last executing test programs:

1m38.39917203s ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000100)={0x0, 0x9}, 0x8)

1m37.053684969s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r1, 0x1)
recvmmsg(r1, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000d0000000000000000000000009500000000000600"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000002300)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="3b0800000000000000000bf700000c000580080001"], 0x20}}, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c11802f2ff4070300", 0x33fe0}], 0x1, 0x0, 0x0, 0x35}, 0x0)

1m8.085305032s ago: executing program 2:
r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
r1 = epoll_create(0x7fff)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"fe403ca4", 0x0, 0x5, 0x81, 0x0, 0x7, "de6c0a5bcee099303c9842579a1c19", "dba0a737", "4da264d5", "e75aef41", ["4fdd51b5a333d64fd52f79de", "0c13895a26e4cb6b2f9782fc", "674a440d6cdaaf6be57cc8cd", "2d66d59cea6bb67af44fa6da"]})
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000140)={"04f16c91", 0x0, 0x0, 0x0, 0x0, 0x0, "6f99e65664cdfb5f24cf398a3f7a92", '\x00', "246a8a96", "12caa207", ['\x00', "9d09b43157145fa9a5c56bcf", "2b4af2886e6d02546f0ad9b4", "000000010100"]})

1m6.871022317s ago: executing program 4:
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x51d, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJpu1d5s2W+gBUKFLKSxotXbibVdVL2xPFUKVED1y2IbEG61ix1HslCbsIXvkjkQlTnDijAQSB6Q9cUfiADcu5YBUYAVqkJBwNWM76/xxYmUTezf+/aSR38yz/b23o3lv9HkzL4CJdTUitiPiYkS8HxGz3eNJd4vbnS1736eP7i/uPLq/mES7/d4/k7w+OxZ9n8k81/3OYkR8/52IHyb7gv4porm5tbJQq1XXu4fKrfpaubm5deNefWG5ulxdrVRuzd+ae/PmG5VT6+sr9V9/cikifv+7L3/8x+1v/Thr1ky3rr8fp6nT9endOJkLEfHdswg2BlPd/lw8yYdP9CFOUxoRn4uIV/Prfzam8rO5197T9O0Rtg4AOAvt9my0Z/v3AYDzLs1zYEla6uYCZiJNS6VODu+luJzWGs3W9buNjdWlTq7sSkynd+/VqnPdXOHD39x+O7tvmM/r8vokq6/s278ZES9GxE8Ll/L90mKjtjTG+x4AmGTP7Zv//1PozP8AwDlXfFwsjLMdAMDoFMfdAABg5Mz/ADB5zP8AMHnM/wAwecz/ADB5zP8AMFG+9+672dbe6T7/eumDzY2Vxgc3lqrNlVJ9Y7G02FhfKy03Gsv5M3vqx31frdFYm389Nj4st6rNVrm5uXWn3thYbd3Jn+t9pzo9kl4BAEd58ZWHf0kiYvutS/kWfc/7P3aufvmsWwecpXTcDQDGZmrcDQDG5uBqX8CkkI+HyfX/drsdfWv3RsSD3VLfw0AH/hehj4YKk1o3FJ4+1774BPl/4Jkm/w+T62T5f/fycB7I/8PkarcTa/4DwISR4weSY+r7f/+fa/ftDPf7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxLM/mWpKXuWuAzkaalUsTzEXElppO792rVuYh4ISL+XJguZPvzEWHdIAB4lqV/T7rrf12bfW1mf+3Fwn8L+WtE/Ojn7/3sw4VWa30+4mLyr93jrY+6xyvjaD8AcJzePN2bx3s+fXR/sbeNsj2fvN1ZXDSLu9PdOjUX4kL+WsxzDZf/nXT3O7L7lalTiL/9ICK+cFj/kzw3cqW78un++Fns50caP90TP83rOq/Zv8XnT6EtMGkeZuPP7cOuvzSu5q+HX//FfIR6cr3xb+fA+Jfujn9TA8a/q8PGeP0P3zlwsD3bqXsQ8aULETu9L+8bf3rxkwHxXxsy/l9f/sqrg+rav4i4Fof1P9kTq9yqr5Wbm1s37tUXlqvL1dVK5db8rbk3b75RKec56nIvU33QP966/sKg+Fn/Lw+IXzym/18fsv+//N/7P/jqEfG/+bXDz/9LR8TP5sRvDBl/4fJvi4PqsvhLA/p/3Pm/PmT8j/+2tTTkWwGAEWhubq0s1GrV9ScvFI98T3oaIYYoJBHbZxzicaHwq5+8c/ybCyNrzwkLMahq6mlp4bkpFJ6OZgxRGPfIBJy1xxf9uFsCAAAAAAAAAAAAAAAMMoo/Jxp3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi/PgsAAP//0JTXgA==")
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0)

1m6.440432019s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x20080, &(0x7f0000000340)=ANY=[@ANYBLOB='nodiscard,background_gc=sync,acl,alloc_mode=reuse,inline_xattr,resgid=', @ANYRESHEX=0x0, @ANYBLOB="2c6261636b67726f756e645f67633d6f6c2c6e6f757365725f78617474722c6e6f666c7573683f7365725f78617474722c6673796e635f6d6f64653d737472696374320b2c6e6f6261d23c64ef722c6a71666d743d7666736f6c642c6e6f696e6c696e655f64656e7472792c004e3d8757355017e4a537b6869513ea6bf269755c12b67cafe78eca5e8e4b3a9a96"], 0x1, 0x5513, &(0x7f00000079c0)="$eJzs3EtvG9UXAPDjpOn733+EWLDrSBVSItVWnT4EKwq04iFSRQUWrMCxHcut7YlixwlZsWCJWPBNEEisWPIZWLBmh1iA2CEVee4EGh4SUhycNr+fND5zr6/PnGtVlc5M5ABOrMXsl58qcSnORcR8RFyMKM4r5VG4ncJzEXE5IuYeOyrl/O8TpyPifERcmiRPOSvlW59dHV+5+eObP3/97ZlTFz7/6rvZ7RqYtecjor+Zznf6KeadFB+U841xt4j9G+Mypjf6D8txnuJOe73IsNPYX9co4vVOWp9vbg8ncaPXaE5ip7tRzG8O0gWH485+nuIDDxpbxbjVXi9id5gXsbOX6trdS/+37Q1HKU+rzPdhkT5Go/2Y5tu77bSfzYdFbA5G5XzKm7fau5M4LmN5uWjmvVZRx/phvunj7a3uYHs3G7e3ht18kN2s1V+o1W9V61t5qz1q36g2+q1bN7KlTm+yrDpqN/q3O3ne6bVrzby/nC11ms1qvZ4t3WmvdxuDrF6vXa9dq95cLs+uZq/dezfrtbKlSXylO9gedXvDbCPfytInlrOV2vUXl7Mr9ezt1bVs7f7du6tr77x/5717L6++8Wq56C9lZUsr11ZWqvVr1ZX68rHe/0tT3f/HZdFT3D8cSmXWBQA8efT/wCwcXf+/dT/i6Pv/0P9Phf7/ZO8fDkX/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwYn2/8MXrxcliGl8o5/9XTj1TjisRMRcRj/7GfJw+kHO+zLPwD+sX/lTDN5UoMkyucaY8zkfE7fL49f9H/S0AAADA0+vLjy5/mrr19LI464L4L6WbNnMXP5hSvkpELCz+MKVsc5OXZ6eUrPj3fSp2p5StuIF1dkrJ0i23U9PJ9Wj+Xy2bPxDOPhYqKcxNpxwAAOA4OdgJTKkLAQAA4Bj6ZNYFMBuV2H+Uuf8suPjL+z8eCJ47MAIAAACeQJVZFwAAAAAcuaL/9/t/AAAA8HRLv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs7d5KgNw3EA/ScQWvqhoqr79ijdwTF6hC67rDhAL8EBuqBX6AU4A7ObI4xghBMEmWExUhwiRu9JwcQyP2wEC9vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ke7ar349/vrn645u303eUYDAAAAXLKt1ov0ZFbfv49vqfzYVH1u2hURUUbEpbn7KCatzFHKiahO7f+et6+e9OF/REo4vMeb5noXEd+b6+FT/58DAAAAvFab5Wpez9brh9nQHeKa6kWb8sOPTHlFRFSz+0xp5SHvS6aw9P0ex69MaWkB622msLRUFuNcaS+Sfu4xiel5ZRpQURflxZeNW00BAIAbM2oV152FAAAAcE0/h+4AwyjiuJV53AtO/7w/be9NW3cAAADADSqG7gAAAADQuzT/f37+Xy3z+X975/8BAADAMOrz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjTtlovNsvVvGvObt9NntEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/vzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NzPaxxVHADwNzM7W1sV1yh7iIiCB73Y7ba29iYelODBP0EI6bbGbv3R5mBLEXPxJjn3InoUEZR46//QcwK5xFsOe4jgWZnZmezkB7hGnNkknw+8ed8dhnnfNwsh33kvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6dxIn2aEzjuPi3Mbuw6Ws3zzQZx6vbc1nLYujOpM+GV6ufoi6od1cKgAAAJwVSVnfhxC20/WFrI87ef2fltdkNf/3z47jsp4/WPeXfVn7Z+23X3de3BuoMx4nu+nN5eHg0uFUWv/fLGfbc/94RSt/8vm7lyT/QuIPVl8YpfnzjL598uS9dh6eqyNbAOA4LpZ9EZS/D2V9v8nEADgzWpXCu6z/k06zOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYbQani7jKIQw35rEmc3dh0tH9Y/XtubLdu3Ro7Xw9eSe2S3SEMLN5eHgUq2zmW337j+4vTgcDu7WH7wSQmhq9HeK6d/+aIqLQzj2WElzj1dQBnHxZc9KPicjaPCHEgAAp1JatKyu307XF7Jz0VwIf/2wv/5/vRKHKev/nY+vbVTHqtb//dpmOPt6K3c+7927/+DN5TuLtwa3Bp++dbn/dv/K9atXr/fydyU9b0wAAAD4b9pFq9b/8dzh9f8LlThMWf9/8V3/q+pYifr/SJNFv6YzAQAAONuef/XPP6IjzkftdvhycWXlbn983Pt8eXxsINV/7VzRqvV/Mtd0VgAAAEAdRqvRvvX/G5U4TLn+/8yPL/1cvWcSQjhfrP9fXPpseKO+6cy0Ov6cuOk5AgAA0KzzRauu/6f5/v94b8tDHEJ447VxXPwbwKnq/+T9b36qjlXd/3+lvinOpLg7fh553w2h1W06IwAAAE6zp4qWFfu/p+sLn/xy4cO2/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//0WEP2o=")
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950"], 0x15)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9d})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fchown(r5, 0x0, 0xee01)
mlockall(0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
socket$inet_udp(0x2, 0x2, 0x0)

59.254584599s ago: executing program 3:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x18, &(0x7f0000000240)=ANY=[], 0x8)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x400145042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r1, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r1, &(0x7f0000001280)={&(0x7f0000001180), 0xc, 0x0}, 0x20000090)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="120100005ab05740450c088085e10000000109021200b8dc0000000904"], 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB="4016e6"], 0x0, 0x0, 0x0, 0x0})
socket$inet_udplite(0x2, 0x2, 0x88)

58.880684129s ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'veth0_to_batadv\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x54}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
utimes(0x0, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x109042, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x230)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x58)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000380)='./file0\x00', 0x804, &(0x7f0000000480)={[{@shortname_win95}, {@shortname_lower}, {@utf8}, {@utf8no}, {}, {@rodir}, {@fat=@check_strict}, {@shortname_win95}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffe28}}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@fat=@tz_utc}]}, 0x1, 0x276, &(0x7f0000000a40)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
r4 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000000)={0x5}, 0x10)
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000800090002000000", 0x24)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x24, &(0x7f0000001700)=ANY=[@ANYBLOB="18000000e1270000000000000200000098110000e60a83", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001842000008000000000000000000000085200000020000004f550c00f0ffffff18120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001869000001000000000000007f00000018400000020000000000000000000000180100002020702500000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000b90100008500000006000000bf91000000000000b7020000010000008500000085000007cba22217d848fb009500000000000000", @ANYRESHEX, @ANYRES16, @ANYRESOCT], &(0x7f0000000380)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0xf, 0x6, 0x1}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000740)=[0xffffffffffffffff], &(0x7f0000000780)=[{0x4, 0x2, 0x9, 0x9}, {0x3, 0x4, 0x6, 0x9}, {0x2, 0x5, 0x5, 0x2}, {0x5, 0x3, 0xc, 0xc}], 0x10, 0x1}, 0x90)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000500)={<r6=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f0000001480)={r6, 0xa, &(0x7f0000000540)=[0x3f, 0x1, 0x0, 0xffffffff, 0x3, 0x8, 0x4, 0x10001, 0x4, 0xffffffff], &(0x7f0000000580)=[0x1, 0x6, 0x3, 0x3], 0x40, 0x7, 0x7, &(0x7f0000000600)=[0xc9, 0x8, 0x7fffffff, 0x0, 0x4, 0x40, 0x20], &(0x7f0000000640)=[0x4, 0x6, 0xeeb8]})
ioctl$DRM_IOCTL_UNLOCK(0xffffffffffffffff, 0x4008642b, &(0x7f00000006c0)={r6, 0x1d})
sendmsg$unix(r4, &(0x7f0000000300)={&(0x7f0000000100)=@file={0x1, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000600)="17e5e1ac64c51de3cf487bd178e45c8e91436b761fbb7a50db1a2c4f67befa81fe6f9876d617daf2a6d2e87d2ee07898b29989ae588ec57eb006cebec280405e1f421c2d278fdddaab5e8488128414d86fb1e041ba067e7450252564de68edd3beb67d24a978151474345a52b4a237217574d4da56e56fe8f436275ef7678e4a508d2a822ebb04161334a4c4c58a7867c0c3fc8c9c3c16309a257d00051ba61a41bb989eb5cb049799bdce5820e429084469572eaa21ad2c07ed00ee904bc090", 0xc0}], 0x1, 0x0, 0x0, 0x80}, 0x40000c1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f00000001c0)={[{@noinit_itable}, {@auto_da_alloc}, {@user_xattr}, {@orlov}, {@minixdf}, {@abort}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x1, 0x637, &(0x7f0000000780)="$eJzs3c9rVNceAPDvnUx+mLz3EuXx3vMtaqAUhdbERC1SCtW9iP2xazepiWKNRkxKGxGMYDeF7roQuuqi9s+o4NZ/oItC6aoUpLQuapE65d7MnVwnMzG/ZiZOPh+45px7M/ecG/PNOffMOXcC2LVGI2IsIvZHxNUkYrhwrJz9W8q+Kf2+R7/dOJduSVQq7/6axI2byVLxXEn161D1xX8NL+/a17O63PnF65emZmdnrlXz4wuXr47PL14/fPHy1IWZCzNXJl+fPHH82PETE0e2dH17C+nTtz/6ZPjzM+9/89WTZOLbH84kcTK9ukx6XfWv7d9SyenPbDQqyx4X96c/1xNbPPdO8cdw/nuyIqnfwY6WxkBvRPw3hqOn8L85HJ+93dGKAS1VSSJvo4BdJ9lU/A9sf0WANsv7Afm9faP74AYa3NEDL5qHp5YHpJZjvzci8vgvZ2N+EQPZ2MDgo+SZcZ4kIrY2MrcsLePB/TO30y2ajMMBrbF0Kx/lrm//kyw2R2Igyw0+Kj0T/6XClu5/ZyOF9q0kR+sOiX9on6VbEfG/avvfFxuJ/3IU4v/DTZYv/gEAAAAAAGD73DsVEa81mv9Xqs3/6Wsw/2coIk5uQ/nPf/+vlC/RS7ahOKDg4amINxvO/83DLkZ6qrl/ZvMBepPzF2dnjkTEvyLiUPT2p/mJuvOWCunDX+y706z84vy/dEvLf3C/OL249Eu5biHu9NTClL8GsHUPb0X8P5v/e6C659n5P2n7nzRo/9P4vrrOMva9cvdsMV+pVG7m6cbxvzwXGGitytcRBxu2/ysNbLL28znGs/7AeN4rWO2lJ4WFRnXEP3RO2v4PNo//Ws+79rye+Y2dvy8iji6Wm4X/OuK/cf+/L3mvJwpLCT6dWli4NhHRl5xevX9yY3WGbpXHQx4vafwfennt8b9a/78Qh3siYmmdZf7n6dBPzY5p/6Fz0vifXrv/P5JU2//I2v9aR2Ddicm7I99lZ2rwXLiz62r/j2Vt+qHqnmz8D6gqrdqz3gDtSHUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AVXioh/RFIaq6VLpbGxiKGI+HcMlmbn5hdePT/38ZXp9Fj2+f+l/JN+h5fzSf75/yOF/GRd/mhE7I2IL3v2ZPmxc3Oz052+eAAAAAAAAAAAAAAAAAAAANghhrI1/5X++vX/qZ97Ol07oOXK1a/PifeBdtQFaK/ypl9Z6d/WigBtt/n4B15064//3pbWA2i/5vH/+Eklk+eTpHj09xbXC2g9/X/YvTYZ/94ehC7QIP5HO1EPoN3WHNO7U0t59x+6kvt/AAAAAADoKnsP3Ps+iYilN/ZkW6qvesxkf+hupU5XAOgYc3hh9yrPdboGQKe4xwdW1vX/WWl0vPns/6Q1FQIAAAAAAAAAAAAAVjm43/p/2K3WXv9vbj90szXW/zcKfo8LgC7S/KM/tP3Q7dzjA89r7bd7/b/nDgIAAAAAAAAAAADAJgxcvzQ1OztzbX5xi4mI+LGSRGz1PE0SHzQ49FaLymppYmlqR1RjWxNPW3Pm3ojYGRfY7kT+CI4OVqPDf5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICavwMAAP//G/YpJw==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)

13.834315648s ago: executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f0000000ac0), 0x200, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0})
listen(r7, 0x0)
io_uring_enter(r4, 0x92, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f0000000300)="8b", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @private1}, 0x1c)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

13.556282941s ago: executing program 0:
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000140)='mounts\x00')
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)

12.733074846s ago: executing program 0:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x18, &(0x7f0000000240)=ANY=[], 0x8)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r1, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x20000090)
socketpair(0x0, 0x0, 0x28, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000001100)={&(0x7f0000000000)=@nfc_llcp, 0x80, &(0x7f00000010c0)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1}, 0x40010141)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="120100005ab05740450c088085e10000000109021200b8dc0000000904"], 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB="4016e6"], 0x0, 0x0, 0x0, 0x0})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001200)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000001440), &(0x7f0000001480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, &(0x7f0000001400)=[{}], 0x8, 0x0, 0x0, &(0x7f0000001240), 0x8, 0x48, 0x8, 0x8, &(0x7f0000001580)}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r5 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
fadvise64(r5, 0x0, 0x0, 0x2)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="54010000100013070000000000000000fe880000000000000000000000000001ac1414bb0000000016000000000000d9901eca0e2ad12b000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400210000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040002"], 0x154}}, 0x0)

