T318] lg-g15: probe of 0003:046D:C222.003B failed with error -22
[  205.641010][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.652626][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.662299][  T316] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  205.671103][  T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.679383][  T316] usb 5-1: config 0 descriptor??
[  205.889896][ T3411] FAULT_INJECTION: forcing a failure.
[  205.889896][ T3411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.892564][  T318] usb 2-1: USB disconnect, device number 30
[  205.902816][ T3411] CPU: 1 PID: 3411 Comm: syz.3.715 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  205.917938][ T3411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  205.927833][ T3411] Call Trace:
[  205.930957][ T3411]  <TASK>
[  205.933731][ T3411]  dump_stack_lvl+0x151/0x1b7
[  205.938246][ T3411]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  205.943541][ T3411]  ? vfs_write+0xbb3/0xeb0
[  205.947798][ T3411]  ? __kasan_slab_free+0x11/0x20
[  205.952584][ T3411]  dump_stack+0x15/0x1c
[  205.956559][ T3411]  should_fail_ex+0x3d0/0x520
[  205.961164][ T3411]  should_fail+0xb/0x10
[  205.965149][ T3411]  should_fail_usercopy+0x1a/0x20
[  205.970012][ T3411]  _copy_from_user+0x1e/0xc0
[  205.974437][ T3411]  move_addr_to_kernel+0x87/0x150
[  205.979304][ T3411]  __sys_connect+0xbd/0x300
[  205.983638][ T3411]  ? __sys_connect_file+0x170/0x170
[  205.988672][ T3411]  ? debug_smp_processor_id+0x17/0x20
[  205.993878][ T3411]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  205.999781][ T3411]  __x64_sys_connect+0x7a/0x90
[  206.004467][ T3411]  x64_sys_call+0x14e/0x9a0
[  206.008809][ T3411]  do_syscall_64+0x3b/0xb0
[  206.013060][ T3411]  ? clear_bhb_loop+0x55/0xb0
[  206.017580][ T3411]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.023304][ T3411] RIP: 0033:0x7f0e6ef79eb9
[  206.027557][ T3411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.046995][ T3411] RSP: 002b:00007f0e6fdb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  206.055239][ T3411] RAX: ffffffffffffffda RBX: 00007f0e6f116130 RCX: 00007f0e6ef79eb9
[  206.063058][ T3411] RDX: 000000000000001c RSI: 0000000020000080 RDI: 000000000000000a
[  206.070880][ T3411] RBP: 00007f0e6fdb4090 R08: 0000000000000000 R09: 0000000000000000
[  206.078689][ T3411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.086490][ T3411] R13: 0000000000000000 R14: 00007f0e6f116130 R15: 00007ffe0d4ca018
[  206.094313][ T3411]  </TASK>
[  206.186460][ T1894] usbhid 3-1:0.0: can't add hid device: -71
[  206.192289][ T1894] usbhid: probe of 3-1:0.0 failed with error -71
[  206.199682][ T1894] usb 3-1: USB disconnect, device number 29
[  206.326899][ T3399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.335228][ T3399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.347358][  T316] hid-multitouch 0003:1FD2:6007.003C: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  207.013311][ T1042] usb 5-1: USB disconnect, device number 24
[  207.187441][ T3111] syz-executor: attempt to access beyond end of device
[  207.187441][ T3111] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  207.263817][ T3433] loop2: detected capacity change from 0 to 128
[  207.270405][ T3433] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  207.281367][ T3433] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  207.291586][ T3433] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz.2.719: No space for directory leaf checksum. Please run e2fsck -D.
[  207.307393][ T3433] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz.2.719: checksumming directory block 0
[  207.373417][ T3433] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz.2.719: No space for directory leaf checksum. Please run e2fsck -D.
[  207.388754][ T3433] EXT4-fs error (device loop2): __ext4_find_entry:1695: inode #2: comm syz.2.719: checksumming directory block 0
[  207.401307][ T3433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.719'.
[  207.410830][ T3433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.719'.
[  207.423117][ T3433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.719'.
[  207.442300][ T3433] xt_hashlimit: invalid rate
[  207.467011][ T3111] EXT4-fs (loop2): unmounting filesystem.
[  207.473280][ T3442] FAULT_INJECTION: forcing a failure.
[  207.473280][ T3442] name failslab, interval 1, probability 0, space 0, times 0
[  207.485717][ T3442] CPU: 1 PID: 3442 Comm: syz.1.721 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  207.495135][ T3442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  207.505030][ T3442] Call Trace:
[  207.508155][ T3442]  <TASK>
[  207.510941][ T3442]  dump_stack_lvl+0x151/0x1b7
[  207.515445][ T3442]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  207.520741][ T3442]  dump_stack+0x15/0x1c
[  207.524732][ T3442]  should_fail_ex+0x3d0/0x520
[  207.529241][ T3442]  ? ___neigh_create+0x6af/0x1db0
[  207.534101][ T3442]  __should_failslab+0xaf/0xf0
[  207.538702][ T3442]  should_failslab+0x9/0x20
[  207.543042][ T3442]  __kmem_cache_alloc_node+0x3d/0x250
[  207.548252][ T3442]  ? ___neigh_create+0x6af/0x1db0
[  207.553110][ T3442]  __kmalloc+0xa3/0x1e0
[  207.557103][ T3442]  ___neigh_create+0x6af/0x1db0
[  207.561792][ T3442]  ? selinux_ip_postroute+0x2d5/0x13d0
[  207.567085][ T3442]  ? __local_bh_enable_ip+0x58/0x80
[  207.572119][ T3442]  __neigh_create+0x32/0x40
[  207.576459][ T3442]  ip_neigh_gw4+0x265/0x340
[  207.580799][ T3442]  ? ip_finish_output2+0xf70/0xf70
[  207.585747][ T3442]  ip_finish_output2+0xcc2/0xf70
[  207.590522][ T3442]  ? ip_fragment+0x210/0x210
[  207.594943][ T3442]  ? ipt_do_table+0x2ff/0x17c0
[  207.599562][ T3442]  ? iptable_mangle_hook+0x19d/0x4f0
[  207.604665][ T3442]  ? ip_skb_dst_mtu+0x420/0x630
[  207.609353][ T3442]  __ip_finish_output+0x162/0x370
[  207.614213][ T3442]  ip_finish_output+0x31/0x2a0
[  207.618816][ T3442]  ? ip_output+0x3e1/0x420
[  207.623067][ T3442]  ip_output+0x1d6/0x420
[  207.627146][ T3442]  ? ip_finish_output+0x2a0/0x2a0
[  207.632007][ T3442]  ? ip_mc_finish_output+0x4b0/0x4b0
[  207.637129][ T3442]  ip_send_skb+0xb0/0x140
[  207.641302][ T3442]  udp_send_skb+0xac5/0x1520
[  207.645729][ T3442]  udp_sendmsg+0x1d26/0x2af0
[  207.650151][ T3442]  ? ip_skb_dst_mtu+0x630/0x630
[  207.654834][ T3442]  ? udp_cmsg_send+0x3a0/0x3a0
[  207.659435][ T3442]  ? selinux_socket_sendmsg+0x243/0x340
[  207.664816][ T3442]  ? kernel_text_address+0xa9/0xe0
[  207.669759][ T3442]  ? inet_send_prepare+0x5e/0x4a0
[  207.674621][ T3442]  inet_sendmsg+0xa1/0xc0
[  207.678787][ T3442]  ? inet_send_prepare+0x4a0/0x4a0
[  207.683740][ T3442]  ____sys_sendmsg+0x5d3/0x9a0
[  207.688339][ T3442]  ? __sys_sendmsg_sock+0x40/0x40
[  207.693197][ T3442]  __sys_sendmmsg+0x3b9/0x6f0
[  207.697709][ T3442]  ? kasan_set_track+0x4b/0x70
[  207.702308][ T3442]  ? __ia32_sys_sendmsg+0x90/0x90
[  207.707169][ T3442]  ? __kasan_check_write+0x14/0x20
[  207.712125][ T3442]  ? __kasan_check_write+0x14/0x20
[  207.717062][ T3442]  ? proc_fail_nth_write+0x20b/0x290
[  207.722182][ T3442]  ? selinux_file_permission+0x2bb/0x560
[  207.727653][ T3442]  ? proc_fail_nth_read+0x210/0x210
[  207.732684][ T3442]  ? fsnotify_perm+0x6a/0x5d0
[  207.737200][ T3442]  ? vfs_write+0xbb3/0xeb0
[  207.741450][ T3442]  ? __kasan_slab_free+0x11/0x20