10.258555012s ago: executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000300)="0036d551863e1902129da79f5986e05288f50e5398660c1a2929ae9720c0c35f0a411c8d34197b357b32b161f9ad72d55a0eab976aae24ed8052710e53cdb43f0ce2fea5e764b4444ac7cab3732298530cbe4dc2494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0cc7c4aaff000000f14893a91d750e070050685e0f4f07672c8e79be174ef9355b70719c712c5d15d2e7505a8696b5", 0xc6}, {&(0x7f0000000180)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20d7f7f7343067fd40cdd4b16742e94b62f4eb1c5d9f56ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1b40955e9a59cf0e5e8ac68", 0xb1}, {&(0x7f0000000440)="fff5c0293353", 0x6}], 0x3}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
syz_read_part_table(0x1051, &(0x7f0000001080)="$eJzsz7GNAjEQBdDv25OsDU665qhnl0JogJCcoghIMZolgQaA4L3I8z1flsNHzb9Jzodk9DFV8N/SXjeezqP3tJZcl9PfFvxkjJG+NdbMNZVtqYbLWB7NW6VJWttPa93VY9Pu+LaPAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXuwcAAP//A5cdyQ==")
sendto$inet(r0, &(0x7f00000012c0)='\t', 0x1, 0x0, 0x0, 0x0)

10.066746376s ago: executing program 5:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x7b, 0x0, &(0x7f0000003a80))
mknod(0x0, 0x1000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = eventfd(0x0)
gettid()
readv(r1, &(0x7f0000000340)=[{&(0x7f0000006a40)=""/158, 0x9e}], 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x18, 0x39, 0x107, 0x0, 0x0, {0x4}, [@nested={0x4}]}, 0x18}}, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r4, &(0x7f00000003c0)=ANY=[@ANYRESOCT], 0x82)
close(r4)
execve(0x0, 0x0, 0x0)
rename(0x0, &(0x7f0000000240)='./file0\x00')
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r5, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x2, 0x0, 0x0, 0x0)
mknod(0x0, 0x8001420, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0xac030400)
r6 = syz_pidfd_open(0x0, 0x0)
setns(r6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

9.712971928s ago: executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$tipc(0x1e, 0x7, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x400, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCODING_SA={0x5, 0x6, 0x6}]}}}]}, 0x3c}}, 0x0)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1, 0x0, 0x0)
r3 = socket(0x1, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r4 = memfd_secret(0x0)
ftruncate(r4, 0x4)
sendmsg$nl_route(r1, &(0x7f0000001280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f00000012c0)=@ipv4_getroute={0x1c, 0x1a, 0x200, 0x70bd2c, 0x25dfdbfb, {0x2, 0x10, 0x0, 0x81, 0xfd, 0x0, 0xfd, 0x1, 0xd00}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000014}, 0x20048880)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x9, 0x13, r4, 0x0)
set_mempolicy(0x3, &(0x7f0000000040)=0xfffffffffffffffb, 0x5)
mbind(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x0, 0x0, 0x0, 0x3)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000080)=""/77, 0x4d}], 0x1, 0xa3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

9.328130916s ago: executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)

9.272278212s ago: executing program 4:
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x51d, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJpu1d5s2W+gBUKFLKSxotXbibVdVL2xPFUKVED1y2IbEG61ix1HslCbsIXvkjkQlTnDijAQSB6Q9cUfiADcu5YBUYAVqkJBwNWM76/xxYmUTezf+/aSR38yz/b23o3lv9HkzL4CJdTUitiPiYkS8HxGz3eNJd4vbnS1736eP7i/uPLq/mES7/d4/k7w+OxZ9n8k81/3OYkR8/52IHyb7gv4porm5tbJQq1XXu4fKrfpaubm5deNefWG5ulxdrVRuzd+ae/PmG5VT6+sr9V9/cikifv+7L3/8x+1v/Thr1ky3rr8fp6nT9endOJkLEfHdswg2BlPd/lw8yYdP9CFOUxoRn4uIV/Prfzam8rO5197T9O0Rtg4AOAvt9my0Z/v3AYDzLs1zYEla6uYCZiJNS6VODu+luJzWGs3W9buNjdWlTq7sSkynd+/VqnPdXOHD39x+O7tvmM/r8vokq6/s278ZES9GxE8Ll/L90mKjtjTG+x4AmGTP7Zv//1PozP8AwDlXfFwsjLMdAMDoFMfdAABg5Mz/ADB5zP8AMHnM/wAwecz/ADB5zP8AMFG+9+672dbe6T7/eumDzY2Vxgc3lqrNlVJ9Y7G02FhfKy03Gsv5M3vqx31frdFYm389Nj4st6rNVrm5uXWn3thYbd3Jn+t9pzo9kl4BAEd58ZWHf0kiYvutS/kWfc/7P3aufvmsWwecpXTcDQDGZmrcDQDG5uBqX8CkkI+HyfX/drsdfWv3RsSD3VLfw0AH/hehj4YKk1o3FJ4+1774BPl/4Jkm/w+T62T5f/fycB7I/8PkarcTa/4DwISR4weSY+r7f/+fa/ftDPf7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxLM/mWpKXuWuAzkaalUsTzEXElppO792rVuYh4ISL+XJguZPvzEWHdIAB4lqV/T7rrf12bfW1mf+3Fwn8L+WtE/Ojn7/3sw4VWa30+4mLyr93jrY+6xyvjaD8AcJzePN2bx3s+fXR/sbeNsj2fvN1ZXDSLu9PdOjUX4kL+WsxzDZf/nXT3O7L7lalTiL/9ICK+cFj/kzw3cqW78un++Fns50caP90TP83rOq/Zv8XnT6EtMGkeZuPP7cOuvzSu5q+HX//FfIR6cr3xb+fA+Jfujn9TA8a/q8PGeP0P3zlwsD3bqXsQ8aULETu9L+8bf3rxkwHxXxsy/l9f/sqrg+rav4i4Fof1P9kTq9yqr5Wbm1s37tUXlqvL1dVK5db8rbk3b75RKec56nIvU33QP966/sKg+Fn/Lw+IXzym/18fsv+//N/7P/jqEfG/+bXDz/9LR8TP5sRvDBl/4fJvi4PqsvhLA/p/3Pm/PmT8j/+2tTTkWwGAEWhubq0s1GrV9ScvFI98T3oaIYYoJBHbZxzicaHwq5+8c/ybCyNrzwkLMahq6mlp4bkpFJ6OZgxRGPfIBJy1xxf9uFsCAAAAAAAAAAAAAAAMMoo/Jxp3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi/PgsAAP//0JTXgA==")
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0)

8.962355131s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x20080, &(0x7f0000000340)=ANY=[@ANYBLOB='nodiscard,background_gc=sync,acl,alloc_mode=reuse,inline_xattr,resgid=', @ANYRESHEX=0x0, @ANYBLOB="2c6261636b67726f756e645f67633d6f6c2c6e6f757365725f78617474722c6e6f666c7573683f7365725f78617474722c6673796e635f6d6f64653d737472696374320b2c6e6f6261d23c64ef722c6a71666d743d7666736f6c642c6e6f696e6c696e655f64656e7472792c004e3d8757355017e4a537b6869513ea6bf269755c12b67cafe78eca5e8e4b3a9a96"], 0x1, 0x5513, &(0x7f00000079c0)="$eJzs3EtvG9UXAPDjpOn733+EWLDrSBVSItVWnT4EKwq04iFSRQUWrMCxHcut7YlixwlZsWCJWPBNEEisWPIZWLBmh1iA2CEVee4EGh4SUhycNr+fND5zr6/PnGtVlc5M5ABOrMXsl58qcSnORcR8RFyMKM4r5VG4ncJzEXE5IuYeOyrl/O8TpyPifERcmiRPOSvlW59dHV+5+eObP3/97ZlTFz7/6rvZ7RqYtecjor+Zznf6KeadFB+U841xt4j9G+Mypjf6D8txnuJOe73IsNPYX9co4vVOWp9vbg8ncaPXaE5ip7tRzG8O0gWH485+nuIDDxpbxbjVXi9id5gXsbOX6trdS/+37Q1HKU+rzPdhkT5Go/2Y5tu77bSfzYdFbA5G5XzKm7fau5M4LmN5uWjmvVZRx/phvunj7a3uYHs3G7e3ht18kN2s1V+o1W9V61t5qz1q36g2+q1bN7KlTm+yrDpqN/q3O3ne6bVrzby/nC11ms1qvZ4t3WmvdxuDrF6vXa9dq95cLs+uZq/dezfrtbKlSXylO9gedXvDbCPfytInlrOV2vUXl7Mr9ezt1bVs7f7du6tr77x/5717L6++8Wq56C9lZUsr11ZWqvVr1ZX68rHe/0tT3f/HZdFT3D8cSmXWBQA8efT/wCwcXf+/dT/i6Pv/0P9Phf7/ZO8fDkX/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwYn2/8MXrxcliGl8o5/9XTj1TjisRMRcRj/7GfJw+kHO+zLPwD+sX/lTDN5UoMkyucaY8zkfE7fL49f9H/S0AAADA0+vLjy5/mrr19LI464L4L6WbNnMXP5hSvkpELCz+MKVsc5OXZ6eUrPj3fSp2p5StuIF1dkrJ0i23U9PJ9Wj+Xy2bPxDOPhYqKcxNpxwAAOA4OdgJTKkLAQAA4Bj6ZNYFMBuV2H+Uuf8suPjL+z8eCJ47MAIAAACeQJVZFwAAAAAcuaL/9/t/AAAA8HRLv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs7d5KgNw3EA/ScQWvqhoqr79ijdwTF6hC67rDhAL8EBuqBX6AU4A7ObI4xghBMEmWExUhwiRu9JwcQyP2wEC9vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ke7ar349/vrn645u303eUYDAAAAXLKt1ov0ZFbfv49vqfzYVH1u2hURUUbEpbn7KCatzFHKiahO7f+et6+e9OF/REo4vMeb5noXEd+b6+FT/58DAAAAvFab5Wpez9brh9nQHeKa6kWb8sOPTHlFRFSz+0xp5SHvS6aw9P0ex69MaWkB622msLRUFuNcaS+Sfu4xiel5ZRpQURflxZeNW00BAIAbM2oV152FAAAAcE0/h+4AwyjiuJV53AtO/7w/be9NW3cAAADADSqG7gAAAADQuzT/f37+Xy3z+X975/8BAADAMOrz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjTtlovNsvVvGvObt9NntEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/vzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NzPaxxVHADwNzM7W1sV1yh7iIiCB73Y7ba29iYelODBP0EI6bbGbv3R5mBLEXPxJjn3InoUEZR46//QcwK5xFsOe4jgWZnZmezkB7hGnNkknw+8ed8dhnnfNwsh33kvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6dxIn2aEzjuPi3Mbuw6Ws3zzQZx6vbc1nLYujOpM+GV6ufoi6od1cKgAAAJwVSVnfhxC20/WFrI87ef2fltdkNf/3z47jsp4/WPeXfVn7Z+23X3de3BuoMx4nu+nN5eHg0uFUWv/fLGfbc/94RSt/8vm7lyT/QuIPVl8YpfnzjL598uS9dh6eqyNbAOA4LpZ9EZS/D2V9v8nEADgzWpXCu6z/k06zOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYbQani7jKIQw35rEmc3dh0tH9Y/XtubLdu3Ro7Xw9eSe2S3SEMLN5eHgUq2zmW337j+4vTgcDu7WH7wSQmhq9HeK6d/+aIqLQzj2WElzj1dQBnHxZc9KPicjaPCHEgAAp1JatKyu307XF7Jz0VwIf/2wv/5/vRKHKev/nY+vbVTHqtb//dpmOPt6K3c+7927/+DN5TuLtwa3Bp++dbn/dv/K9atXr/fydyU9b0wAAAD4b9pFq9b/8dzh9f8LlThMWf9/8V3/q+pYifr/SJNFv6YzAQAAONuef/XPP6IjzkftdvhycWXlbn983Pt8eXxsINV/7VzRqvV/Mtd0VgAAAEAdRqvRvvX/G5U4TLn+/8yPL/1cvWcSQjhfrP9fXPpseKO+6cy0Ov6cuOk5AgAA0KzzRauu/6f5/v94b8tDHEJ447VxXPwbwKnq/+T9b36qjlXd/3+lvinOpLg7fh553w2h1W06IwAAAE6zp4qWFfu/p+sLn/xy4cO2/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//0WEP2o=")
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950"], 0x15)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9d})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fchown(r5, 0x0, 0xee01)
mlockall(0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
socket$inet_udp(0x2, 0x2, 0x0)

8.354760866s ago: executing program 4:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000006c0)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="1f0002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000540)={0x1c, 0x0, 0x0, 0x0})

8.210395871s ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'veth0_to_batadv\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x54}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
utimes(0x0, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x109042, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x230)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x58)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000380)='./file0\x00', 0x804, &(0x7f0000000480)={[{@shortname_win95}, {@shortname_lower}, {@utf8}, {@utf8no}, {}, {@rodir}, {@fat=@check_strict}, {@shortname_win95}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffe28}}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@fat=@tz_utc}]}, 0x1, 0x276, &(0x7f0000000a40)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
r4 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000000)={0x5}, 0x10)
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000800090002000000", 0x24)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x24, &(0x7f0000001700)=ANY=[@ANYBLOB="18000000e1270000000000000200000098110000e60a83", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001842000008000000000000000000000085200000020000004f550c00f0ffffff18120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001869000001000000000000007f00000018400000020000000000000000000000180100002020702500000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000b90100008500000006000000bf91000000000000b7020000010000008500000085000007cba22217d848fb009500000000000000", @ANYRESHEX, @ANYRES16, @ANYRESOCT], &(0x7f0000000380)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0xf, 0x6, 0x1}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000740)=[0xffffffffffffffff], &(0x7f0000000780)=[{0x4, 0x2, 0x9, 0x9}, {0x3, 0x4, 0x6, 0x9}, {0x2, 0x5, 0x5, 0x2}, {0x5, 0x3, 0xc, 0xc}], 0x10, 0x1}, 0x90)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000500)={<r6=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f0000001480)={r6, 0xa, &(0x7f0000000540)=[0x3f, 0x1, 0x0, 0xffffffff, 0x3, 0x8, 0x4, 0x10001, 0x4, 0xffffffff], &(0x7f0000000580)=[0x1, 0x6, 0x3, 0x3], 0x40, 0x7, 0x7, &(0x7f0000000600)=[0xc9, 0x8, 0x7fffffff, 0x0, 0x4, 0x40, 0x20], &(0x7f0000000640)=[0x4, 0x6, 0xeeb8]})
ioctl$DRM_IOCTL_UNLOCK(0xffffffffffffffff, 0x4008642b, &(0x7f00000006c0)={r6, 0x1d})
sendmsg$unix(r4, &(0x7f0000000300)={&(0x7f0000000100)=@file={0x1, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000600)="17e5e1ac64c51de3cf487bd178e45c8e91436b761fbb7a50db1a2c4f67befa81fe6f9876d617daf2a6d2e87d2ee07898b29989ae588ec57eb006cebec280405e1f421c2d278fdddaab5e8488128414d86fb1e041ba067e7450252564de68edd3beb67d24a978151474345a52b4a237217574d4da56e56fe8f436275ef7678e4a508d2a822ebb04161334a4c4c58a7867c0c3fc8c9c3c16309a257d00051ba61a41bb989eb5cb049799bdce5820e429084469572eaa21ad2c07ed00ee904bc090", 0xc0}], 0x1, 0x0, 0x0, 0x80}, 0x40000c1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f00000001c0)={[{@noinit_itable}, {@auto_da_alloc}, {@user_xattr}, {@orlov}, {@minixdf}, {@abort}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x1, 0x637, &(0x7f0000000780)="$eJzs3c9rVNceAPDvnUx+mLz3EuXx3vMtaqAUhdbERC1SCtW9iP2xazepiWKNRkxKGxGMYDeF7roQuuqi9s+o4NZ/oItC6aoUpLQuapE65d7MnVwnMzG/ZiZOPh+45px7M/ecG/PNOffMOXcC2LVGI2IsIvZHxNUkYrhwrJz9W8q+Kf2+R7/dOJduSVQq7/6axI2byVLxXEn161D1xX8NL+/a17O63PnF65emZmdnrlXz4wuXr47PL14/fPHy1IWZCzNXJl+fPHH82PETE0e2dH17C+nTtz/6ZPjzM+9/89WTZOLbH84kcTK9ukx6XfWv7d9SyenPbDQqyx4X96c/1xNbPPdO8cdw/nuyIqnfwY6WxkBvRPw3hqOn8L85HJ+93dGKAS1VSSJvo4BdJ9lU/A9sf0WANsv7Afm9faP74AYa3NEDL5qHp5YHpJZjvzci8vgvZ2N+EQPZ2MDgo+SZcZ4kIrY2MrcsLePB/TO30y2ajMMBrbF0Kx/lrm//kyw2R2Igyw0+Kj0T/6XClu5/ZyOF9q0kR+sOiX9on6VbEfG/avvfFxuJ/3IU4v/DTZYv/gEAAAAAAGD73DsVEa81mv9Xqs3/6Wsw/2coIk5uQ/nPf/+vlC/RS7ahOKDg4amINxvO/83DLkZ6qrl/ZvMBepPzF2dnjkTEvyLiUPT2p/mJuvOWCunDX+y706z84vy/dEvLf3C/OL249Eu5biHu9NTClL8GsHUPb0X8P5v/e6C659n5P2n7nzRo/9P4vrrOMva9cvdsMV+pVG7m6cbxvzwXGGitytcRBxu2/ysNbLL28znGs/7AeN4rWO2lJ4WFRnXEP3RO2v4PNo//Ws+79rye+Y2dvy8iji6Wm4X/OuK/cf+/L3mvJwpLCT6dWli4NhHRl5xevX9yY3WGbpXHQx4vafwfennt8b9a/78Qh3siYmmdZf7n6dBPzY5p/6Fz0vifXrv/P5JU2//I2v9aR2Ddicm7I99lZ2rwXLiz62r/j2Vt+qHqnmz8D6gqrdqz3gDtSHUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AVXioh/RFIaq6VLpbGxiKGI+HcMlmbn5hdePT/38ZXp9Fj2+f+l/JN+h5fzSf75/yOF/GRd/mhE7I2IL3v2ZPmxc3Oz052+eAAAAAAAAAAAAAAAAAAAANghhrI1/5X++vX/qZ97Ol07oOXK1a/PifeBdtQFaK/ypl9Z6d/WigBtt/n4B15064//3pbWA2i/5vH/+Eklk+eTpHj09xbXC2g9/X/YvTYZ/94ehC7QIP5HO1EPoN3WHNO7U0t59x+6kvt/AAAAAADoKnsP3Ps+iYilN/ZkW6qvesxkf+hupU5XAOgYc3hh9yrPdboGQKe4xwdW1vX/WWl0vPns/6Q1FQIAAAAAAAAAAAAAVjm43/p/2K3WXv9vbj90szXW/zcKfo8LgC7S/KM/tP3Q7dzjA89r7bd7/b/nDgIAAAAAAAAAAADAJgxcvzQ1OztzbX5xi4mI+LGSRGz1PE0SHzQ49FaLymppYmlqR1RjWxNPW3Pm3ojYGRfY7kT+CI4OVqPDf5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICavwMAAP//G/YpJw==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)

8.134244411s ago: executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x9b4ca0a4, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b07d25a806c8c6f94f90624fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x21, 0x1, 0x0, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x2, 0x0, 0x0, @ipv6=@dev}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00'}})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x125, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r6=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x8, &(0x7f0000000080)=0xffff7b6e, 0x53)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x14c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "ddd060ce18a55e81e500f4c800655b9f39771fbac2eed77acba78a548820c4b11b739556fa96247659a4671414c56cac128a4fb9b45f967bb56f8a3383f7fcd57a110f0a9ab278e6e91a9a2bd582cd9c3fdaa805ec7bf705feaf3774d15a161315f2d92ab02ea7bb284583645ac81c1ba9e3f2b4d4271a09f4dc02c150a0d708b9caac85ed515c9345a5485336937d391fbd698425458ca61726e03ff8251eed7a175e27ac644ea79b4da615684abf08d6ff10148c9739a160dd299e4349203611ef8473798dcd2afd756d3e407aed0f79777b61d16ffbccabd721a1c863e6dc2f7a3a9dd097f54fe3b09d8de369bdef6500"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0xff}}]}}]}, 0x14c}}, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)=""/28, &(0x7f0000000240)=0x1c)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$packet(r0, &(0x7f0000000180)="10031400e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)