[  207.746227][ T3442]  ? __kasan_check_write+0x14/0x20
[  207.751173][ T3442]  ? mutex_unlock+0xb2/0x260
[  207.755604][ T3442]  ? __ia32_sys_read+0x90/0x90
[  207.760199][ T3442]  ? debug_smp_processor_id+0x17/0x20
[  207.765405][ T3442]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  207.771309][ T3442]  __x64_sys_sendmmsg+0xa0/0xb0
[  207.775997][ T3442]  x64_sys_call+0x81d/0x9a0
[  207.780335][ T3442]  do_syscall_64+0x3b/0xb0
[  207.784594][ T3442]  ? clear_bhb_loop+0x55/0xb0
[  207.789102][ T3442]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.794829][ T3442] RIP: 0033:0x7fb1f9779eb9
[  207.799084][ T3442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.818523][ T3442] RSP: 002b:00007fb1fa4de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  207.826767][ T3442] RAX: ffffffffffffffda RBX: 00007fb1f9916058 RCX: 00007fb1f9779eb9
[  207.834579][ T3442] RDX: 000000000000002d RSI: 0000000020007fc0 RDI: 0000000000000008
[  207.842391][ T3442] RBP: 00007fb1fa4de090 R08: 0000000000000000 R09: 0000000000000000
[  207.850203][ T3442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.858016][ T3442] R13: 0000000000000000 R14: 00007fb1f9916058 R15: 00007ffcfb9bab48
[  207.865924][ T3442]  </TASK>
[  207.901451][ T3449] loop4: detected capacity change from 0 to 1024
[  207.916272][ T3449] JBD2: no valid journal superblock found
[  207.929175][ T3449] EXT4-fs (loop4): error loading journal
[  208.019690][ T3436] loop0: detected capacity change from 0 to 40427
[  208.027012][ T3436] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  208.034620][ T3436] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  208.043535][ T3436] F2FS-fs (loop0): invalid crc value
[  208.050138][ T3436] F2FS-fs (loop0): Found nat_bits in checkpoint
[  208.176580][ T1042] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  208.323422][ T3436] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  208.330453][ T3436] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  208.448336][ T3465] device vlan2 entered promiscuous mode
[  208.864960][ T3466] netlink: 172 bytes leftover after parsing attributes in process `syz.0.720'.
[  208.876312][ T1894] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  209.037077][ T1127] syz-executor: attempt to access beyond end of device
[  209.037077][ T1127] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  209.096222][ T3473] loop4: detected capacity change from 0 to 256
[  209.105023][ T3473] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  209.117321][ T1042] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.134248][ T1042] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.145973][ T1042] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  209.158824][ T1894] usb 3-1: Using ep0 maxpacket: 16
[  209.254457][ T1042] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[  209.299407][ T1042] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.308221][ T1042] usb 4-1: config 0 descriptor??
[  209.308331][ T3480] FAULT_INJECTION: forcing a failure.