8.098752413s ago: executing program 5:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x160a43, 0xb)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffb}]})
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f00000004c0)='./file0\x00', 0x4400, &(0x7f0000000340)=ANY=[], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==")
lchown(&(0x7f0000000140)='./file1\x00', 0xee00, 0x0)
r2 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x79dfcc23700509f, &(0x7f0000000240)=ANY=[], 0x0, 0xa79, &(0x7f0000004280)="$eJzs3c1vHGcZAPBn1h+x3apN29CWqG0mqdK6bXDWNk0U9UATe524+APZjtRIoKZqHBTFoqgBqY2QmkqIExUVQkiAhFCPnCqVA72gnIAjJw5I0L8AVHFKETBoZnftXWc/Emdtp+X3i9Y7H8877/POzM4br3fnDT7LsiwrHlucP/vrnUyWu8+p6Y/f/+Dd/PHOtRiMvuiL30YMRUQa0f+f4lwZmJpeWpzvsqHLEecj4npEEhF7ovrcxnDT3PlIfhT3bsxfj+QX8WiLYkO32Ti6yvi/ttvnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3JWmpsvl8STmZhfOvpy2VwwB3mF9fXMfFaN+Jx91qzaJSPJHDA3Vh/p+dN/G6ofzH4fisercY9WRv4fi6j0P733hof5SvXyHhHbElbeuXn51bW31jdr8njQd6Fpoz7andfsGt1bsdGVhdnlxdv7k6Uo6u7yYnjh2rHz0zMxyOjMbleVzyyuV+XRqqXJyZXEpHZ16Jh0/cWIyrYydWzy7cHp6bK5SX3j8SxPl8rH0pbGvVU4uLS8uHH1pbHnqzOzc3OzC6SImX53HHM9PxK/OrqQrlZPzaXrx0trqZLck86DxlmuS5qCJbluaKE9MjI9PDMex5088f7xc7q8tmBivLyhvEjdF7P5JS6/98pYjf9Pz6zfcgVKt/4+5mI2FOBsvR9ry31RMx1IsxnyLdcnG9ur9/+GjlY71Nvb/9V7+0Y3V+6Po/5+ozj3Rrv+Pv9fiW+fc/l+Wba3c5n9X4q24Gpfj1ViLtViNN+54i2n8vnn+083r/51l2Ra2m+atPdC4D3qQ6+moxELMxnIsxmzMx8liSVpbksaJOBbHohyvxJmYieVIYyZmYy4qsRznYjlWolKcUVOxFJU0YiUWYynSGI2peCbSGI8TMRyTkUYlxuJcLMbZWIjTMR0ni61cjEvFfp/skON60PitBE10CLqpM7+z/j+7G/8nyHbr4dUb7kxW6/8H2wZk9anRqR3LCgAAAOilL/4x7tv34B/+GjEQjxfvy8/MzlXKu50WAAAA0EPFx/Uey58Gsoh4PJIWv/+Xdik5AAAAoCeS4jt2SUSMxIHqVPWbUH3hQwAAAADwOVH8/f+J/GkknzoQyfqdUM7vdm4AAABAb3S/x37XiGQoave0TC9Uny/UImr3+R2ZmZ2rjE0tzr0wHk8Vdxkovmlw09b6IpKB4usHz8bBatTBkerzSPMWh/Ko8bEXxuPZOFRryOiT+dOToy0iJ6qRT1cjn+4QOZlHAsDn3aGb++NPs9vs/5+NI9WII/v7ByOif3+LnrW80bP270ZDAYB13cfYaY54u1ausf//8sbv/wO11U39/4Nx8b/5wtUYi9fi9ViLC3Gk+LZB8YmDpnq//l7tPYP1jyGU40iXdwPqsX86XoojXd4PGGkY6OVIl3cEqrHxjYjJ7T0IALDDDrXph9v1/0VE1D84WO3/jzT8/h83//6/PrTQqq8UAsBdYX0E+55OZH2NS3a7jQBAM700AAAAAAAAAAAAAAAAAAAAAAAAAAAA9F5Pb/s/tMXif6uN61ddkvV+PILWE8O1fVBf8vZt7Y13rrx19ccR0biqlDdie3IuMu3tlks92E4WETt1vHZuIvZGbHmvRqtVgxGx7ckP96KKT2sT1ddGqdPF42zHtQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwGJBF9rZaXIvZERDkiju58Vtvn2m4nsPO+0jiT3Igb8Wbct3vpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8PtXu/1+K6vM91UXRX4o4HBHnIyLb7Rx76cZuJ9Ajw1ss13D///yYR5ZEf/WwRzIwNb20OJ8f/mLsh9LH73/w7iPNxffcaj1FYGnT4BK1GjbH/ure+tQDRamR6dUrl7/z+rfT6VNRisE4tTIzNz1/eunFjSIPJx9GpFF91OX55o/vHf7dey1a/mHe0tY21ztT7Jzpm+t9pFXpzvV2cmltdSKvaaXy8sp3v3XpzYZVD8bBiCdHI0aba/pm/mhT08EY6FRb8knyg+S++GmcL45/vjeSLMkP0f1F+4cvXlpbHXvt9bULbXLaGwci4kLEUNec1nf1geJ60lJx1pUG8lrLRVD+Y1+XNrbWOMZFdYvjbdrwQHHKjNTaMNjUhlKbOtP2bSh2eMN+L9UnkmRzRpO1jAajOaOH4qkWRzrbE9F+LzzV+Ui3lnyS/CU5E3+O7zeM/1HKj//haP/qbN5EEdlwprSNLFUji5ZPNK54ZXPkP352S9m3HKaG2/XDphdvqeH6XztWPboeZUnH61FDjZNtamz9uthU4+azotS24UWPtG9TidrVp22hap77qlFt8vxCPBfRv7/TVfGm3vq59leU5vIvtl691df/z5PR+GdcM/4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw90si+lotL0Ucjoi99fk0IruNze5pt6I0ktxuij11bf3HZ9y+4mepadk73YslN+JG9vZ2JQUAAAAAAADATjs1/fH7H7ybP4q/x/fdyLLa3/fTiP6I2Jv8ZDimlxbnu2xoIOJ8RFzPp4faBf0rq2pempeLezfmr0dk92+9SQBAF/8LAAD//+FccsU=")
name_to_handle_at(r2, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=ANY=[], 0x0, 0x0)
close(r1)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0xf, &(0x7f0000000d80)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="00b7030000000000008500000000000000001c00000000000055090100000000009500000000000000bf"], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
syz_open_procfs(0x0, &(0x7f0000000000)='attr/fscreate\x00')
close(r3)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x28, 0x7, 0x1c05211, 0x1, 0x4004, 0x0, 0x80000000}}, 0x50)

7.530644304s ago: executing program 0:
socket(0x21, 0x2, 0x10000000000002)
socket$packet(0x11, 0x3, 0x300)
socket$nl_crypto(0x10, 0x3, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0), 0x100}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8946, 0x0)

2.305212087s ago: executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r1], 0x1, 0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b14fea7a1316b81525ccf0f8b91fd2eddb851ba62b00d87337407214ea270251"}})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f00000000c0)=[<r5=>0x0], &(0x7f00000001c0), 0x1, r2})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000100)={0x0, r5, r7})

2.29285916s ago: executing program 5:
unshare(0x68040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd860602, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0xb}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0xb0, 0x2, 0x0, 0x1, {0x9, 0x1, 0x0, 0x1, [{0xc}, {0x8}, {0x1b}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x9, 0xd}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0)

2.193865574s ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000140)='mounts\x00')
syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000080)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)

2.168542379s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = open(&(0x7f0000000380)='./file2\x00', 0x14507e, 0x0)
pwrite64(r1, &(0x7f0000000000)='+', 0xc0014, 0x7003f00)

2.147608007s ago: executing program 1:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x7b, 0x0, &(0x7f0000003a80))
mknod(0x0, 0x1000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
eventfd(0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x18, 0x39, 0x107, 0x0, 0x0, {0x4}, [@nested={0x4}]}, 0x18}}, 0x0)

1.780985062s ago: executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f0000000ac0), 0x200, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
ioctl$vim2m_VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r7, 0x0})
listen(r7, 0x0)
io_uring_enter(r4, 0x92, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f0000000300)="8b", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @private1}, 0x1c)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

1.60832067s ago: executing program 2:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_io_uring_setup(0x4b2f, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000300), &(0x7f0000000000)=<r1=>0x0)
syz_io_uring_setup(0x5e5, &(0x7f0000000280), &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040))
syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x6)
r3 = syz_io_uring_setup(0x6908, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_setup(0x1868, &(0x7f0000000140), &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000240))
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r3, 0x184c, 0x0, 0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.491833739s ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmmsg(r1, &(0x7f0000006540)=[{{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000006900)=""/228, 0xe4}, {&(0x7f0000003f40)=""/82, 0x52}, {&(0x7f0000001380)=""/148, 0x94}, {&(0x7f0000001440)=""/165, 0xa5}, {&(0x7f0000001500)=""/153, 0x99}, {&(0x7f00000015c0)=""/69, 0x45}, {&(0x7f0000001640)=""/202, 0xca}, {&(0x7f0000000300)=""/35, 0x23}, {&(0x7f0000001740)=""/127, 0x7f}, {&(0x7f00000017c0)=""/118, 0x76}], 0xa}}, {{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f00000019c0)=""/124, 0x7c}, {&(0x7f0000001a40)=""/169, 0xa9}, {&(0x7f0000001b00)=""/123, 0x7b}, {&(0x7f0000001b80)=""/21, 0x15}, {&(0x7f0000001bc0)=""/221, 0xdd}, {&(0x7f0000001cc0)=""/136, 0x88}, {&(0x7f0000001dc0)=""/119, 0x77}], 0x7}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000006800)=""/224, 0xe0}, {&(0x7f0000004040)=""/178, 0xb2}, {&(0x7f0000004100)=""/90, 0x5a}, {&(0x7f0000004180)=""/66, 0x42}, {&(0x7f0000004200)=""/37, 0x25}], 0x5}}, {{0x0, 0x0, &(0x7f0000004540)=[{&(0x7f0000004440)=""/216, 0xd8}], 0x1}}, {{0x0, 0x0, &(0x7f0000005bc0)=[{&(0x7f00000046c0)=""/181, 0xb5}, {&(0x7f00000047c0)=""/247, 0xf7}, {&(0x7f0000004900)=""/135, 0x87}, {&(0x7f00000049c0)=""/4096, 0x1000}], 0x4}}], 0x5, 0x0, 0x0)

1.384394746s ago: executing program 1:
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x51d, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJpu1d5s2W+gBUKFLKSxotXbibVdVL2xPFUKVED1y2IbEG61ix1HslCbsIXvkjkQlTnDijAQSB6Q9cUfiADcu5YBUYAVqkJBwNWM76/xxYmUTezf+/aSR38yz/b23o3lv9HkzL4CJdTUitiPiYkS8HxGz3eNJd4vbnS1736eP7i/uPLq/mES7/d4/k7w+OxZ9n8k81/3OYkR8/52IHyb7gv4porm5tbJQq1XXu4fKrfpaubm5deNefWG5ulxdrVRuzd+ae/PmG5VT6+sr9V9/cikifv+7L3/8x+1v/Thr1ky3rr8fp6nT9endOJkLEfHdswg2BlPd/lw8yYdP9CFOUxoRn4uIV/Prfzam8rO5197T9O0Rtg4AOAvt9my0Z/v3AYDzLs1zYEla6uYCZiJNS6VODu+luJzWGs3W9buNjdWlTq7sSkynd+/VqnPdXOHD39x+O7tvmM/r8vokq6/s278ZES9GxE8Ll/L90mKjtjTG+x4AmGTP7Zv//1PozP8AwDlXfFwsjLMdAMDoFMfdAABg5Mz/ADB5zP8AMHnM/wAwecz/ADB5zP8AMFG+9+672dbe6T7/eumDzY2Vxgc3lqrNlVJ9Y7G02FhfKy03Gsv5M3vqx31frdFYm389Nj4st6rNVrm5uXWn3thYbd3Jn+t9pzo9kl4BAEd58ZWHf0kiYvutS/kWfc/7P3aufvmsWwecpXTcDQDGZmrcDQDG5uBqX8CkkI+HyfX/drsdfWv3RsSD3VLfw0AH/hehj4YKk1o3FJ4+1774BPl/4Jkm/w+T62T5f/fycB7I/8PkarcTa/4DwISR4weSY+r7f/+fa/ftDPf7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxLM/mWpKXuWuAzkaalUsTzEXElppO792rVuYh4ISL+XJguZPvzEWHdIAB4lqV/T7rrf12bfW1mf+3Fwn8L+WtE/Ojn7/3sw4VWa30+4mLyr93jrY+6xyvjaD8AcJzePN2bx3s+fXR/sbeNsj2fvN1ZXDSLu9PdOjUX4kL+WsxzDZf/nXT3O7L7lalTiL/9ICK+cFj/kzw3cqW78un++Fns50caP90TP83rOq/Zv8XnT6EtMGkeZuPP7cOuvzSu5q+HX//FfIR6cr3xb+fA+Jfujn9TA8a/q8PGeP0P3zlwsD3bqXsQ8aULETu9L+8bf3rxkwHxXxsy/l9f/sqrg+rav4i4Fof1P9kTq9yqr5Wbm1s37tUXlqvL1dVK5db8rbk3b75RKec56nIvU33QP966/sKg+Fn/Lw+IXzym/18fsv+//N/7P/jqEfG/+bXDz/9LR8TP5sRvDBl/4fJvi4PqsvhLA/p/3Pm/PmT8j/+2tTTkWwGAEWhubq0s1GrV9ScvFI98T3oaIYYoJBHbZxzicaHwq5+8c/ybCyNrzwkLMahq6mlp4bkpFJ6OZgxRGPfIBJy1xxf9uFsCAAAAAAAAAAAAAAAMMoo/Jxp3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi/PgsAAP//0JTXgA==")
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0)

1.224886085s ago: executing program 5:
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r1, 0xa, 0x12)
clock_gettime(0x0, &(0x7f00000001c0)={0x0, <r3=>0x0})
clock_nanosleep(0x2, 0x0, &(0x7f0000000200)={0x0, r3+10000000}, &(0x7f0000000240))
ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, 0x0, 0x0)
dup2(r1, r2)
fcntl$setown(r2, 0x8, r0)
tkill(0x0, 0x13)

900.332181ms ago: executing program 2:
syz_mount_image$jfs(&(0x7f0000005dc0), &(0x7f0000005e00)='./file0\x00', 0x0, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {}, {@uid}, {}, {@noquota}, {@quota}, {@uid}]}, 0x1, 0x5ed3, &(0x7f0000011c00)="$eJzs3UuPFNfZB/CnL9Nz4TWMLL2WhbIYY+dCMDBcDLnb3iRSVpEiNlmBxmMLBScRkCi2UBhrFvkGUbJIlOyzyifIHj6EF1kGCZKNV6moZs6BmqKHHgLT1TPn95OGqqdOVfcp/l3T3dNVfQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiB9+/8fnehFx9VdpwXLE/8Ugoh+xWNcrEbG4spzXH0bE67HVHK/Vq89H1Ntv/XMs4mJE3D8a8fDRnbV68fk99uPfR/7/2D//+oPTv//b7+6d/OOpt9vtf1r/x72f3E33BQAAADyXqqqqXnqbfzy9v+933SkAYCry83+V5OVqtVqtVqsPX91UjXe3WUTERnOb+jXD3XE3BgDMro34ousu0CH5F20YEUe67gQw05x3fzg9fHRnrZfy7TWfD1a22/O5IDvy3+g9vr5jt+kk7XNMpvX42oxBvLpLfxan1IdZkvPvt/O/ut0+Suvtd/7Tslv+o+1Ln4qT8x+08285PPn3x+Zfqpz/8LnyH8gfAAAAAABmWP77/3LHn//Ov/iu7MmzPv9dmVIfAAAAAAAAAOBle9Hx/x4z/h8AAADMrPq9eu3PR58s2+09dr38Si/ildb6QGHSxTJLXfcDAAAAAAAAAAAAAEoy3D6H90ovYi4iXllaqqqq/mlq18/rRbc/6ErffyhZ17/kAQBg2/2jrWv5exELEXElfdff3NLSUlUtLC5VS9XifH49O5pfqBYb72vztF42P9rDC+LhqKpvbKGxXdOk98uT2tu3V9/XqBrsoWPT0WHgABAR289GDz0jHTJVdSy6fpXDweD4P3wc/+xF149TAAAAYP9VVVX10td5H0+f+fe77hQAMBX5+b/9uYBarVar1erDVzdV491tFhGx0dymfs1wd9yNAQCzayO+6LoLdEj+RRtGxOtddwKYab2uO8C+ePjozlov5dtrPh+k8d3zuSA78t/obW2Xtx83naR9jsm0Hl+bMYhXd+nPa1PqwyzJ+ffb+V/dbh+l9fY7/2nZLf96P5c76E/Xcv6Ddv4thyf//tj8S5XzHz5X/gP5AwAAAADADMt//1/2+W/eZQAAAAAAAAA4cB4+urOWr3vNn/9/acx6rv88nHL+PfkXKeffb+X/tdZ6g8b8g/ef5P+vR3fWfvSHz4/n6V7zn88zvfTI6qVHRC/dU2+Ypi+yd0/bnBuM6nua6/UHw3TOTzX3YVyPG7EeqzvW7af/jyft53a01z2d29F+fkf78Kn2Czva59L3DlSLuf1MrMXP40Z8sNVet81P2P+FCe3VhPac/8DxX6Sc/7DxU+e/lNp7rWntwWf9p4775nTc/bz323v3V/d/dybajMHjfWuq9+9EB/3Z+j85Mopf3lq/eebX127fvnku0mTH0vORJi9Zzn8u/Tz+/f/mdnv+vd88Xh98Nnru/GfFZgx3zf/Nxny9vyen3Lcu5PxH6Sfn/0FqH3/8H+T8dz/+T3XQHwAAAAAAAAAAAAAAAHiWqqq2LhF9LyIupet/uro2EwCYrvz8XyV5uVqtVqvV6sNXN1XjvdssIuLvzW3q1wy/GXdjAMAs+09EfN51J+iM/AuWv++vnr7VdWeAqbr1yac/vXbjxvrNW133BAAAAAAAAAD4X+XxP1ca4z+/FRHLrfV2jP/6fqy86PifwzzzeIDRlzzQ9y42+6NBvzHc+Bvx7PG/T8Szx/8eTri/uQntownt8xPaFya0j73QoyHn/0ZjvPM6/+Ot4ddLGP+1PeZ9CXL+JxqP5zr/r7bWa+Zf/eUg59/fkf/Z2x//4uytTz49ff3jax+tf7T+s4urq5cuXH5n9fLq2Q+v31hP/3bY4/2V889jXzsPtCw5/5y5/MuS8/9yquVflpz/V1It/7Lk/PPrPfmXJeef3/vIvyw5/5Opln9Zcv5fT7X8y5LzP5Vq+Zcl5/92quVflpz/6VTLvyw5/zOpln9Zcv5nUy3/suT88ydc8i9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvO/mGr5lyXn/06q5V+WnP+lVMu/LDn/y6mWf1ly/t9ItfzLkvP/ZqrlX5ac/7dSLf+y5Py/neqJ+S9Op19MR87/O6l2/Jcl5//dVMu/LDn/76Va/mXJ+b+bavmX5cn3/5sxY8ZMnun6NxMAAAAAAAAAAAAA0DaN04m73kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7IDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xc5X0G8LM3e20S2CZAXEJgbRwwsLDrO07rYC5pKIQ2TSBt04vj2mvj4Fu9drgICUekBamoRWo+kA9NSIpUvlRBSVRRNY0cqVUiJVL4lFZqS6ggFUpD66T9kFQhW82c9313Zjy7sz6za2bO+f0k/PfOnJl5Z+ad2X3WPLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI3W3jb9+ECWZbX/6n+MZdlban9fNT5W+3D9e97sFQIAAADdeqP+55mL0gm7FnGhhmO+ccV3vjI7OzubvfT9a9/x6dnZdMZ4lo2tzLL6edFrd//d+sZjgsey0YHBho8HO9z8UIfzhzucP9Lh/BUdzl/Z4fzRDufPdrqCbFX+/Zj6la2v/3Usf0izi7OR+nnr21zqsYGVg4Pxezl1A/XLzI7szw5mh7LpbKrp+PzYgfrxX11bu607snhbgw23dXlth/zokb1xDQPhMV7fdFtz1xm9fks2/uMfPbL3g595+bJ2s9Oj0Hx9+To3rKut81PhlHytA9nK9JjEdQ42rPPyNs/JUNM6B+qXq/29dZ1nFrnOobllnletz/loNlj/+4v1x2m48dt66XG6PJz2k6uyLDs1t+zWY866rWwwW910yuDc8zOa78jaddS20tuy4XPap2sXsU9rc9/65n3a+pqIz//acLnhedbQ+DS9/skVZz3v57pPo9q9nu+10roHl/q10it7MO6LF+t3+om2e3B9uP+PXD3/Hmy7d9rswXS/G/bguk57cHDFUH3N6UkYqF9mbg9ubDp+qH5LA/X52tUL78HJE4ePTc489PANBw/vOTB9YPrIlqmpbZu3b53aPjW5/+Ch6fBnwUe7963OBtNrYF147OJr4JqWYxu36uznl+51OLrA63Cs5dilfh0Ot965gfPzgjx7T+evjXtqD/rok4PZPK+x+vNzXfevw3S/G16Hww2vw7afU9q8DocX8TqsHXPsusV9zTLc8F+7NSzX54Kxhj3Y+vVI6x5c6q9HemUPjoZ98a/Xzf+54PKw3icmzvXrkaGz9mC6u+G9p3ZK+np/9Kb6aLcvL6udccGK7OTM9PEbH9xz4sTxjVkY58XbG/ZK635d3XCfsrP26+A579ddj3/r25e1OX0sPFajN9T+GJ33uaods+XGhZ+r+me39o9n06mbsjCW2Pl+PNt9Nq89nilLLvB41o751GT3X4unWNnw/jsyz/tvzP0/r9/O+nRVjw2NDOev36H06Iw0vR83P1XD9feugfptn5lc3PvxSPjvfL8fX7zA+/GalmOX+v14pPXOxffjgU7f7ehO6/M5GvbJoamF349rx6zZdK57cnjB9+OrwhwIj/+1ISmkXNSwd+bbt+m2hodHwv0ajrfQvE83Nx0/ErJZ7bae21Rsn264Kr+uoXTv5pyvfTrecuxS79P0fjXfPh3o9N23Ylqfz9GwLy7evPA+rR1zekv3752r4l8b3jtXdNqDI0MramseSZswf7+fXRX34I3Z3uxodijbVz93RX0/DdRva2Lr4vbgivDf+X6vXLPAHtzQcuxS78H0eWy+vTcwfPadXwKtz+do2BdPb114D9aOuX370n7tuiGcko5p+Nq19ftr833P67KWh2k5v+dVW+c/bF/4e7O1Yw7ddK45c+HH6fpwygVtHqfW1+98r6l92fl5nNaEdf7wpvkfp9p6asd8esci99OuLMu+fNeu+vd7w7+vfOnkd7/S9O8uu/LzXtgxd11nfdXR7t99vnzXrtP/fOdPz+U+AtDbfl7/c/3q/HNdw79MLebf/wEAAIC+EHP/YJiJ/A8AAAClEXN//L/CE/kfAAAASiPm/uEwk4rk/yf+7ZL7f/Zolpr5s0E8Pz4Mx17Jj4sd12fCx+Ozc2qn3/rsP37ro48u7rYHsyz72Z3/0vb4J16J68o9FdY5/r3m08+y5nuLuv2P3Tt3XGMHcCxcf7w/rdvgq//9Sv1y4zvyefrO0/X5oVNPPFY7/8yO/OPYnXztf/Lj/iKUeXft/3rT5Te8lN/e+pcWvl/xcl/8wKq73vmRuduLlxtYd2H9bjz93vx648+9eeq2/Pgz4bj51v/3f/LcF2vHP/ju9ut/dLD9+l8L1/tqmD99Iz+98TGtfRwv90dh/fH24uVu/MLX2q7/+ffnxz8fnpdnwmxd/y1/9q43Gh+vuP54O7tezi8Xb3/qb/6jfrl4ffH6W9c/evMrTY9H6/Wf/lJ+PTs/8b9DjcfH0+PtpH33cvPzXLuexv0WPffHp5se5+zf88v9bcv64/Ude7n9+q9vWeexjavrl5+vMv7Z6Vfb3t+4nl1//WLT/Xn+B+Hxu/Xu+vWO/iTsx3D+/z2VX1/rT0t48QfN7yfx+GfG8tdlvL7JlvU/1bL+U1fWHrvO67/jx/n6n7/5G83Px3/m69j1ej47rf/A577TdPnPfzd/Po4/MHHk6MzJg7FDPRZ+9s+x7+fXt3J01eoL3vLWCy8K75WtH+8+euK+6ePjU+NTWTbehz8Sb7nX/4Uw/ysfp5b6+h/JsuyBhs9r170v33/ZFWf+9Mo7nr0vHvdPt+enP3lX/nnrmnDcU+H0U+H5jtfz2c/knw+7XX+8nflmWu8infzm49sWdWC4/0+vvbT+Khs4nZ/c+n5VVHydv3xJ8+v+pXvy+UJ4XGfDT2Zed+k368e13n782QhPfjh/fcev5OLlu13/X4Xn++5X8+uP15vWG76O+dqa5vfH+Py88GjLTxoYy3+Kx6nw/pGdys+PR8WvqZ48c+m5LHNeMw/NTB46eOTkg5MnpmdOTM489PDuw0dPHjmxu/6zOXd/vNPl517fq+uv733T27Zk9Vf70Xwsszd7/cfu3btv+9TV+6b37zm5/8S9x6aPH9g7M7N3et/M1Xv2759+oNPlD+7buXHTjs3bN00cOLhv5007dmzeMXHwyNHaMvJFdbBt6v6JI8d31y8ys3PLjo1bt26Zmjh8dN/0zu1TUxMnO12+/rlponbpT0wcnz6058TBw9MTMwcfnt65cce2bZs6/nS/w8f2z4xPHj95ZPLkzPTxyfy+jJ+on1z73Nfp8lAz87lVbT9PDYSv3jdevy39fNaaZz8571Xlh7T8ANEfhp9F8+2//POti/k45v6RMJOK5H8AAACogpj7V4SZyP8AAABQGjH3rwwzkf8BAACgNGLuHw0zqUj+1//X/69a/39E/1//Pz4f+v9LQv9f/78I/X/9/35Yv/6//j/d67X+f8z9q7KskvkfAAAAqiDm/tVhJvI/AAAAlEbM/ReEmcj/AAAAUBox978lzKQi+V//vz/7/0PhMdf/9/v/9f87r1//f3np/+v/F6H/r//fD+vX/9f/p3u91v+Puf+tYSYVyf8AAABQBTH3XxhmIv8DAABAacTcf1GYifwPAAAApRFz/1iYSUXyv/5/f/b//f5//X/9f/3/XqH/r/9fhP6//n8/rF//X/+f7vVa/z/m/l8IM6lI/gcAAIAqiLn/bWEm8j8AAACURsz9bw8zkf8BAACgNGLuvzjMpCL5X/9f/1//X/8/0v/X/y9C/1//vwj9f/3/fli//r/+P93rtf5/zP2XhJlUJP8DAABAFcTcf2mYifwPAAAApRFz/zvCTOR/AAAAKI2Y+9eEmVQk/+v/6//r/+v/R/r/+v9F6P/r/xeh/6//3w/r1//X/6d7vdb/j7n/F8NMKpL/AQAAoApi7r8szET+BwAAgNKIuf+dYSbyPwAAAJRGzP2Xh5lUJP/r/+v/6//r/0f6//r/Rej/6/8Xof+v/98P69f/1/+ne73W/4+5/11hJhXJ/wAAAFAFMfdfEWYyf/7/+vKvCgAAAFhKMfdfGWbi3/8BAACgNGLuHw8zqUj+1//X/++5/v+4/r/+v/5/P9H/1/8vQv9f/78f1q//r/9P93qt/x9z/9owk4rkfwAAAKiCmPvXhZnI/wAAAFAaMfdfFWYi/wMAAEBpxNy/PsykIvlf/1//v+f6/37/v/6//n9f0f/X/y9C/1//vx/Wr/+v/0/3eq3/H3P/u8NMKpL/AQAAoApi7r86zET+BwAAgNKIuf+aMBP5HwAAAEoj5v4NYSYVyf/6//r/+v/6/5H+v/5/Efr/+v9F6P/r//fD+vX/9f/pXq/1/2PuvzbMpCL5HwAAAKog5v7rwkzkfwAAACiNmPuvDzOR/wEAAKA0Yu6fCDOpSP7X/y95//+N2dlZ/X/9f/1//f9lpP+v/1+E/r/+fz+sX/9f/5/u9Vr/P+b+G8JMKpL/AQAAoApi7r8xzET+BwAAgNKIuX8yzET+BwAAgNKIuX8qzKQi+V//v7/7/1nm9//r/+v/d1q//v/y0v/X/y9C/1//vx/Wr/+v/0/3eq3/H3P/xjCTiuR/AAAAqIKY+zeFmcj/AAAAUBox928OM5H/AQAAoDRi7t8SZlKR/K//39/9/46//1//X/9f/1//f5np/+v/F6H/r//fD+vX/9f/p3u91v+PuX9rmElF8j8AAABUQcz928JM5H8AAAAojZj7t4eZyP8AAABQGjH33xRmUpH8r/+v/6//r/8f6f/r/xeh/6//X4T+v/5/P6xf/1//n+71Wv8/5v4dYSYVyf8AAABQBTH3vyfMRP4HAACA0oi5/5fCTOR/AAAAKI2Y+385zKQi+V//X/9f/3+x/f9TZ12//v957f+vzPT/e5L+v/5/Efr/+v/9sH79f/1/utdr/f+Y+3eGmVQk/wMAAEAVxNz/3jAT+R8AAABKI+b+m8NM5H8AAAAojZj7d4WZVCT/6//r/+v/+/3/UY/3//3+/x6l/6//X4T+v/5/P6xf/1//n+71Wv8/5v5bwkwqkv8BAACgCmLuvzXMRP4HAACA0oi5/7YwE/kfAAAASiPm/tvDTCqS//X/9f/1//X/I/1//f8i9P/1/4vQ/9f/74f1H1uR6f/r/9OlXuv/x9z/vjCTiuR/AAAAqIKY+38lzET+BwAAgNKIuf/9YSbyPwAAAJRGzP13hJlUJP/r/y9t/3+V/r/+v/6//r/+/5LS/9f/z/T/C3uz+/P9vn6//1//n+71Wv8/5v5fDTOpSP4HAACAKoi5/84wE/kfAAAASiPm/rvCTOR/AAAAKI2Y+z8QZlKR/K//7/f/6//r/0f6/73Q/181z7PTu/T/9f+L0P/X/++H9ev/6//TvV7r/8fcf3eYSUXyPwAAAFRBzP2/FmYi/wMAAEBpxNz/62Em8j8AAACURsz9HwwzqUj+1//X/9f/1/+P9P97of8/z5PTw/T/9f+L0P/X/++H9ev/6//TvV7r/8fc/xthJhXJ/wAAAFAFMfd/KMxE/gcAAIDSiLn/w2Em8j8AAACURsz994SZVCT/6//r/+v/6/9H+v/6/0Xo/+v/F1GW/n98w9X/Xx5v9vr1//X/6V6v9f9j7r83zKQi+R8AAACqIOb+j4SZyP8AAABQGjH3/2aYifwPAAAApRFz/2+FmVQk/+v/6//r/+v/R/r/+v9F6P/r/xdRlv6/3/+/vN7s9ev/6//TvV7r/8fc/9thJhXJ/wAAAFAFMfd/NMxE/gcAAIDSiLn/d8JM5H8AAAAojZj7fzfMpCL5X/9f/1//X/8/0v/X/y9C/1//vwj9f/3/fli//r/+P93rtf5/zP2/F2ZSkfwPAAAAVRBz/++Hmcj/AAAAUBox9+8OM5H/AQAAoDRi7v9YmElF8r/+v/6//r/+f6T/r/9fhP6//n8R+v/6//2wfv1//X+612v9/5j794SZVCT/AwAAQBXE3P8HYSbyPwAAAJRGzP17w0zkfwAAACiNmPv3hZlUJP/r/+v/6//r/0f6//r/Rej/6/8Xof+v/98P669S/7/1c3Wm/88S6bX+f8z902EmFcn/AAAAUAUx9+8PM5H/AQAAoDRi7j8QZiL/AwAAQGnE3H9fmElF8r/+v/6//r/+f6T/r/9fhP6//n8R+v/6//2w/ir1/9vR/2cp9Fr/P+b+g2EmFcn/AAAAUAUx9388zET+BwAAgNKIuf/+MBP5HwAAAEoj5v5DYSYVyf/6//r/+v/6/5H+v/5/Efr/+v9F6P/r//fD+vX/9f/pXq/1/2PuPxxmUpH8DwAAAFUQc/+RMBP5HwAAAEoj5v6jYSbyPwAAAJRGzP3Hwkwqkv/1//X/W/v/A/r/+v8tp+v/5/T/29P/1/8vQv9f/78f1q//r/9P93qt/x9z/x+GmVQk/wMAAEAVxNx/PMxE/gcAAIDSiLl/JsxE/gcAAIDSiLn/RJhJRfK//r/+v9//r/8f6f/r/xeh/3+e+/+1Dar////s3VXP4EcVx/ElIWn6Hki45v1wCS8Ddy1a3Iu7u7u7Fne34m4JBHrOSZcsCztTsjNzPp+b0z5pmnl60eSXzTf/ov+/vKvdz+/+fv2//p95q/X/ufvvErc02f8AAADQQe7+u8Yt9j8AAAAcI3f/3eIW+x8AAACOkbv/7nFLk/2v/9f/6//1/0n/r/8fof/3/f8R+n/9/w7v1//r/5m3Wv+fu/8ecUuT/Q8AAAAd5O6/Z9xi/wMAAMAxcvffK26x/wEAAOAYufvvHbc02f/6f/3/zv3/HS/o//X///39+v//L/2//n+E/l//v8P79f/6f+at1v/n7r9P3NJk/wMAAEAHufvvG7fY/wAAAHCM3P33i1vsfwAAADhG7v77xy1N9r/+X/+/c//v+//6/y79/50u/eMl6P/1/yP0//r/Hd6v/9f/M2+1/j93/wPilib7HwAAADrI3f/AuMX+BwAAgGPk7n9Q3GL/AwAAwDFy9z84bmmy//X/+n/9v/4/6f/X7f9Xpv/X/4+Y6P8v+m+o/7+8q93P7/5+/b/+n3mr9f+5+x8StzTZ/wAAANBB7v6Hxi32PwAAABwjd/91cYv9DwAAAMfI3f+wuKXJ/tf/6//1//r/pP/X/4/Q/+v/R/j+v/5/h/fr//X/zFut/8/d//C4pcn+BwAAgA5y9z8ibrH/AQAA4Bi5+x8Zt9j/AAAAcIzc/Y+KW5rsf/2//l//r/9P+n/9/wj9v/5/hP5f/7/D+/X/+n/mrdb/5+5/dNzSZP8DAABAB7n7r49b7H8AAAA4xvUXLlzzz93/mH/9nf0PAAAAJ8rd/9i4pcn+1//r//X/+v+k/9f/j9D/6/9H6P/1/zu8X/+v/2feav1/7v7HxS1N9j8AAAB0kLv/8XGL/Q8AAADHyN3/hLjF/gcAAICt3XSL8it3/xPjlib7X/+v/9f/79n/3/6C/l//vwb9v/5/hP5f/7/D+/X/+n/mrdb/5+5/UtzSZP8DAABAB7n7nxy32P8AAABwjNz9T4lb7H8AAAA4Ru7+p8YtTfa//l//r//fs//3/X/9/yr0//r/Efp//f8O79f/6/+Zt1r/n7v/aXFLk/0PAAAAHeTuf3rcYv8DAADAMXL3PyNusf8BAADgGLn7b4hbmux//b/+X/+v/0/6f/3/CP2//n+E/l//v8P79f/6f+at1v/n7n9m3NJk/wMAAEAHufufFbfY/wAAAHCM3P3PjlvsfwAAADhG7v7nxC1N9r/+X/+v/9f/J/2//n+E/l//P0L/r//f4f36f/0/81br/3P3PzduabL/AQAAoIPc/c+LW+x/AAAAOEbu/ufHLfY/AAAAHCN3/wvilib7X/+v/9f/6/+T/l//P0L/r/8fof/X/+/wfv2//p95q/X/uftfGLc02f8AAADQQe7+F8Ut9j8AAAAcI3f/i+MW+x8AAACOkbv/JXFLk/2v/9f/6//1/0n/r/8fof/X/4/Q/w/0/7e9kpff7Gr387Ou9vv1//p/5q3W/+fuf2nc0mT/AwAAQAe5+18Wt9j/AAAAcIzc/S+PW+x/AAAAOEbu/lfELU32v/5f/798/3+t/l//r/9fmf5f/z9C/+/7/zu8X/+v/2feav1/7v5Xxi1N9j8AAAB0kLv/VXGL/Q8AAADHyN3/6rjF/gcAAIBj5O5/TdzSZP/r//X/y/f/vv+v/9f/L03/f9n+/w5/n3y//v/mf17/P+Zq9/O7v1//r/9n3mr9f+7+18YtTfY/AAAAdJC7/3Vxi/0PAAAAx8jd//q4xf4HAACAY+Tuf0Pc0mT/6//1//p//X/S/+v/R+j/ff9/hP5f/7/D+/X/+n/mrdb/5+5/Y9zSZP8DAABAB7n73xS32P8AAABwjNz9b45b7H8AAAA4Ru7+t8QtTfa//l//r//X/6cO/f+1t/i5/v/Wof/X/49Ysf+/8RI/0//r//X/+n/mrNb/5+5/a9zSZP8DAABAB7n73xa32P8AAABwjNz9b49b7H8AAAA4Ru7+d8QtTfa//l//r//X/6cO/b/v/9/69P/6/xEr9v+Xov/X/+v/9f/MWa3/z93/zrilyf4HAACADnL3vytusf8BAADgGLn73x232P8AAABwjNz974lbmux//b/+X/+v/0/6f/3/CP2//n+E/l//v8P79f/6f+at1v/n7n9v3NJk/wMAAEAHufvfF7fY/wAAAHCM3P3vj1vsfwAAADhG7v4PxC1N9r/+X/+v/9f/J/2//n+E/l//P0L/r//f4f36f/0/81br/3P3fzBuabL/AQAAoIPc/R+KW+x/AAAAOEbu/g/HLfY/AAAAHCN3/0filib7X/+v/9f/6/+T/l//P0L/r/8fof/X/+/w/n/r/2+IH+v/9f9cgdX6/9z9H41bmux/AAAA6CB3/8fiFvsfAAAAjpG7/+Nxi/0PAAAAx8jd/4m4pcn+1//r//X/+v+k/9f/j9D/6/9H6P/1/zu83/f/9f/MW63/z93/ybilyf4HAACADnL3fypusf8BAADgGLn7Px232P8AAABwjNz9n4lbmux//b/+X/+v/0/6f/3/CP2//n+E/l//v8P79f/6f+at1v/n7v9s3NJk/wMAAEAHufs/F7fY/wAAAHCM3P03xi32PwAAABwjd//n45Ym+1//r//X/+v/k/5f/z9C/6//H6H/1//v8H79v/6feav1/7n7vxC3NNn/AAAA0EHu/i/GLfY/AAAAHCN3/5fiFvsfAAAAjpG7/8txS5P9r//X/+v/9f9J/6//H6H/1/+P0P8v3f9fl3+h/9f/6/+ZtVr/n7v/K3FLk/0PAAAAHeTu/2rcYv8DAADAMXL3fy1usf8BAADgGLn7vx63NNn/+n/9v/5f/5/0//r/Efp//f8I/f/S/X/R/+v/9f/MWq3/z93/jbilyf4HAACADnL3fzNusf8BAADgGLn7vxW32P8AAABwjNz9345bmux//b/+X/+v/0/6f/3/CP2//n+E/l//v8P79f/6f+at1v/n7v9O3NJk/wMAAEAHufu/G7fY/wAAAHCM3P3fi1vsfwAAADhG7v7vxy1N9r/+X/+v/9f/J/2//n+E/l//P6JR/3/x/5L0/1u9X/+v/2feav1/7v4fxC1N9j8AAAB0kLv/h3GL/Q8AAADHyN3/o7jF/gcAAIBj5O7/cdzSZP/r//X/+n/9f9L/6/9H6P+79/93vt0V/DqlUf9/8b9Q/7/V+5fs/2+j/2cvq/X/uft/Erc02f8AAADQQe7+n8Yt9j8AAAAcI3f/TXGL/Q8AAADHyN3/s7ilyf7X/+v/9f/6/6T/1/+P0P937//H6P/1/zu8f8n+3/f/2cxq/X/u/p/HLU32PwAAAHSQu/8XcYv9DwAAAMfI3f/LuMX+BwAAgGPk7v9V3NJk/+v/9f/6f/1/0v/r/0fo//X/I/T/+v8d3q//1/8zb7X+P3f/r+OWJvsfAAAAOsjd/5u4xf4HAACAY+Tu/23cYv8DAADAMXL3/y5uabL/9f/6f/2//j/p//X/I/T/+v8R+n/9/w7v1//r/5m3Wv+fu//3cct/2P/X/E+/JQAAALCS3P1/iFua/Pk/AAAAdJC7/49xi/0PAAAAx8jd/6e4pcn+1//r//X/+v+k/9f/j9D/6/9H6P/1/zu8X/+v/2feav1/7v4/xy1N9j8AAAB0kLv/L3GL/Q8AAADHyN3/17jF/gcAAIBj5O7/W9zSZP/r//X/+n/9f9L/6/9H6P/1/yP0//r/Hd6v/9f/M2+1/j93/z8CAAD//wlxcUc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
write(r0, &(0x7f0000000540)="953820a61a166fd5dd4b4b", 0xfdef)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
openat$vimc0(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
r6 = dup(r2)
pwritev2(r6, &(0x7f0000000300)=[{&(0x7f0000000680)="a9", 0x1}], 0x1, 0x1000000, 0x0, 0x0)
sendfile(r6, r2, 0x0, 0x87fffa0)
ftruncate(r1, 0x6)