[  209.308331][ T3480] name failslab, interval 1, probability 0, space 0, times 0
[  209.325570][ T3480] CPU: 0 PID: 3480 Comm: syz.0.730 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  209.334932][ T3480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  209.344826][ T3480] Call Trace:
[  209.347951][ T3480]  <TASK>
[  209.350726][ T3480]  dump_stack_lvl+0x151/0x1b7
[  209.355239][ T3480]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  209.360542][ T3480]  dump_stack+0x15/0x1c
[  209.364528][ T3480]  should_fail_ex+0x3d0/0x520
[  209.369041][ T3480]  ? __alloc_skb+0xcc/0x2d0
[  209.373389][ T3480]  __should_failslab+0xaf/0xf0
[  209.377981][ T3480]  should_failslab+0x9/0x20
[  209.382318][ T3480]  kmem_cache_alloc_node+0x3e/0x2d0
[  209.387415][ T3480]  __alloc_skb+0xcc/0x2d0
[  209.391527][ T3480]  tipc_msg_build+0x145/0x1190
[  209.396123][ T3480]  ? tipc_node_find+0x206/0x4c0
[  209.400807][ T3480]  ? tipc_msg_fragment+0x760/0x760
[  209.405755][ T3480]  ? kasan_set_track+0x60/0x70
[  209.410353][ T3480]  ? tipc_node_get_mtu+0x20f/0x2b0
[  209.415298][ T3480]  __tipc_sendmsg+0x1c7b/0x3240
[  209.419985][ T3480]  ? do_filp_open+0x230/0x480
[  209.424505][ T3480]  ? do_sys_openat2+0x151/0x890
[  209.429189][ T3480]  ? avc_has_perm_noaudit+0x2dd/0x430
[  209.434393][ T3480]  ? rht_lock+0x130/0x130
[  209.438558][ T3480]  ? avc_denied+0x1b0/0x1b0
[  209.442904][ T3480]  ? avc_has_perm+0x16f/0x260
[  209.447500][ T3480]  ? avc_has_perm_noaudit+0x430/0x430
[  209.452707][ T3480]  ? __kasan_check_write+0x14/0x20
[  209.457656][ T3480]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  209.462512][ T3480]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  209.467549][ T3480]  ? __local_bh_enable_ip+0x58/0x80
[  209.472594][ T3480]  ? lock_sock_nested+0x261/0x300
[  209.477445][ T3480]  ? sock_init_data+0xc0/0xc0
[  209.481954][ T3480]  ? wait_woken+0x100/0x100
[  209.486297][ T3480]  ? tipc_recvmsg+0x13b0/0x13b0
[  209.490981][ T3480]  tipc_sendmsg+0x55/0x70
[  209.495149][ T3480]  ____sys_sendmsg+0x5d3/0x9a0
[  209.499749][ T3480]  ? __sys_sendmsg_sock+0x40/0x40
[  209.504611][ T3480]  __sys_sendmmsg+0x3b9/0x6f0
[  209.509123][ T3480]  ? kasan_set_track+0x4b/0x70
[  209.513729][ T3480]  ? __ia32_sys_sendmsg+0x90/0x90
[  209.518669][ T3480]  ? __kasan_check_write+0x14/0x20
[  209.523620][ T3480]  ? __kasan_check_write+0x14/0x20
[  209.528562][ T3480]  ? proc_fail_nth_write+0x20b/0x290
[  209.533694][ T3480]  ? selinux_file_permission+0x2bb/0x560
[  209.539152][ T3480]  ? proc_fail_nth_read+0x210/0x210
[  209.544185][ T3480]  ? fsnotify_perm+0x6a/0x5d0
[  209.548704][ T3480]  ? vfs_write+0xbb3/0xeb0
[  209.552953][ T3480]  ? __kasan_slab_free+0x11/0x20
[  209.557728][ T3480]  ? __kasan_check_write+0x14/0x20
[  209.562686][ T3480]  ? mutex_unlock+0xb2/0x260
[  209.567104][ T3480]  ? __ia32_sys_read+0x90/0x90
[  209.571700][ T3480]  ? debug_smp_processor_id+0x17/0x20
[  209.576907][ T3480]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  209.582811][ T3480]  __x64_sys_sendmmsg+0xa0/0xb0
[  209.587497][ T3480]  x64_sys_call+0x81d/0x9a0
[  209.591834][ T3480]  do_syscall_64+0x3b/0xb0
[  209.596088][ T3480]  ? clear_bhb_loop+0x55/0xb0
[  209.600776][ T3480]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  209.606502][ T3480] RIP: 0033:0x7ff9aff79eb9
[  209.610757][ T3480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.630199][ T3480] RSP: 002b:00007ff9b0c8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  209.638443][ T3480] RAX: ffffffffffffffda RBX: 00007ff9b0116058 RCX: 00007ff9aff79eb9
[  209.646253][ T3480] RDX: 00000000000004e8 RSI: 00000000200044c0 RDI: 0000000000000006
[  209.654073][ T3480] RBP: 00007ff9b0c8a090 R08: 0000000000000000 R09: 0000000000000000
[  209.661878][ T3480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  209.669689][ T3480] R13: 0000000000000000 R14: 00007ff9b0116058 R15: 00007ffd32d25088
[  209.677507][ T3480]  </TASK>
[  209.857085][ T1894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.870135][ T1894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.884741][ T1894] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  209.919234][ T1894] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  209.955304][ T1894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.963786][ T1894] usb 3-1: config 0 descriptor??