656.538149ms ago: executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)

164.825428ms ago: executing program 3:
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
socket$isdn(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
read(0xffffffffffffffff, &(0x7f0000000740)=""/384, 0x200008c0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0)

100.256696ms ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r3 = open(&(0x7f0000000380)='./file2\x00', 0x14507e, 0x0)
pwrite64(r3, &(0x7f0000000000)='+', 0xc0014, 0x7003f00)
open(&(0x7f0000000040)='./file2\x00', 0x0, 0x0)

0s ago: executing program 5:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x160a43, 0xb)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffb}]})
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f00000004c0)='./file0\x00', 0x4400, &(0x7f0000000340)=ANY=[], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==")
lchown(&(0x7f0000000140)='./file1\x00', 0xee00, 0x0)
r2 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x79dfcc23700509f, &(0x7f0000000240)=ANY=[], 0x0, 0xa79, &(0x7f0000004280)="$eJzs3c1vHGcZAPBn1h+x3apN29CWqG0mqdK6bXDWNk0U9UATe524+APZjtRIoKZqHBTFoqgBqY2QmkqIExUVQkiAhFCPnCqVA72gnIAjJw5I0L8AVHFKETBoZnftXWc/Emdtp+X3i9Y7H8877/POzM4br3fnDT7LsiwrHlucP/vrnUyWu8+p6Y/f/+Dd/PHOtRiMvuiL30YMRUQa0f+f4lwZmJpeWpzvsqHLEecj4npEEhF7ovrcxnDT3PlIfhT3bsxfj+QX8WiLYkO32Ti6yvi/ttvnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3JWmpsvl8STmZhfOvpy2VwwB3mF9fXMfFaN+Jx91qzaJSPJHDA3Vh/p+dN/G6ofzH4fisercY9WRv4fi6j0P733hof5SvXyHhHbElbeuXn51bW31jdr8njQd6Fpoz7andfsGt1bsdGVhdnlxdv7k6Uo6u7yYnjh2rHz0zMxyOjMbleVzyyuV+XRqqXJyZXEpHZ16Jh0/cWIyrYydWzy7cHp6bK5SX3j8SxPl8rH0pbGvVU4uLS8uHH1pbHnqzOzc3OzC6SImX53HHM9PxK/OrqQrlZPzaXrx0trqZLck86DxlmuS5qCJbluaKE9MjI9PDMex5088f7xc7q8tmBivLyhvEjdF7P5JS6/98pYjf9Pz6zfcgVKt/4+5mI2FOBsvR9ry31RMx1IsxnyLdcnG9ur9/+GjlY71Nvb/9V7+0Y3V+6Po/5+ozj3Rrv+Pv9fiW+fc/l+Wba3c5n9X4q24Gpfj1ViLtViNN+54i2n8vnn+083r/51l2Ra2m+atPdC4D3qQ6+moxELMxnIsxmzMx8liSVpbksaJOBbHohyvxJmYieVIYyZmYy4qsRznYjlWolKcUVOxFJU0YiUWYynSGI2peCbSGI8TMRyTkUYlxuJcLMbZWIjTMR0ni61cjEvFfp/skON60PitBE10CLqpM7+z/j+7G/8nyHbr4dUb7kxW6/8H2wZk9anRqR3LCgAAAOilL/4x7tv34B/+GjEQjxfvy8/MzlXKu50WAAAA0EPFx/Uey58Gsoh4PJIWv/+Xdik5AAAAoCeS4jt2SUSMxIHqVPWbUH3hQwAAAADwOVH8/f+J/GkknzoQyfqdUM7vdm4AAABAb3S/x37XiGQoave0TC9Uny/UImr3+R2ZmZ2rjE0tzr0wHk8Vdxkovmlw09b6IpKB4usHz8bBatTBkerzSPMWh/Ko8bEXxuPZOFRryOiT+dOToy0iJ6qRT1cjn+4QOZlHAsDn3aGb++NPs9vs/5+NI9WII/v7ByOif3+LnrW80bP270ZDAYB13cfYaY54u1ausf//8sbv/wO11U39/4Nx8b/5wtUYi9fi9ViLC3Gk+LZB8YmDpnq//l7tPYP1jyGU40iXdwPqsX86XoojXd4PGGkY6OVIl3cEqrHxjYjJ7T0IALDDDrXph9v1/0VE1D84WO3/jzT8/h83//6/PrTQqq8UAsBdYX0E+55OZH2NS3a7jQBAM700AAAAAAAAAAAAAAAAAAAAAAAAAAAA9F5Pb/s/tMXif6uN61ddkvV+PILWE8O1fVBf8vZt7Y13rrx19ccR0biqlDdie3IuMu3tlks92E4WETt1vHZuIvZGbHmvRqtVgxGx7ckP96KKT2sT1ddGqdPF42zHtQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwGJBF9rZaXIvZERDkiju58Vtvn2m4nsPO+0jiT3Igb8Wbct3vpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8PtXu/1+K6vM91UXRX4o4HBHnIyLb7Rx76cZuJ9Ajw1ss13D///yYR5ZEf/WwRzIwNb20OJ8f/mLsh9LH73/w7iPNxffcaj1FYGnT4BK1GjbH/ure+tQDRamR6dUrl7/z+rfT6VNRisE4tTIzNz1/eunFjSIPJx9GpFF91OX55o/vHf7dey1a/mHe0tY21ztT7Jzpm+t9pFXpzvV2cmltdSKvaaXy8sp3v3XpzYZVD8bBiCdHI0aba/pm/mhT08EY6FRb8knyg+S++GmcL45/vjeSLMkP0f1F+4cvXlpbHXvt9bULbXLaGwci4kLEUNec1nf1geJ60lJx1pUG8lrLRVD+Y1+XNrbWOMZFdYvjbdrwQHHKjNTaMNjUhlKbOtP2bSh2eMN+L9UnkmRzRpO1jAajOaOH4qkWRzrbE9F+LzzV+Ui3lnyS/CU5E3+O7zeM/1HKj//haP/qbN5EEdlwprSNLFUji5ZPNK54ZXPkP352S9m3HKaG2/XDphdvqeH6XztWPboeZUnH61FDjZNtamz9uthU4+azotS24UWPtG9TidrVp22hap77qlFt8vxCPBfRv7/TVfGm3vq59leU5vIvtl691df/z5PR+GdcM/4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw90si+lotL0Ucjoi99fk0IruNze5pt6I0ktxuij11bf3HZ9y+4mepadk73YslN+JG9vZ2JQUAAAAAAADATjs1/fH7H7ybP4q/x/fdyLLa3/fTiP6I2Jv8ZDimlxbnu2xoIOJ8RFzPp4faBf0rq2pempeLezfmr0dk92+9SQBAF/8LAAD//+FccsU=")
name_to_handle_at(r2, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=ANY=[], 0x0, 0x0)
close(r1)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0xf, &(0x7f0000000d80)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="00b7030000000000008500000000000000001c00000000000055090100000000009500000000000000bf"], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
syz_open_procfs(0x0, &(0x7f0000000000)='attr/fscreate\x00')
close(r3)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x28, 0x7, 0x1c05211, 0x1, 0x4004, 0x0, 0x80000000}}, 0x50)

kernel console output (not intermixed with test programs):