[  210.096344][ T3491] loop1: detected capacity change from 0 to 256
[  210.105197][ T3491] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  210.898122][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  210.905327][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  210.914118][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  210.921492][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  210.929783][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  210.996327][ T3501] netlink: 24 bytes leftover after parsing attributes in process `syz.3.724'.
[  211.012222][ T1042] betop 0003:11C2:2208.003E: item fetching failed at offset 4/5
[  211.027525][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  211.134192][ T1042] betop 0003:11C2:2208.003E: parse failed
[  211.140719][ T3506] FAULT_INJECTION: forcing a failure.
[  211.140719][ T3506] name failslab, interval 1, probability 0, space 0, times 0
[  211.186092][ T3506] CPU: 0 PID: 3506 Comm: syz.0.736 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  211.195557][ T3506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  211.197334][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  211.205452][ T3506] Call Trace:
[  211.205463][ T3506]  <TASK>
[  211.212559][ T1042] betop: probe of 0003:11C2:2208.003E failed with error -22
[  211.215604][ T3506]  dump_stack_lvl+0x151/0x1b7
[  211.219515][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  211.225511][ T3506]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  211.242335][ T3506]  ? arch_stack_walk+0xf3/0x140
[  211.247022][ T3506]  dump_stack+0x15/0x1c
[  211.251015][ T3506]  should_fail_ex+0x3d0/0x520
[  211.255525][ T3506]  ? genl_start+0x15e/0x480
[  211.259867][ T3506]  __should_failslab+0xaf/0xf0
[  211.264465][ T3506]  should_failslab+0x9/0x20
[  211.268809][ T3506]  __kmem_cache_alloc_node+0x3d/0x250
[  211.274016][ T3506]  ? genl_start+0x15e/0x480
[  211.278366][ T3506]  kmalloc_trace+0x2a/0xa0
[  211.282610][ T3506]  genl_start+0x15e/0x480
[  211.286777][ T3506]  __netlink_dump_start+0x4d9/0x820
[  211.291816][ T3506]  genl_rcv_msg+0x9ea/0xf70
[  211.296249][ T3506]  ? unwind_get_return_address+0x4d/0x90
[  211.301709][ T3506]  ? nl80211_wiphy_netns+0x210/0x210
[  211.306831][ T3506]  ? genl_bind+0x360/0x360
[  211.311081][ T3506]  ? stack_trace_save+0x113/0x1c0
[  211.315942][ T3506]  ? stack_trace_snprint+0xf0/0xf0
[  211.320975][ T3506]  ? genl_rcv_msg+0xf70/0xf70
[  211.325489][ T3506]  ? nl80211_wiphy_netns+0x210/0x210
[  211.330608][ T3506]  ? genl_lock_done+0xd0/0xd0
[  211.335122][ T3506]  ? kasan_set_track+0x4b/0x70
[  211.339726][ T3506]  ? down_read+0xeb7/0x1aa0
[  211.344062][ T3506]  ? kasan_set_track+0x4b/0x70
[  211.348661][ T3506]  ? __kasan_kmalloc+0x9c/0xb0
[  211.353261][ T3506]  ? __kmalloc_node_track_caller+0xb3/0x1e0
[  211.358989][ T3506]  ? nl80211_wiphy_netns+0x210/0x210
[  211.364110][ T3506]  ? __down_common+0x690/0x690
[  211.368713][ T3506]  netlink_rcv_skb+0x1cd/0x410
[  211.373310][ T3506]  ? genl_bind+0x360/0x360
[  211.377565][ T3506]  ? netlink_ack+0x12a0/0x12a0
[  211.382179][ T3506]  ? __netlink_lookup+0x37b/0x3a0
[  211.387034][ T3506]  genl_rcv+0x28/0x40
[  211.390849][ T3506]  netlink_unicast+0x906/0xab0
[  211.395508][ T3506]  ? netlink_detachskb+0x90/0x90
[  211.400228][ T3506]  ? security_netlink_send+0x7b/0xa0
[  211.405338][ T3506]  netlink_sendmsg+0xa15/0xd30
[  211.409944][ T3506]  ? netlink_getsockopt+0x540/0x540
[  211.414976][ T3506]  ? security_socket_sendmsg+0x82/0xb0
[  211.420338][ T3506]  ? netlink_getsockopt+0x540/0x540
[  211.425321][ T3506]  ____sys_sendmsg+0x5d3/0x9a0
[  211.429903][ T3506]  ? __sys_sendmsg_sock+0x40/0x40
[  211.434774][ T3506]  __sys_sendmsg+0x2a9/0x390
[  211.439188][ T3506]  ? ____sys_sendmsg+0x9a0/0x9a0
[  211.443962][ T3506]  ? __kasan_check_write+0x14/0x20
[  211.448924][ T3506]  ? mutex_unlock+0xb2/0x260
[  211.453349][ T3506]  ? __kasan_check_write+0x14/0x20
[  211.458289][ T3506]  ? __ia32_sys_read+0x90/0x90
[  211.462880][ T3506]  ? debug_smp_processor_id+0x17/0x20
[  211.468088][ T3506]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  211.473999][ T3506]  __x64_sys_sendmsg+0x7f/0x90
[  211.478597][ T3506]  x64_sys_call+0x16a/0x9a0
[  211.482929][ T3506]  do_syscall_64+0x3b/0xb0
[  211.487200][ T3506]  ? clear_bhb_loop+0x55/0xb0
[  211.491700][ T3506]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.497425][ T3506] RIP: 0033:0x7ff9aff79eb9
[  211.501677][ T3506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.521121][ T3506] RSP: 002b:00007ff9b0cab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  211.529364][ T3506] RAX: ffffffffffffffda RBX: 00007ff9b0115f80 RCX: 00007ff9aff79eb9
[  211.537176][ T3506] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000006
[  211.544986][ T3506] RBP: 00007ff9b0cab090 R08: 0000000000000000 R09: 0000000000000000
[  211.552800][ T3506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.560610][ T3506] R13: 0000000000000000 R14: 00007ff9b0115f80 R15: 00007ffd32d25088
[  211.568430][ T3506]  </TASK>
[  211.593569][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  211.624309][ T1894] microsoft 0003:045E:07DA.003D: unknown main item tag 0x0
[  211.916496][   T28] audit: type=1400 audit(2000000025.970:834): avc:  denied  { create } for  pid=3503 comm="syz.4.737" name="#f" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  211.944795][ T1894] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.003D/input/input7
[  211.956138][   T28] audit: type=1400 audit(2000000025.980:835): avc:  denied  { link } for  pid=3503 comm="syz.4.737" name="#f" dev="tmpfs" ino=812 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  211.996231][   T28] audit: type=1400 audit(2000000025.980:836): avc:  denied  { rename } for  pid=3503 comm="syz.4.737" name="#10" dev="tmpfs" ino=812 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  212.029139][ T3512] loop4: detected capacity change from 0 to 512
[  212.047735][ T1894] microsoft 0003:045E:07DA.003D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  212.066615][ T3512] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.111696][ T3512] EXT4-fs (loop4): 1 truncate cleaned up
[  212.125476][ T3512] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  212.126654][ T1894] usb 3-1: USB disconnect, device number 30
[  212.133817][   T28] audit: type=1400 audit(2000000026.270:837): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1112 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  212.419982][   T28] audit: type=1400 audit(2000000026.530:838): avc:  denied  { unlink } for  pid=3511 comm="syz.4.739" name="#11" dev="loop4" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  212.636042][ T3508] loop1: detected capacity change from 0 to 40427
[  212.676671][ T3508] ================================================================================
[  212.694148][ T3508] UBSAN: shift-out-of-bounds in fs/f2fs/super.c:911:5
[  212.714947][ T3508] shift exponent 83 is too large for 64-bit type 'unsigned long'
[  212.733493][ T3508] CPU: 0 PID: 3508 Comm: syz.1.738 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  212.742960][ T3508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  212.748727][ T1894] usb 4-1: USB disconnect, device number 21
[  212.752849][ T3508] Call Trace:
[  212.752860][ T3508]  <TASK>
[  212.764485][ T3508]  dump_stack_lvl+0x151/0x1b7
[  212.768999][ T3508]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  212.774294][ T3508]  dump_stack+0x15/0x1c