2996040370/syzkaller.IxnbMj/147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.144419][ T8762] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  382.155221][ T8762] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  382.165680][ T8762] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 0
[  382.395392][   T29] audit: type=1800 audit(1719029666.132:61): pid=8773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1945 res=0 errno=0
[  382.456013][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  382.674400][ T5122] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  382.879149][ T5122] usb 6-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  382.918623][ T5122] usb 6-1: config 220 has 1 interface, different from the descriptor's value: 184
[  382.991702][ T5122] usb 6-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  383.109068][ T5122] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.587513][ T5122] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  383.783739][ T5122] gspca_sn9c2028: read1 error -32
[  383.817305][ T5122] gspca_sn9c2028: read1 error -32
[  384.605628][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  384.612395][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  385.034300][  T780] usb 6-1: USB disconnect, device number 16
[  385.365038][ T5122] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  385.576541][ T5122] usb 5-1: Using ep0 maxpacket: 8
[  385.601983][ T5122] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  385.622499][ T5122] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  385.668386][ T5122] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  385.747948][ T5122] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  385.814143][ T5122] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.857230][ T5122] usbtmc 5-1:16.0: bulk endpoints not found
[  386.077100][ T8814] loop5: detected capacity change from 0 to 16
[  386.105157][ T8814] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  386.239203][ T5186] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  387.519032][ T8825] loop1: detected capacity change from 0 to 512
[  387.580072][ T8825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  387.593073][ T8825] ext4 filesystem being mounted at /root/syzkaller-testdir3473881269/syzkaller.HG4Dbp/161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  387.618856][ T8825] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  387.631017][ T8825] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  387.641329][ T8825] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz-executor.1: Failed to acquire dquot type 0
[  387.782103][ T5114] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  388.074647][ T5182] usb 5-1: USB disconnect, device number 15
[  388.085600][ T8835] loop3: detected capacity change from 0 to 8192
[  390.316538][ T8874] nfs: Unknown parameter '00000000000000000000'
[  390.328818][   T29] audit: type=1326 audit(1719029674.132:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc00207d0a9 code=0x0
[  392.187473][ T8882] loop0: detected capacity change from 0 to 512
[  392.309111][ T8882] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  392.323238][ T8882] ext4 filesystem being mounted at /root/syzkaller-testdir2996040370/syzkaller.IxnbMj/153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  392.376091][ T8882] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  392.386965][ T8882] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  392.397098][ T8882] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 0
[  392.444399][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  392.524065][ T5182] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  393.552878][ T5182] usb 6-1: Using ep0 maxpacket: 8
[  393.592957][ T5182] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  393.623990][ T5182] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  393.665499][ T5182] usb 6-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  393.779643][ T5182] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  393.836392][ T5182] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.871156][ T5182] usbtmc 6-1:16.0: bulk endpoints not found
[  393.892557][ T8903] loop2: detected capacity change from 0 to 16
[  393.938607][ T8903] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  394.098976][ T8899] loop0: detected capacity change from 0 to 8192
[  394.123683][ T5182] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  395.305034][ T5186] usb 6-1: USB disconnect, device number 17
[  396.222238][ T8931] nfs: Unknown parameter '00000000000000000000'
[  396.304015][   T29] audit: type=1326 audit(1719029680.042:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8921 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc00207d0a9 code=0x0
[  397.584729][ T8940] loop4: detected capacity change from 0 to 512
[  397.862876][ T8940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  397.876305][ T8940] ext4 filesystem being mounted at /root/syzkaller-testdir1689198159/syzkaller.ARcHxO/144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.681024][ T8940] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  398.692040][ T8940] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  398.702064][ T8940] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 0
[  398.847453][ T5119] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  399.211890][ T8960] loop5: detected capacity change from 0 to 40427
[  399.454347][ T8960] F2FS-fs (loop5): invalid crc value
[  399.566031][ T8966] No such timeout policy "syz0"
[  401.159501][ T8960] F2FS-fs (loop5): Found nat_bits in checkpoint
[  401.286893][ T8960] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  401.713554][ T8975] syz-executor.5: attempt to access beyond end of device
[  401.713554][ T8975] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  401.732624][ T8975] syz-executor.5: attempt to access beyond end of device
[  401.732624][ T8975] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  403.340983][   T29] audit: type=1800 audit(1719029685.502:64): pid=8975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file2" dev="overlay" ino=28 res=0 errno=0
[  403.733131][ T8975] syz-executor.5: attempt to access beyond end of device
[  403.733131][ T8975] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  403.764605][   T29] audit: type=1804 audit(1719029685.562:65): pid=8975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir4228010292/syzkaller.zVH6gS/171/file0/bus/file2" dev="overlay" ino=28 res=1 errno=0
[  403.860411][   T29] audit: type=1800 audit(1719029687.562:66): pid=8975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.5" name="file2" dev="overlay" ino=28 res=0 errno=0
[  403.995926][ T5113] syz-executor.5: attempt to access beyond end of device
[  403.995926][ T5113] loop5: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  404.319608][ T5113] syz-executor.5: attempt to access beyond end of device
[  404.319608][ T5113] loop5: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  404.506914][ T8987] nfs: Unknown parameter '00000000000000000000'
[  404.537229][   T29] audit: type=1326 audit(1719029688.322:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9aa407d0a9 code=0x0
[  404.662844][ T5186] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  405.070041][ T5186] usb 2-1: Using ep0 maxpacket: 8
[  405.144034][ T5186] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  405.258323][ T5186] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  405.343894][ T5186] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  405.497863][ T5186] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  405.507806][ T5186] usb 2-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  405.533971][ T5186] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  405.543088][ T5186] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.581733][ T5186] usbtmc 2-1:16.0: bulk endpoints not found
[  407.099347][ T5372] kworker/u8:29: attempt to access beyond end of device
[  407.099347][ T5372] loop5: rw=2049, sector=40960, nr_sectors = 136 limit=40427
[  407.124073][ T5124] usb 2-1: USB disconnect, device number 20
[  408.232380][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  408.304702][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  408.311717][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  408.506402][ T9061] loop2: detected capacity change from 0 to 512
[  408.525166][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  408.532166][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  408.855691][ T9066] No such timeout policy "syz0"
[  409.220384][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  409.997845][ T9064] loop3: detected capacity change from 0 to 8192
[  410.085611][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.104558][ T9061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  410.117368][ T9061] ext4 filesystem being mounted at /root/syzkaller-testdir371858491/syzkaller.j6PFLI/157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  410.142681][ T9061] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  410.153522][ T9061] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  410.163595][ T9061] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 0
[  410.244046][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.251064][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.328577][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.357483][ T5115] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  410.384153][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.391111][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.507537][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.789880][ T9077] loop1: detected capacity change from 0 to 40427
[  410.811683][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.841027][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  410.984242][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  411.003877][ T5372] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  415.953276][ T9094] loop1: detected capacity change from 0 to 40427
[  415.966009][ T9097] nfs: Unknown parameter '00000000000000000000'
[  415.997959][   T29] audit: type=1326 audit(1719029699.782:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9088 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9aa407d0a9 code=0x0
[  418.389105][ T9107] loop1: detected capacity change from 0 to 1024
[  418.685347][ T9107] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.850953][   T45] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  419.455560][ T5322] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.575477][   T45] usb 3-1: Using ep0 maxpacket: 8
[  420.617900][   T45] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  420.652032][   T45] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  420.694048][   T45] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  420.754095][   T45] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  420.818447][   T45] usb 3-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  420.854601][   T29] audit: type=1800 audit(1719029704.642:69): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1956 res=0 errno=0
[  420.875729][   T45] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  420.891609][ T5114] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.926046][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.998737][   T45] usbtmc 3-1:16.0: bulk endpoints not found
[  421.179669][ T5322] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.265710][ T5231] usb 3-1: USB disconnect, device number 9
[  421.477771][ T5124] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  421.499074][ T5322] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.531224][ T9129] loop3: detected capacity change from 0 to 8192
[  421.697767][ T9132] No such timeout policy "syz0"
[  421.940160][ T5124] usb 5-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  422.334018][ T5124] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 184
[  422.374867][ T5124] usb 5-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  422.433736][ T9135] loop2: detected capacity change from 0 to 512
[  422.481283][ T5124] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.576371][ T9135] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  422.589334][ T9135] ext4 filesystem being mounted at /root/syzkaller-testdir371858491/syzkaller.j6PFLI/160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.612876][ T9135] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  422.624360][ T9135] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  422.637856][ T9135] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 0
[  422.655333][ T5124] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  422.688124][ T5322] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.781118][ T5115] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  422.844044][ T5124] gspca_sn9c2028: read1 error -32
[  422.869570][ T5124] gspca_sn9c2028: read1 error -32
[  423.640827][ T5181] usb 5-1: USB disconnect, device number 16
[  423.809791][ T5322] bridge_slave_1: left allmulticast mode
[  423.822217][ T5322] bridge_slave_1: left promiscuous mode
[  423.846805][ T5322] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.175606][ T5322] bridge_slave_0: left allmulticast mode
[  424.194319][ T5322] bridge_slave_0: left promiscuous mode
[  424.232387][ T5322] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.255941][ T9161] nfs: Unknown parameter '00000000000000000000'
[  425.812396][ T9171] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  425.824896][ T9171] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.4'.
[  425.834339][ T9171] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'.
[  425.843631][ T9171] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  425.858310][ T5140] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  426.721182][ T5113] syz-executor.5 (5113) used greatest stack depth: 18736 bytes left
[  426.766051][ T5231] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  426.977574][ T5231] usb 4-1: Using ep0 maxpacket: 8
[  426.985448][ T5231] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  426.996933][ T5231] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  427.035018][ T5231] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  427.063373][ T5231] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  427.089709][ T5231] usb 4-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  427.120998][ T5231] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  427.131314][ T5231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.188570][ T5231] usbtmc 4-1:16.0: bulk endpoints not found
[  427.300567][ T2526] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  427.527693][ T2526] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  427.553984][ T5322] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.554295][ T2526] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  427.587209][ T5322] bond0 (unregistering): Released all slaves
[  427.603164][ T2526] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  427.633205][ T2526] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  427.658302][ T5322] bond1 (unregistering): Released all slaves
[  427.666774][ T2526] usb 5-1: Manufacturer: syz
[  427.686324][ T2526] usb 5-1: config 0 descriptor??
[  427.701807][ T2526] igorplugusb 5-1:0.0: incorrect number of endpoints
[  428.414140][ T5181] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  428.480970][ T9188] loop0: detected capacity change from 0 to 8192
[  428.522017][ T5128] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  428.535238][ T5128] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  428.548687][ T5128] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  428.565533][ T5128] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  428.576457][ T5128] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  428.585943][ T5128] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  428.679209][ T5181] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  428.693274][ T5181] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  428.710960][ T5181] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  428.723125][ T5181] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.797605][ T5181] usb 2-1: config 0 descriptor??
[  428.808159][ T5181] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  429.881542][ T5181] usb 4-1: USB disconnect, device number 10
[  430.030809][ T9204] loop3: detected capacity change from 0 to 256
[  430.069651][ T9204] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  430.886380][ T5128] Bluetooth: hci1: command tx timeout
[  431.314869][   T25] usb 2-1: USB disconnect, device number 21
[  431.689986][ T9214] loop2: detected capacity change from 0 to 256
[  432.664715][ T5128] Bluetooth: hci5: ACL packet for unknown connection handle 200
[  432.904704][ T5128] Bluetooth: hci1: command tx timeout
[  433.101760][ T5322] hsr_slave_0: left promiscuous mode
[  433.674275][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  433.830621][ T9224] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.3'.
[  433.840478][ T9224] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[  433.849738][ T9224] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  433.919409][ T9225] loop0: detected capacity change from 0 to 16
[  433.933493][ T9225] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  433.946887][ T5322] hsr_slave_1: left promiscuous mode
[  433.947884][   T25] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  434.135593][ T5322] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  434.143392][ T5322] batman_adv: batadv0: Removing interface: batadv_slave_0
[  434.181972][ T5322] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  434.201967][ T5322] batman_adv: batadv0: Removing interface: batadv_slave_1
[  434.237654][ T5124] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  434.295989][ T5322] veth1_macvtap: left promiscuous mode
[  434.314187][   T25] usb 2-1: Using ep0 maxpacket: 8
[  434.323209][ T5322] veth0_macvtap: left promiscuous mode
[  434.331535][   T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  434.344199][ T5322] veth1_vlan: left promiscuous mode
[  434.351979][   T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  434.364154][ T5322] veth0_vlan: left promiscuous mode
[  434.375115][   T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  434.386893][   T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  434.413964][   T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  434.435778][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.559183][   T25] usb 2-1: usb_control_msg returned -71
[  434.578422][   T25] usbtmc 2-1:16.0: can't read capabilities
[  434.628601][   T25] usb 2-1: USB disconnect, device number 22
[  434.984251][ T5128] Bluetooth: hci1: command tx timeout
[  435.852617][ T5322] team0 (unregistering): Port device team_slave_1 removed
[  435.942679][ T5322] team0 (unregistering): Port device team_slave_0 removed
[  437.064363][ T5128] Bluetooth: hci1: command tx timeout
[  437.929028][ T9252] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  438.293700][ T9257] loop0: detected capacity change from 0 to 2048
[  438.425155][ T5181] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  438.578546][ T9257] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.395120][ T5181] usb 2-1: Using ep0 maxpacket: 8
[  439.416354][ T5181] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  439.443347][ T5181] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  439.476291][ T9195] chnl_net:caif_netlink_parms(): no params data found
[  439.487979][ T5181] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  439.508971][ T5181] usb 2-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  439.556339][ T5181] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  439.584554][ T5181] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  439.602500][   T29] audit: type=1800 audit(1719029723.402:70): pid=9274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=18 res=0 errno=0
[  439.636551][ T5181] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.679174][ T5181] usbtmc 2-1:16.0: bulk endpoints not found
[  439.989486][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.084552][ T5128] Bluetooth: hci5: ACL packet for unknown connection handle 200
[  441.995904][ T9195] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.003438][ T9195] bridge0: port 1(bridge_slave_0) entered disabled state
[  442.047663][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  442.055104][ T9195] bridge_slave_0: entered allmulticast mode
[  442.194387][ T9282] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.3'.
[  442.203745][ T9282] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[  442.213063][ T9282] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  442.429448][ T9195] bridge_slave_0: entered promiscuous mode
[  442.460488][   T45] usb 2-1: USB disconnect, device number 23
[  442.517302][ T9195] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.565651][ T9195] bridge0: port 2(bridge_slave_1) entered disabled state
[  442.573097][ T9195] bridge_slave_1: entered allmulticast mode
[  442.717343][ T9195] bridge_slave_1: entered promiscuous mode
[  442.741776][ T5124] usb 5-1: USB disconnect, device number 17
[  442.958075][ T9195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.017076][ T9195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.097544][ T9290] loop0: detected capacity change from 0 to 256
[  443.265166][ T9195] team0: Port device team_slave_0 added
[  443.309674][ T9195] team0: Port device team_slave_1 added
[  443.336141][ T9290] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  444.519646][ T9313] loop2: detected capacity change from 0 to 136
[  444.601751][ T9313] iso9660: Bad value for 'map'
[  444.649676][ T9195] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.664107][ T9195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.741546][ T9195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.777893][ T9195] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.804344][ T9195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.028852][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  446.045745][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  446.316838][ T9195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.814236][ T5122] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  446.851555][ T9374] loop2: detected capacity change from 0 to 512
[  447.007641][ T9376] loop4: detected capacity change from 0 to 2048
[  447.063887][ T5122] usb 4-1: Using ep0 maxpacket: 8
[  447.098405][ T5122] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  447.159211][ T5122] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  447.255621][ T9376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.314044][ T5122] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  447.439011][ T5122] usb 4-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  447.509175][ T5122] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  447.592101][ T5122] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  447.637898][ T9374] EXT4-fs (sda1): changing journal_checksum during remount not supported; ignoring
[  447.674151][ T9374] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: journalled.
[  447.691267][   T29] audit: type=1800 audit(1719029731.472:71): pid=9380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  447.697027][ T9195] hsr_slave_0: entered promiscuous mode
[  447.733970][ T5122] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.786266][ T5122] usbtmc 4-1:16.0: bulk endpoints not found
[  447.846980][ T9195] hsr_slave_1: entered promiscuous mode
[  448.187285][ T5119] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.303948][ T5124] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  448.525084][ T5124] usb 1-1: Using ep0 maxpacket: 8
[  448.565541][ T5124] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  448.587247][ T5124] usb 1-1: config 179 has no interface number 0
[  448.618843][ T5124] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  448.670297][ T5124] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  448.717782][ T5124] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  448.732821][ T5124] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  448.813133][ T9388] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.827331][ T9388] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.836773][ T9388] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.846840][ T9388] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.858106][ T5128] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  449.550926][ T5124] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  449.566547][ T5124] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  449.575768][ T5124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.586002][ T5231] usb 4-1: USB disconnect, device number 11
[  449.597754][ T9383] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  449.615590][ T5124] xpad 1-1:179.65: probe with driver xpad failed with error -5
[  449.874093][ T5231] usb 1-1: USB disconnect, device number 9
[  449.944879][ T9195] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  450.012708][ T9195] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  450.098117][ T9195] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  450.121036][ T9195] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  450.313952][   T45] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  450.498249][ T9195] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.534976][   T45] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  450.555630][   T45] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  450.604987][   T45] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  450.623005][ T9195] 8021q: adding VLAN 0 to HW filter on device team0
[  450.630025][   T45] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  450.651269][   T45] usb 2-1: Manufacturer: syz
[  450.660754][ T2526] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.669990][ T2526] bridge0: port 1(bridge_slave_0) entered forwarding state
[  450.689624][   T45] usb 2-1: config 0 descriptor??
[  450.715727][ T2526] bridge0: port 2(bridge_slave_1) entered blocking state
[  450.722911][ T2526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  450.731051][   T45] igorplugusb 2-1:0.0: incorrect number of endpoints
[  452.041119][ T9408] loop3: detected capacity change from 0 to 256
[  452.295352][ T9408] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  452.337377][ T9418] loop2: detected capacity change from 0 to 256
[  452.489636][ T9421] loop0: detected capacity change from 0 to 128
[  452.622817][ T9418] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  452.830041][ T9427] sctp: [Deprecated]: syz-executor.0 (pid 9427) Use of int in max_burst socket option deprecated.
[  452.830041][ T9427] Use struct sctp_assoc_value instead
[  453.248450][ T5122] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  453.367457][ T9195] 8021q: adding VLAN 0 to HW filter on device batadv0
[  453.491399][ T5122] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  453.526924][ T5122] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  453.572346][ T9431] loop3: detected capacity change from 0 to 2048
[  453.599924][ T5122] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  453.633631][ T5122] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  453.702064][ T5122] usb 5-1: Manufacturer: syz
[  453.732172][ T9431] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  453.762121][ T5122] usb 5-1: config 0 descriptor??
[  453.843143][ T5122] igorplugusb 5-1:0.0: incorrect number of endpoints
[  453.960229][   T29] audit: type=1800 audit(1719029737.752:72): pid=9431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  454.279516][   T29] audit: type=1800 audit(1719029738.082:73): pid=9431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  454.822915][ T9452] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  454.833250][ T9452] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.2'.
[  454.842875][ T9452] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  454.852218][ T9452] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  454.864640][ T5128] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  455.631388][ T5122] usb 2-1: USB disconnect, device number 24
[  455.746431][ T5118] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.533952][   T45] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  456.747346][   T45] usb 3-1: Using ep0 maxpacket: 8
[  456.760578][   T45] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  456.779260][   T45] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  456.823666][   T45] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  456.839367][ T9462] loop1: detected capacity change from 0 to 40427
[  456.873246][ T9195] veth0_vlan: entered promiscuous mode
[  456.881214][   T45] usb 3-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  456.883054][ T9462] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  456.900137][ T9462] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  456.993538][   T45] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  457.053754][ T9195] veth1_vlan: entered promiscuous mode
[  457.065121][ T9462] F2FS-fs (loop1): Found nat_bits in checkpoint
[  457.125334][ T9462] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  457.132428][ T9462] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  457.169602][   T45] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  457.231653][ T9462] syz-executor.1: attempt to access beyond end of device
[  457.231653][ T9462] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  457.246968][ T9462] syz-executor.1: attempt to access beyond end of device
[  457.246968][ T9462] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  457.273943][   T29] audit: type=1800 audit(1719029741.032:74): pid=9462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=10 res=0 errno=0
[  459.052254][ T9462] syz-executor.1: attempt to access beyond end of device
[  459.052254][ T9462] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  459.131570][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.274346][   T29] audit: type=1804 audit(1719029741.082:75): pid=9462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3473881269/syzkaller.HG4Dbp/186/bus/file1" dev="loop1" ino=10 res=1 errno=0
[  459.292562][   T45] usb 3-1: can't set config #16, error -71
[  459.395860][   T45] usb 3-1: USB disconnect, device number 10
[  459.437883][ T5114] syz-executor.1: attempt to access beyond end of device
[  459.437883][ T5114] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  459.523042][   T29] audit: type=1800 audit(1719029742.882:76): pid=9462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file1" dev="loop1" ino=10 res=0 errno=0
[  459.564197][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  459.586638][ T9471] loop3: detected capacity change from 0 to 1024
[  459.599436][ T9195] veth0_macvtap: entered promiscuous mode
[  459.808894][ T9195] veth1_macvtap: entered promiscuous mode
[  460.024555][ T9471] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  460.483430][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.214769][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.242601][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.254049][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.268743][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.285534][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.304451][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.340335][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.374929][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.411945][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.477030][ T9195] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.633301][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.684527][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.720093][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.767784][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.813928][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.850011][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.890619][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.941925][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.992102][ T9195] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.033354][ T9195] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.072400][ T9195] batman_adv: batadv0: Interface activated: batadv_slave_1
[  462.179741][ T9195] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  462.211292][ T9195] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  462.258973][ T9195] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  462.284946][ T9195] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  462.368867][ T9478] No control pipe specified
[  462.556039][ T9482] loop2: detected capacity change from 0 to 256
[  462.592121][ T5124] usb 5-1: USB disconnect, device number 18
[  462.902275][ T9482] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  462.967425][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.996420][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.195189][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.205401][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.239266][   T29] audit: type=1800 audit(1719029747.032:77): pid=9486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1947 res=0 errno=0