[  212.778295][ T3508]  __ubsan_handle_shift_out_of_bounds+0x3e1/0x440
[  212.784540][ T3508]  parse_options+0x4b90/0x4ba0
[  212.786898][ T3516] loop0: detected capacity change from 0 to 40427
[  212.789128][ T3508]  ? mount_bdev+0x282/0x3b0
[  212.799721][ T3508]  ? f2fs_mount+0x34/0x40
[  212.801528][ T3516] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  212.803891][ T3508]  ? default_options+0xc80/0xc80
[  212.811426][ T3516] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  212.816125][ T3508]  ? kstrdup+0x54/0x70
[  212.824896][ T3516] F2FS-fs (loop0): invalid crc value
[  212.828022][ T3508]  ? memcpy+0x56/0x70
[  212.828044][ T3508]  f2fs_fill_super+0x23bc/0x6dc0
[  212.828082][ T3508]  ? kill_f2fs_super+0x3c0/0x3c0
[  212.828104][ T3508]  ? set_blocksize+0x1cb/0x360
[  212.828124][ T3508]  ? sb_set_blocksize+0xa8/0xf0
[  212.828145][ T3508]  mount_bdev+0x282/0x3b0
[  212.828162][ T3508]  ? kill_f2fs_super+0x3c0/0x3c0
[  212.828183][ T3508]  f2fs_mount+0x34/0x40
[  212.828203][ T3508]  legacy_get_tree+0xf1/0x190
[  212.834554][ T3516] F2FS-fs (loop0): Found nat_bits in checkpoint
[  212.837091][ T3508]  ? trace_raw_output_f2fs__rw_end+0x110/0x110
[  212.871797][ T3516] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  212.873371][ T3508]  vfs_get_tree+0x88/0x290
[  212.879607][ T3516] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  212.885442][ T3508]  do_new_mount+0x2ba/0xb30
[  212.908182][ T3508]  ? do_move_mount_old+0x160/0x160
[  212.913123][ T3508]  ? security_capable+0x87/0xb0
[  212.917809][ T3508]  ? ns_capable+0x89/0xe0
[  212.921974][ T3508]  path_mount+0x671/0x1070
[  212.926230][ T3508]  ? user_path_at_empty+0x14e/0x1a0
[  212.931264][ T3508]  __se_sys_mount+0x2c4/0x3b0
[  212.935774][ T3508]  ? __x64_sys_mount+0xd0/0xd0
[  212.940378][ T3508]  ? fpregs_restore_userregs+0x130/0x290
[  212.945842][ T3508]  __x64_sys_mount+0xbf/0xd0
[  212.950269][ T3508]  x64_sys_call+0x49d/0x9a0
[  212.954609][ T3508]  do_syscall_64+0x3b/0xb0
[  212.958860][ T3508]  ? clear_bhb_loop+0x55/0xb0
[  212.963374][ T3508]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  212.969103][ T3508] RIP: 0033:0x7fb1f977b65a
[  212.973442][ T3508] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.992892][ T3508] RSP: 002b:00007fb1fa4fee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  213.001136][ T3508] RAX: ffffffffffffffda RBX: 00007fb1fa4feef0 RCX: 00007fb1f977b65a
[  213.008942][ T3508] RDX: 0000000020000180 RSI: 0000000020000040 RDI: 00007fb1fa4feeb0
[  213.016752][ T3508] RBP: 0000000020000180 R08: 00007fb1fa4feef0 R09: 0000000000000008
[  213.024566][ T3508] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000020000040
[  213.032374][ T3508] R13: 00007fb1fa4feeb0 R14: 0000000000005505 R15: 0000000020000540
[  213.040194][ T3508]  </TASK>
[  213.051557][ T3508] ================================================================================
[  213.060703][ T3508] F2FS-fs (loop1): Not support 524288, larger than 256
[  213.378256][ T3534] netlink: 172 bytes leftover after parsing attributes in process `syz.0.741'.
[  213.601338][ T1127] syz-executor: attempt to access beyond end of device
[  213.601338][ T1127] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  213.619708][  T297] EXT4-fs (loop4): unmounting filesystem.
[  214.197536][    T8] device bridge_slave_1 left promiscuous mode
[  214.203489][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.210838][    T8] device bridge_slave_0 left promiscuous mode
[  214.216869][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.224777][    T8] device dummy0 left promiscuous mode
[  214.230010][    T8] device veth1_macvtap left promiscuous mode
[  214.235814][    T8] device veth0_vlan left promiscuous mode