[  463.683985][ T5182] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  464.016370][ T5182] usb 5-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  464.091106][ T9492] loop3: detected capacity change from 0 to 256
[  464.101806][ T5182] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 184
[  464.239977][ T5182] usb 5-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  464.361171][ T5182] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.477753][ T5182] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  464.495940][ T9498] loop5: detected capacity change from 0 to 512
[  464.542781][ T9499] binder: 9497:9499 ioctl 4018620d 0 returned -22
[  464.544659][ T9492] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  464.651108][ T9498] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  464.666408][ T9498] ext4 filesystem being mounted at /root/syzkaller-testdir2098667093/syzkaller.YS0kul/0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.774784][ T9498] Quota error (device loop5): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  464.804333][ T9498] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  464.846383][ T9498] EXT4-fs error (device loop5): ext4_acquire_dquot:6860: comm syz-executor.5: Failed to acquire dquot type 0
[  464.897536][ T5182] gspca_sn9c2028: read1 error -71
[  464.955861][ T5182] gspca_sn9c2028: read1 error -71
[  464.971976][ T5182] sn9c2028 5-1:220.0: probe with driver sn9c2028 failed with error -71
[  465.037871][ T5182] usb 5-1: USB disconnect, device number 19
[  465.045897][ T9195] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  465.240915][ T9504] loop2: detected capacity change from 0 to 2048
[  465.335610][ T9504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  465.355621][   T29] audit: type=1800 audit(1719029749.162:78): pid=9504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0
[  465.598476][   T29] audit: type=1800 audit(1719029749.402:79): pid=9504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0
[  466.182117][ T5115] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.634412][ T5182] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  466.836255][ T5182] usb 4-1: Using ep0 maxpacket: 8
[  467.261750][ T9524] loop2: detected capacity change from 0 to 40427
[  467.282497][ T5182] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  467.282520][ T9528] loop4: detected capacity change from 0 to 136
[  467.299394][ T9524] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  467.307229][ T9524] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  467.316816][ T9528] iso9660: Bad value for 'map'
[  467.331664][ T5182] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  467.341845][ T5182] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  467.352087][ T5182] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  467.363007][ T5182] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  467.373767][ T5182] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  467.391159][ T9524] F2FS-fs (loop2): Found nat_bits in checkpoint
[  467.460381][ T5182] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  467.470483][ T5182] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.489547][ T5182] usbtmc 4-1:16.0: probe with driver usbtmc failed with error -22
[  467.508933][ T9524] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  467.516099][ T9524] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  467.755644][   T29] audit: type=1800 audit(1719029751.502:80): pid=9537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=10 res=0 errno=0
[  467.831453][ T9537] syz-executor.2: attempt to access beyond end of device
[  467.831453][ T9537] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  467.848881][ T9537] syz-executor.2: attempt to access beyond end of device
[  467.848881][ T9537] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  467.892529][   T29] audit: type=1804 audit(1719029751.682:81): pid=9538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir371858491/syzkaller.j6PFLI/186/bus/file1" dev="loop2" ino=10 res=1 errno=0
[  468.051340][ T9535] loop4: detected capacity change from 0 to 512
[  468.562996][ T9539] loop5: detected capacity change from 0 to 128
[  468.637990][ T9535] EXT4-fs (sda1): changing journal_checksum during remount not supported; ignoring
[  468.719352][ T9535] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: journalled.
[  473.333331][ T5182] usb 4-1: USB disconnect, device number 12
[  473.426547][   T29] audit: type=1804 audit(1719029757.232:82): pid=9536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir371858491/syzkaller.j6PFLI/186/bus/file1" dev="loop2" ino=10 res=1 errno=0
[  473.581036][   T29] audit: type=1800 audit(1719029757.282:83): pid=9538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=10 res=0 errno=0
[  474.109030][ T5115] syz-executor.2: attempt to access beyond end of device
[  474.109030][ T5115] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  474.124189][ T5115] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  474.212821][ T9545] loop3: detected capacity change from 0 to 2048
[  474.351025][ T9545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  474.475151][ T9552] binder: 9548:9552 ioctl 4018620d 0 returned -22
[  474.617664][ T5118] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.654029][   T45] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  474.858458][   T45] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  474.882109][   T45] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.921612][   T45] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  474.957885][   T45] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  474.987308][   T45] usb 2-1: Manufacturer: syz
[  475.026137][   T45] usb 2-1: config 0 descriptor??
[  475.053571][   T45] igorplugusb 2-1:0.0: incorrect number of endpoints
[  475.470407][   T29] audit: type=1800 audit(1719029759.252:84): pid=9562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1972 res=0 errno=0
[  475.804377][ T5181] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  476.025346][ T5181] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  476.040116][ T9568] loop4: detected capacity change from 0 to 2048
[  476.046779][ T5181] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184
[  476.063018][ T5181] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  476.093321][ T5181] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.135744][ T5181] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  476.217244][ T9568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  476.324027][   T29] audit: type=1800 audit(1719029760.122:85): pid=9568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  476.537968][ T5181] gspca_sn9c2028: read1 error -71
[  476.561224][ T5181] gspca_sn9c2028: read1 error -71
[  476.580270][   T29] audit: type=1800 audit(1719029760.382:86): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  476.625396][ T5181] sn9c2028 4-1:220.0: probe with driver sn9c2028 failed with error -71
[  476.713426][ T5181] usb 4-1: USB disconnect, device number 13
[  476.869649][ T5119] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.360745][ T5186] usb 2-1: USB disconnect, device number 25
[  478.739067][ T5182] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  478.788858][ T9593] loop1: detected capacity change from 0 to 136
[  478.824383][ T9593] iso9660: Bad value for 'map'
[  478.934120][ T5182] usb 4-1: Using ep0 maxpacket: 8
[  478.964325][ T5182] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  478.991701][ T5182] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  479.054588][ T5182] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  479.177363][ T5182] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  479.188068][ T5182] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  479.198260][ T5182] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  479.211683][ T5182] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  479.221592][ T5182] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.057824][ T9596] loop1: detected capacity change from 0 to 512
[  480.126560][ T5182] usbtmc 4-1:16.0: probe with driver usbtmc failed with error -22
[  480.137557][ T9596] EXT4-fs (sda1): changing journal_checksum during remount not supported; ignoring
[  480.175531][ T9596] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: journalled.
[  480.639814][ T9601] loop5: detected capacity change from 0 to 2048
[  480.740842][ T9601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.789394][ T9607] loop2: detected capacity change from 0 to 512
[  480.898508][ T9607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  480.914181][ T9607] ext4 filesystem being mounted at /root/syzkaller-testdir371858491/syzkaller.j6PFLI/187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  480.957043][ T9195] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.977688][ T9607] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  481.003372][ T9607] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  481.025368][ T9607] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 0
[  481.227873][ T5115] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  481.357769][ T5182] usb 4-1: USB disconnect, device number 14
[  481.580975][ T9618] loop4: detected capacity change from 0 to 2048
[  481.677253][ T9618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.760790][   T29] audit: type=1800 audit(1719029765.562:87): pid=9618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  481.937484][   T29] audit: type=1800 audit(1719029765.742:88): pid=9630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=18 res=0 errno=0
[  482.033984][ T9631] loop2: detected capacity change from 0 to 1024
[  482.174498][ T9631] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  482.625332][ T5119] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.061301][ T9643] loop1: detected capacity change from 0 to 128
[  483.120522][ T9645] No control pipe specified
[  483.994474][ T5186] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  484.236691][ T5186] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  484.277870][ T5186] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  484.328304][ T5186] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  484.355964][ T5186] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  484.379229][ T9656] loop5: detected capacity change from 0 to 2048
[  484.394025][ T5186] usb 5-1: Manufacturer: syz
[  484.411595][ T5186] usb 5-1: config 0 descriptor??
[  484.431777][ T5186] igorplugusb 5-1:0.0: incorrect number of endpoints
[  484.686611][ T9656] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  485.327774][ T9656] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  485.517289][ T9663] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  485.932541][ T9670] loop2: detected capacity change from 0 to 1024
[  486.136991][ T9670] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  486.839689][ T9670] No control pipe specified
[  487.426482][ T5140] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  487.439947][ T5140] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  487.450042][ T5140] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  487.460098][ T5140] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  487.481024][ T5140] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  487.493735][ T5140] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  487.554989][ T9683] loop3: detected capacity change from 0 to 2048
[  487.735222][ T9683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.804148][   T29] audit: type=1800 audit(1719029771.592:89): pid=9683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  488.196604][   T29] audit: type=1800 audit(1719029772.002:90): pid=9690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  488.217163][    C1] vkms_vblank_simulate: vblank timer overrun
[  488.337679][ T5186] usb 5-1: USB disconnect, device number 20
[  488.843151][ T5118] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.144089][ T5186] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  489.395024][ T5186] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  489.443951][ T5186] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  489.526507][ T5186] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  489.545183][ T5140] Bluetooth: hci6: command tx timeout
[  489.569283][ T9680] chnl_net:caif_netlink_parms(): no params data found
[  489.586701][ T5186] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  489.688697][ T5186] usb 2-1: Manufacturer: syz
[  489.729641][ T5186] usb 2-1: config 0 descriptor??
[  489.892695][ T5186] igorplugusb 2-1:0.0: incorrect number of endpoints
[  490.304926][ T9680] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.336775][ T9680] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.362164][ T9717] loop4: detected capacity change from 0 to 128
[  490.364425][ T9680] bridge_slave_0: entered allmulticast mode
[  490.385490][ T9684] loop5: detected capacity change from 0 to 40427
[  490.431403][ T9680] bridge_slave_0: entered promiscuous mode
[  490.466519][ T9680] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.500480][ T9680] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.542165][ T9680] bridge_slave_1: entered allmulticast mode
[  490.576224][ T9680] bridge_slave_1: entered promiscuous mode
[  490.760329][ T9680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.807191][ T9680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.624739][ T5140] Bluetooth: hci6: command tx timeout
[  491.651187][ T9680] team0: Port device team_slave_0 added
[  491.923348][ T9680] team0: Port device team_slave_1 added
[  492.134342][ T9680] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.141509][ T9680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.167429][    C1] vkms_vblank_simulate: vblank timer overrun
[  492.213079][ T9680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  492.239352][ T9680] batman_adv: batadv0: Adding interface: batadv_slave_1
[  492.250393][ T9680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.283673][ T9680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  492.467896][ T9680] hsr_slave_0: entered promiscuous mode
[  493.097071][ T9680] hsr_slave_1: entered promiscuous mode
[  493.213910][ T5122] usb 2-1: USB disconnect, device number 26
[  493.227901][ T9736] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  493.277067][ T9680] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  493.290289][ T9680] Cannot create hsr debugfs directory
[  493.298786][ T9737] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  493.363976][ T5181] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  493.412636][ T9736] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  493.574853][ T5181] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  493.599467][ T5181] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  493.631858][ T5181] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  493.688296][ T5181] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  493.705674][ T5140] Bluetooth: hci6: command tx timeout
[  493.722526][ T5181] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  493.741546][ T5181] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  493.766957][ T5181] usb 3-1: Manufacturer: syz
[  493.786168][ T5181] usb 3-1: config 0 descriptor??
[  493.822745][   T29] audit: type=1800 audit(1719029777.622:91): pid=9745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1952 res=0 errno=0
[  494.784361][ T5181] appleir 0003:05AC:8243.0010: No inputs registered, leaving
[  494.884732][ T5181] appleir 0003:05AC:8243.0010: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  495.015517][ T9680] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.413050][ T9680] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.719510][ T9680] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.784835][ T5140] Bluetooth: hci6: command tx timeout
[  496.166851][ T9680] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  497.917474][ T5186] usb 3-1: USB disconnect, device number 11
[  498.214051][    T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  498.572319][ T9822] loop3: detected capacity change from 0 to 128
[  498.595614][    T9] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  498.621768][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.642789][    T9] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  498.691217][    T9] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  498.809416][    T9] usb 2-1: Manufacturer: syz
[  498.862744][    T9] usb 2-1: config 0 descriptor??
[  499.025757][ T9680] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  499.087841][    T9] usb 2-1: can't set config #0, error -71
[  499.116453][ T9680] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  499.411900][    T9] usb 2-1: USB disconnect, device number 27
[  499.867125][ T9827] loop5: detected capacity change from 0 to 256
[  499.889379][ T9680] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  499.976987][ T9680] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  500.107482][ T9827] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  500.486723][ T9680] 8021q: adding VLAN 0 to HW filter on device bond0
[  500.611161][ T9680] 8021q: adding VLAN 0 to HW filter on device team0
[  500.640420][ T5186] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.647798][ T5186] bridge0: port 1(bridge_slave_0) entered forwarding state
[  500.706597][ T5186] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.713936][ T5186] bridge0: port 2(bridge_slave_1) entered forwarding state
[  500.884063][   T45] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  501.745623][ T9845] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  501.901108][ T9845] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  501.966551][   T45] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  501.993878][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  502.024843][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  502.057198][   T45] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  502.086509][   T45] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  502.113977][   T45] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  502.122328][   T45] usb 3-1: Manufacturer: syz
[  502.183150][   T45] usb 3-1: config 0 descriptor??
[  502.981568][   T45] appleir 0003:05AC:8243.0011: No inputs registered, leaving
[  503.111410][   T45] appleir 0003:05AC:8243.0011: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  504.210312][ T5122] usb 3-1: USB disconnect, device number 12
[  504.477882][ T9680] 8021q: adding VLAN 0 to HW filter on device batadv0
[  504.727948][ T9680] veth0_vlan: entered promiscuous mode
[  504.831280][ T9680] veth1_vlan: entered promiscuous mode
[  505.270075][ T9680] veth0_macvtap: entered promiscuous mode
[  505.357437][ T9680] veth1_macvtap: entered promiscuous mode
[  507.127885][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.294362][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.374378][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.469666][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.471321][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  507.486975][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  507.575902][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.648040][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.669200][ T9936] binder: BINDER_SET_CONTEXT_MGR already set
[  507.702551][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.724127][ T9936] binder: 9935:9936 ioctl 4018620d 20000100 returned -16
[  507.768320][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.791905][ T9936] binder: BINDER_SET_CONTEXT_MGR already set
[  507.802045][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.832254][ T9936] binder: 9935:9936 ioctl 4018620d 20000040 returned -16
[  507.837985][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.871964][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  507.914069][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  507.978911][ T9680] batman_adv: batadv0: Interface activated: batadv_slave_0
[  507.993454][ T9941] loop2: detected capacity change from 0 to 128
[  508.093604][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.148732][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.188981][ T9942] loop3: detected capacity change from 0 to 1024
[  508.214184][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.243163][ T9942] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  508.290010][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.316235][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.357538][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.384718][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.437158][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.245264][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.290901][ T9942] No control pipe specified
[  509.494193][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.526346][ T9680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.563467][ T9680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.618614][ T9945] loop5: detected capacity change from 0 to 256
[  509.627835][ T9680] batman_adv: batadv0: Interface activated: batadv_slave_1
[  509.716551][ T9680] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  509.749412][ T9680] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  509.781998][ T9680] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  509.807311][ T9680] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  510.107110][ T9945] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  510.271751][ T9952] fuse: Bad value for 'fd'
[  510.437566][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  510.477121][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  510.618061][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  510.636142][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  512.306155][   T45] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  512.586331][   T45] usb 1-1: Using ep0 maxpacket: 8
[  512.784819][   T45] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  512.875278][   T45] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  512.928243][   T45] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  513.062072][   T45] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  513.124349][   T45] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  513.194678][   T45] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  513.264078][   T45] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  513.306376][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.394768][   T45] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -22
[  514.120161][ T9980] loop2: detected capacity change from 0 to 40427
[  514.183187][ T9980] F2FS-fs (loop2): invalid crc value
[  514.236751][ T9980] F2FS-fs (loop2): Found nat_bits in checkpoint
[  514.315105][ T9980] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  514.560898][ T9982] loop5: detected capacity change from 0 to 8192
[  514.700722][ T5181] usb 1-1: USB disconnect, device number 10
[  514.717222][ T5182] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  514.731188][   T29] audit: type=1800 audit(1719029798.522:92): pid=9990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="overlay" ino=28 res=0 errno=0
[  514.733290][ T9990] syz-executor.2: attempt to access beyond end of device
[  514.733290][ T9990] loop2: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  514.752108][    C0] vkms_vblank_simulate: vblank timer overrun
[  514.776762][ T9990] syz-executor.2: attempt to access beyond end of device
[  514.776762][ T9990] loop2: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  515.995086][   T29] audit: type=1804 audit(1719029798.602:93): pid=9992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir371858491/syzkaller.j6PFLI/201/file0/bus/file2" dev="overlay" ino=28 res=1 errno=0
[  516.021266][    C0] vkms_vblank_simulate: vblank timer overrun
[  516.914229][ T9992] syz-executor.2: attempt to access beyond end of device
[  516.914229][ T9992] loop2: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  517.172560][ T9995] syzkaller0: entered promiscuous mode
[  517.178295][ T9995] syzkaller0: entered allmulticast mode
[  517.233386][ T5182] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  517.305087][   T29] audit: type=1800 audit(1719029800.742:94): pid=9992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file2" dev="overlay" ino=28 res=0 errno=0
[  517.595741][ T5182] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  517.880806][ T5182] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  517.940070][ T5182] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  517.991224][ T5182] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.098466][ T5182] usb 4-1: config 0 descriptor??
[  518.133019][ T5182] usb 4-1: can't set config #0, error -71
[  518.157457][ T5115] syz-executor.2: attempt to access beyond end of device
[  518.157457][ T5115] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  518.176719][ T5182] usb 4-1: USB disconnect, device number 15
[  518.274141][ T5115] syz-executor.2: attempt to access beyond end of device
[  518.274141][ T5115] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  518.949417][ T1095] kworker/u8:8: attempt to access beyond end of device
[  518.949417][ T1095] loop2: rw=2049, sector=40960, nr_sectors = 136 limit=40427
[  519.028033][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.074356][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.100868][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.155555][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.188853][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.212968][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.232123][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.250675][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.270035][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.286787][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.312071][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.327764][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.344083][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.359830][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.425788][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.466877][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.514033][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  520.296974][T10007] fuse: Bad value for 'group_id'
[  520.326038][   T29] audit: type=1804 audit(1719029804.122:95): pid=10007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1623026304/syzkaller.A4Btwk/216/file0" dev="sda1" ino=1967 res=1 errno=0
[  522.502311][T10016] loop0: detected capacity change from 0 to 256
[  522.899708][T10016] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  523.027036][ T5328] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.576927][ T5328] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.943751][ T5328] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  524.288741][ T5328] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.239221][ T5328] bridge_slave_1: left allmulticast mode
[  525.271818][ T5328] bridge_slave_1: left promiscuous mode
[  525.274206][ T5122] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  525.294531][ T5328] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.590249][ T5328] bridge_slave_0: left allmulticast mode
[  525.604585][ T5328] bridge_slave_0: left promiscuous mode
[  525.625032][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.634380][ T5122] usb 4-1: device descriptor read/all, error -71
[  527.674153][ T9848] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  527.875842][ T9848] usb 6-1: Using ep0 maxpacket: 8
[  527.890356][ T9848] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  527.934224][ T9848] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  528.002369][ T9848] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  528.041094][ T9848] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  528.052688][   T29] audit: type=1800 audit(1719029811.842:96): pid=10046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1969 res=0 errno=0
[  528.114069][ T9848] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  528.170255][ T9848] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  528.214184][ T9848] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.305772][   T45] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  528.527378][   T45] usb 2-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  528.561026][T10050] loop3: detected capacity change from 0 to 40427
[  528.574615][   T45] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 184
[  528.630786][T10050] F2FS-fs (loop3): invalid crc value
[  528.635458][ T9848] usb 6-1: usb_control_msg returned -71
[  528.648121][ T9848] usbtmc 6-1:16.0: can't read capabilities
[  528.658289][   T45] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  528.671705][T10050] F2FS-fs (loop3): Found nat_bits in checkpoint
[  528.685358][ T9848] usb 6-1: USB disconnect, device number 18
[  528.691626][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.776265][T10050] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  528.779025][   T45] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  528.973506][   T45] gspca_sn9c2028: read1 error -32
[  529.174257][   T29] audit: type=1800 audit(1719029812.972:97): pid=10055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file2" dev="overlay" ino=28 res=0 errno=0
[  529.182410][T10055] syz-executor.3: attempt to access beyond end of device
[  529.182410][T10055] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  529.213251][T10055] syz-executor.3: attempt to access beyond end of device
[  529.213251][T10055] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  529.242457][   T45] gspca_sn9c2028: read1 error -71
[  529.264473][   T45] sn9c2028 2-1:220.0: probe with driver sn9c2028 failed with error -71
[  529.363995][   T29] audit: type=1804 audit(1719029813.042:98): pid=10055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1623026304/syzkaller.A4Btwk/220/file0/bus/file2" dev="overlay" ino=28 res=1 errno=0
[  529.421884][   T45] usb 2-1: USB disconnect, device number 28
[  531.473132][T10055] syz-executor.3: attempt to access beyond end of device
[  531.473132][T10055] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  531.508650][   T29] audit: type=1800 audit(1719029815.302:99): pid=10055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file2" dev="overlay" ino=28 res=0 errno=0
[  531.695897][ T5118] syz-executor.3: attempt to access beyond end of device
[  531.695897][ T5118] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  531.781701][ T5118] syz-executor.3: attempt to access beyond end of device
[  531.781701][ T5118] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  532.378926][ T5349] kworker/u8:23: attempt to access beyond end of device
[  532.378926][ T5349] loop3: rw=2049, sector=40960, nr_sectors = 136 limit=40427
[  532.430569][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.458473][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.483923][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.491419][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.496760][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.569188][ T5328] bond0 (unregistering): Released all slaves
[  532.579032][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.622567][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.655130][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.701457][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.755801][ T5128] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  532.772988][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.773192][ T5128] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  532.795489][ T5128] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  532.828331][ T5128] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  532.841075][ T5128] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  532.849084][ T5128] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  532.862840][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.937868][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.984924][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.992568][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  532.999788][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  533.007860][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  533.021382][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  533.029618][ T5349] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  533.361037][ T5128] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  533.373635][ T5128] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  533.382128][ T5128] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  533.390434][T10061] loop1: detected capacity change from 0 to 32768
[  533.400796][ T5128] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  533.408913][ T5128] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  533.417575][ T5128] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  534.985153][ T5140] Bluetooth: hci3: command tx timeout
[  535.454930][ T5122] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  535.464504][ T5140] Bluetooth: hci4: command tx timeout
[  535.500817][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  535.609920][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  535.656645][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  535.683007][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  535.743536][ T5122] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  535.774065][ T5122] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  535.792393][ T5328] veth1_macvtap: left promiscuous mode
[  535.838201][ T5328] veth0_macvtap: left promiscuous mode
[  535.857180][ T5122] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  535.868230][ T5328] veth1_vlan: left promiscuous mode
[  535.887729][ T5328] veth0_vlan: left promiscuous mode
[  535.893400][ T5122] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  535.935313][ T5122] usb 1-1: Manufacturer: syz
[  536.006283][ T5122] usb 1-1: config 0 descriptor??
[  536.043251][T10087] loop1: detected capacity change from 0 to 1024
[  536.045158][ T5122] igorplugusb 1-1:0.0: incorrect number of endpoints
[  536.181892][T10087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  537.064169][ T5140] Bluetooth: hci3: command tx timeout
[  537.546189][ T5140] Bluetooth: hci4: command tx timeout
[  538.404176][ T5124] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  538.445272][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  538.604013][ T5124] usb 2-1: Using ep0 maxpacket: 8
[  538.611740][ T5124] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  538.629286][ T5124] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  538.645110][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  538.663904][ T5124] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  538.673735][ T5124] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  538.695791][ T5124] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  538.709748][ T5124] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  538.720103][ T5124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.971706][ T5124] usb 2-1: usb_control_msg returned -71
[  538.994621][ T5124] usbtmc 2-1:16.0: can't read capabilities
[  539.024741][ T5124] usb 2-1: USB disconnect, device number 29
[  539.144666][ T5140] Bluetooth: hci3: command tx timeout
[  539.199302][ T5128] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  539.210077][ T5128] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  539.218756][ T5128] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  539.232135][ T5128] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  539.241238][ T5128] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  539.249377][ T5128] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  539.634376][ T5140] Bluetooth: hci4: command tx timeout
[  540.435359][   T45] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  540.641473][   T45] usb 2-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  540.674264][   T45] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 184
[  540.704036][   T45] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  540.716474][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.782024][   T45] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  540.993479][   T45] gspca_sn9c2028: read1 error -32
[  541.287905][ T5140] Bluetooth: hci3: command tx timeout
[  541.385722][ T5140] Bluetooth: hci5: command tx timeout
[  541.742824][ T5140] Bluetooth: hci4: command tx timeout
[  541.956629][   T45] gspca_sn9c2028: read1 error -32
[  542.189485][ T5122] usb 2-1: USB disconnect, device number 30
[  542.669149][ T5328] IPVS: stop unused estimator thread 0...
[  542.913872][ T5124] usb 1-1: USB disconnect, device number 11
[  542.973542][T10066] chnl_net:caif_netlink_parms(): no params data found
[  543.427567][T10070] chnl_net:caif_netlink_parms(): no params data found
[  543.465826][ T5140] Bluetooth: hci5: command tx timeout
[  545.532178][ T5328] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  545.577692][ T5140] Bluetooth: hci5: command tx timeout
[  547.446418][   T29] audit: type=1800 audit(1719029831.232:100): pid=10201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  547.634260][ T5140] Bluetooth: hci5: command tx timeout
[  547.805268][   T45] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  548.006347][ T5328] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.099606][   T45] usb 2-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  548.108693][   T45] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 184
[  548.133990][   T45] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  548.149328][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.187638][   T45] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  548.211350][T10204] loop0: detected capacity change from 0 to 256
[  548.237288][ T5328] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.254620][T10066] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.261861][T10066] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.311740][T10066] bridge_slave_0: entered allmulticast mode
[  548.349739][T10066] bridge_slave_0: entered promiscuous mode
[  548.384587][   T45] gspca_sn9c2028: read1 error -32
[  548.408419][T10204] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  548.423483][T10066] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.436435][T10066] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.444047][ T5122] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  548.453282][T10066] bridge_slave_1: entered allmulticast mode
[  548.465665][T10066] bridge_slave_1: entered promiscuous mode
[  548.485086][T10094] chnl_net:caif_netlink_parms(): no params data found
[  548.577340][ T5328] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.597953][   T45] gspca_sn9c2028: read1 error -71
[  548.615894][   T45] sn9c2028 2-1:220.0: probe with driver sn9c2028 failed with error -71
[  548.624655][ T5122] usb 6-1: Using ep0 maxpacket: 8
[  548.631932][ T5122] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  548.660654][   T45] usb 2-1: USB disconnect, device number 31
[  548.666802][ T5122] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  548.666837][ T5122] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  548.666869][ T5122] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  548.789518][ T5122] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  548.804121][ T5122] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  548.818944][ T5122] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.904265][T10070] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.921489][T10070] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.932803][T10070] bridge_slave_0: entered allmulticast mode
[  548.945049][T10070] bridge_slave_0: entered promiscuous mode
[  548.968061][T10070] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.992086][T10070] bridge0: port 2(bridge_slave_1) entered disabled state
[  549.001921][T10070] bridge_slave_1: entered allmulticast mode
[  549.011752][T10070] bridge_slave_1: entered promiscuous mode
[  549.031326][T10066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.055386][ T5122] usb 6-1: usb_control_msg returned -71
[  549.061083][ T5122] usbtmc 6-1:16.0: can't read capabilities
[  549.126012][ T5122] usb 6-1: USB disconnect, device number 19
[  549.245620][T10066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  549.446403][T10070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.876234][T10070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  549.891657][T10218] loop1: detected capacity change from 0 to 256
[  549.933367][T10066] team0: Port device team_slave_0 added
[  549.990244][T10066] team0: Port device team_slave_1 added
[  550.061414][T10094] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.091967][T10094] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.104012][T10218] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  550.129808][T10094] bridge_slave_0: entered allmulticast mode
[  550.164345][T10094] bridge_slave_0: entered promiscuous mode
[  550.179204][T10222] loop5: detected capacity change from 0 to 1024
[  550.332485][T10222] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  550.623055][T10094] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.641486][T10094] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.665848][T10094] bridge_slave_1: entered allmulticast mode
[  550.687750][T10094] bridge_slave_1: entered promiscuous mode
[  550.741557][T10070] team0: Port device team_slave_0 added
[  550.802935][T10070] team0: Port device team_slave_1 added
[  550.827825][T10066] batman_adv: batadv0: Adding interface: batadv_slave_0
[  550.861681][T10066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.922535][T10066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  551.064480][T10222] No control pipe specified
[  551.298227][T10066] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.362993][T10066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.414258][T10066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  551.601448][ T5328] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.647992][T10094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  551.687108][T10070] batman_adv: batadv0: Adding interface: batadv_slave_0
[  551.699960][T10070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.784442][T10070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  551.810069][T10070] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.823977][T10070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  551.849931][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.870981][T10070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  551.944566][T10094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  552.063238][ T5328] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.193453][T10066] hsr_slave_0: entered promiscuous mode
[  552.202949][T10066] hsr_slave_1: entered promiscuous mode
[  552.210539][T10066] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  552.221838][T10066] Cannot create hsr debugfs directory
[  552.269621][ T5328] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.541250][ T5328] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.676841][T10094] team0: Port device team_slave_0 added
[  553.702273][T10094] team0: Port device team_slave_1 added
[  553.757185][T10070] hsr_slave_0: entered promiscuous mode
[  553.770896][T10070] hsr_slave_1: entered promiscuous mode
[  553.781266][T10070] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  553.792020][T10070] Cannot create hsr debugfs directory
[  554.035562][   T29] audit: type=1800 audit(1719029837.842:101): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1959 res=0 errno=0
[  554.179898][T10094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  554.191163][T10094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  554.218221][T10256] loop5: detected capacity change from 0 to 256
[  554.272861][T10094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  554.348670][T10256] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  554.361632][ T5124] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  554.388823][T10094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  554.413306][T10094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  554.460971][T10094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  554.566650][ T5124] usb 2-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  554.593488][ T5124] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 184
[  554.605626][ T5124] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  554.620642][ T5124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.659385][ T5124] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  554.860412][ T5124] gspca_sn9c2028: read1 error -32
[  555.079332][ T5124] gspca_sn9c2028: read1 error -71
[  555.111236][ T5124] sn9c2028 2-1:220.0: probe with driver sn9c2028 failed with error -71
[  555.138630][ T5124] usb 2-1: USB disconnect, device number 32
[  555.290309][T10094] hsr_slave_0: entered promiscuous mode
[  555.304834][T10094] hsr_slave_1: entered promiscuous mode
[  555.315025][T10094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  555.322794][T10094] Cannot create hsr debugfs directory
[  555.367428][ T5328] bridge_slave_0: left allmulticast mode
[  555.373134][ T5328] bridge_slave_0: left promiscuous mode
[  555.379631][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.407231][ T5328] bridge_slave_1: left allmulticast mode
[  555.412922][ T5328] bridge_slave_1: left promiscuous mode
[  555.425046][ T5328] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.437329][ T5328] bridge_slave_0: left allmulticast mode
[  555.454091][ T5328] bridge_slave_0: left promiscuous mode
[  555.460183][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.564406][ T5122] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  555.636968][ T5128] Bluetooth: hci1: command 0x0406 tx timeout
[  555.784152][ T5122] usb 6-1: Using ep0 maxpacket: 8
[  555.801286][ T5122] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  555.817561][ T5122] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  555.854508][ T5122] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  555.894198][ T5122] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  555.924150][ T5122] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  555.978746][ T5122] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  556.009727][ T5122] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.367949][ T5122] usb 6-1: usb_control_msg returned -32
[  556.373740][ T5122] usbtmc 6-1:16.0: can't read capabilities
[  556.452518][ T5122] usb 6-1: USB disconnect, device number 20
[  557.328008][T10273] loop1: detected capacity change from 0 to 256
[  557.497721][T10273] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  559.041303][T10280] loop1: detected capacity change from 0 to 40427
[  559.094498][T10280] F2FS-fs (loop1): invalid crc value
[  559.149094][T10280] F2FS-fs (loop1): Found nat_bits in checkpoint
[  559.233707][T10280] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  559.554885][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  559.577362][ T5328] bond0 (unregistering): Released all slaves
[  559.715925][T10288] overlayfs: failed to resolve './file1': -2
[  559.835102][T10288] syz-executor.1: attempt to access beyond end of device
[  559.835102][T10288] loop1: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  559.875672][T10288] syz-executor.1: attempt to access beyond end of device
[  559.875672][T10288] loop1: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  560.754041][   T29] audit: type=1800 audit(1719029843.572:102): pid=10288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file2" dev="loop1" ino=17 res=0 errno=0
[  560.788094][ T5328] bond1 (unregistering): Released all slaves
[  560.849194][   T29] audit: type=1804 audit(1719029843.792:103): pid=10288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3473881269/syzkaller.HG4Dbp/226/file0/file2" dev="loop1" ino=17 res=1 errno=0
[  560.907599][ T5328] bond2 (unregistering): Released all slaves
[  561.617524][   T29] audit: type=1800 audit(1719029845.422:104): pid=10288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file2" dev="loop1" ino=17 res=0 errno=0
[  561.786353][ T5114] syz-executor.1: attempt to access beyond end of device
[  561.786353][ T5114] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  561.805900][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  561.815479][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  561.822389][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  561.825276][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  561.849307][ T5328] bond0 (unregistering): Released all slaves
[  561.885980][ T5328] bond1 (unregistering): Released all slaves
[  561.927331][ T5328] bond2 (unregistering): Released all slaves
[  565.076573][T10066] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  565.686500][T10066] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  565.718349][T10066] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  565.748075][T10066] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  566.413551][ T5328] hsr_slave_0: left promiscuous mode
[  566.457128][ T5328] hsr_slave_1: left promiscuous mode
[  566.470944][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  566.486277][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  566.506011][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  566.524210][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  566.552178][ T5328] hsr_slave_0: left promiscuous mode
[  566.565302][ T5328] hsr_slave_1: left promiscuous mode
[  566.584439][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  566.592982][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  566.616009][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  566.623633][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  566.732099][ T5328] veth1_macvtap: left promiscuous mode
[  566.738374][ T5328] veth0_macvtap: left promiscuous mode
[  566.748690][ T5328] veth1_vlan: left promiscuous mode
[  566.758657][ T5328] veth0_vlan: left promiscuous mode
[  566.911246][ T5328] veth1_macvtap: left promiscuous mode
[  566.930144][ T5328] veth0_macvtap: left promiscuous mode
[  566.970585][ T5328] veth1_vlan: left promiscuous mode
[  566.991483][ T5328] veth0_vlan: left promiscuous mode
[  568.131058][T10314] loop0: detected capacity change from 0 to 512
[  568.229579][T10314] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino
[  568.261094][T10314] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  568.305691][T10314] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  568.880438][ T9680] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.929461][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  568.937759][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  569.228543][T10318] loop5: detected capacity change from 0 to 40427
[  569.315674][T10318] F2FS-fs (loop5): invalid crc value
[  569.353413][T10318] F2FS-fs (loop5): Found nat_bits in checkpoint
[  569.516428][T10318] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  569.890744][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  570.055828][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  570.132923][T10318] overlayfs: failed to resolve './file0': -2
[  570.159259][   T29] audit: type=1800 audit(1719029853.962:105): pid=10318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file2" dev="loop5" ino=17 res=0 errno=0
[  570.165929][T10318] syz-executor.5: attempt to access beyond end of device
[  570.165929][T10318] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  570.284187][T10318] syz-executor.5: attempt to access beyond end of device
[  570.284187][T10318] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  570.667777][ T9195] syz-executor.5: attempt to access beyond end of device
[  570.667777][ T9195] loop5: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  570.704156][ T9195] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  570.711388][ T9195] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  570.733135][ T9195] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  572.957153][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  573.031659][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  573.709972][T10339] loop0: detected capacity change from 0 to 40427
[  573.737380][T10339] F2FS-fs (loop0): invalid crc value
[  573.785328][T10339] F2FS-fs (loop0): Found nat_bits in checkpoint
[  573.882249][T10339] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  574.353757][T10345] overlayfs: failed to resolve './file1': -2
[  574.504582][T10346] syz-executor.0: attempt to access beyond end of device
[  574.504582][T10346] loop0: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  574.543134][T10346] syz-executor.0: attempt to access beyond end of device
[  574.543134][T10346] loop0: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  575.257005][   T29] audit: type=1800 audit(1719029858.252:106): pid=10346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=17 res=0 errno=0
[  575.337555][   T29] audit: type=1804 audit(1719029858.442:107): pid=10346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1017154718/syzkaller.YcC1xe/22/file0/file2" dev="loop0" ino=17 res=1 errno=0
[  576.273464][   T29] audit: type=1800 audit(1719029860.072:108): pid=10346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file2" dev="loop0" ino=17 res=0 errno=0
[  576.581392][ T9680] syz-executor.0: attempt to access beyond end of device
[  576.581392][ T9680] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  576.613939][ T9680] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  576.621721][ T9680] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  576.634815][ T9680] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  577.072094][T10066] 8021q: adding VLAN 0 to HW filter on device bond0
[  577.333896][T10070] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  577.571004][T10070] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  578.871465][T10070] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  578.945154][T10070] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  579.153336][T10066] 8021q: adding VLAN 0 to HW filter on device team0
[  579.219293][ T5124] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.227225][ T5124] bridge0: port 1(bridge_slave_0) entered forwarding state
[  579.370806][ T5124] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.378273][ T5124] bridge0: port 2(bridge_slave_1) entered forwarding state
[  579.465607][T10357] loop5: detected capacity change from 0 to 1024
[  579.565657][T10357] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  580.410554][ T5328] IPVS: stop unused estimator thread 0...
[  580.438416][T10365] loop1: detected capacity change from 0 to 2048
[  580.544139][T10365] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  580.660151][T10357] No control pipe specified
[  580.678072][T10365] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  580.754266][T10094] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  580.876874][T10094] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  581.019655][T10094] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  581.194083][T10094] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  581.365350][T10070] 8021q: adding VLAN 0 to HW filter on device bond0
[  581.479935][T10367] syz-executor.1: attempt to access beyond end of device
[  581.479935][T10367] loop1: rw=2049, sector=2401, nr_sectors = 1 limit=2048
[  581.497619][T10070] 8021q: adding VLAN 0 to HW filter on device team0
[  581.582307][T10367] Buffer I/O error on dev loop1, logical block 2401, lost async page write
[  581.668428][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.675770][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  581.749439][ T5182] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.756736][ T5182] bridge0: port 2(bridge_slave_1) entered forwarding state
[  581.807984][T10066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  581.910713][ T5325] kworker/u8:13: attempt to access beyond end of device
[  581.910713][ T5325] loop1: rw=1, sector=2402, nr_sectors = 456 limit=2048
[  582.192109][T10094] 8021q: adding VLAN 0 to HW filter on device bond0
[  582.386989][T10094] 8021q: adding VLAN 0 to HW filter on device team0
[  582.483360][T10381] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.5'.
[  582.519048][T10381] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.5'.
[  582.566285][  T780] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.573665][  T780] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.615413][  T780] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.622693][  T780] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.581768][T10070] 8021q: adding VLAN 0 to HW filter on device batadv0
[  583.648148][T10066] veth0_vlan: entered promiscuous mode
[  583.809422][T10066] veth1_vlan: entered promiscuous mode
[  584.007452][T10384] loop1: detected capacity change from 0 to 40427
[  584.118421][T10384] F2FS-fs (loop1): invalid crc value
[  584.151416][T10384] F2FS-fs (loop1): Found nat_bits in checkpoint
[  584.254626][T10066] veth0_macvtap: entered promiscuous mode
[  584.304537][T10094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  584.327999][T10070] veth0_vlan: entered promiscuous mode
[  584.335799][T10384] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  584.364812][T10066] veth1_macvtap: entered promiscuous mode
[  584.447040][T10070] veth1_vlan: entered promiscuous mode
[  584.650479][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  584.681101][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.704728][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  584.722722][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.736587][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  584.752916][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.763221][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  584.774112][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.791514][T10066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  584.870579][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  584.901557][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.925176][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  584.976327][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.005802][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.037672][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.089426][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  585.124540][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.165464][T10066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  585.249464][T10066] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  585.251846][T10384] overlayfs: failed to resolve './file0': -2
[  585.258521][  T780] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  585.273024][T10066] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  585.289953][T10066] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  585.303555][   T29] audit: type=1800 audit(1719029869.102:109): pid=10415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file2" dev="loop1" ino=17 res=0 errno=0
[  585.303993][T10066] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  585.345419][T10415] syz-executor.1: attempt to access beyond end of device
[  585.345419][T10415] loop1: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  585.362973][T10415] syz-executor.1: attempt to access beyond end of device
[  585.362973][T10415] loop1: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  585.405412][T10070] veth0_macvtap: entered promiscuous mode
[  585.414593][T10094] veth0_vlan: entered promiscuous mode
[  585.467346][T10094] veth1_vlan: entered promiscuous mode
[  585.485951][  T780] usb 1-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  585.506630][  T780] usb 1-1: config 220 has 1 interface, different from the descriptor's value: 184
[  585.544602][  T780] usb 1-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  585.575025][T10070] veth1_macvtap: entered promiscuous mode
[  585.584684][  T780] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.627914][  T780] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  585.711017][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.763854][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.793861][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.824135][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.853995][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.867689][  T780] gspca_sn9c2028: read1 error -32
[  585.876215][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.894112][  T780] gspca_sn9c2028: read1 error -32
[  585.916171][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.930720][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.957596][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  585.976602][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  585.999035][ T5114] syz-executor.1: attempt to access beyond end of device
[  585.999035][ T5114] loop1: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  586.003573][T10070] batman_adv: batadv0: Interface activated: batadv_slave_0
[  586.043202][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  586.059308][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  586.070757][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  586.087821][ T5114] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  586.133137][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.153873][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  586.169799][    T9] usb 1-1: USB disconnect, device number 12
[  586.183995][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.224224][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  586.243987][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.265997][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  586.283910][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.304011][T10070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  586.323873][T10070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.365882][T10070] batman_adv: batadv0: Interface activated: batadv_slave_1
[  586.491957][T10094] veth0_macvtap: entered promiscuous mode
[  586.611327][T10094] veth1_macvtap: entered promiscuous mode
[  586.629025][T10070] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.647457][T10070] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.665195][T10070] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.692385][T10070] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.829076][ T5359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  586.873637][ T5359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.057507][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.087955][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.114009][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.133988][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.155381][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.185178][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.203913][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.226727][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.240336][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.250893][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.261047][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.273171][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.320145][T10094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  587.365769][ T5349] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.383138][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.413954][ T5349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.428621][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.444749][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.455554][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.472139][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.483277][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.498349][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.511601][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.548609][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.568707][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.583484][T10094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.603850][T10094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.621009][T10417] loop0: detected capacity change from 0 to 8192
[  587.631837][T10094] batman_adv: batadv0: Interface activated: batadv_slave_1
[  587.667917][T10094] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  587.680124][T10094] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  587.690716][T10094] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  587.707341][T10094] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  587.808247][ T5325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.836356][ T5325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.068659][ T9056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  588.096965][ T9056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.305241][T10430] loop4: detected capacity change from 0 to 512
[  588.308750][ T5359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  588.352903][ T5359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.530776][T10430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  588.566607][T10430] ext4 filesystem being mounted at /root/syzkaller-testdir2659540962/syzkaller.u2Vplr/0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  588.671289][ T5325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  588.718367][ T5325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.890731][T10066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  589.636506][T10440] loop2: detected capacity change from 0 to 40427
[  589.653024][T10444] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[  589.830948][T10450] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  590.227958][T10454] loop3: detected capacity change from 0 to 256
[  594.804718][ T5124] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  595.592305][T10470] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.5'.
[  595.635160][T10470] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.5'.
[  596.190999][T10482] loop1: detected capacity change from 0 to 512
[  596.315336][T10482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  596.366266][T10482] ext4 filesystem being mounted at /root/syzkaller-testdir3473881269/syzkaller.HG4Dbp/237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  596.545316][ T5114] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  597.013001][T10469] loop4: detected capacity change from 0 to 40427
[  597.097142][T10469] F2FS-fs (loop4): invalid crc value
[  597.125257][T10469] F2FS-fs (loop4): Found nat_bits in checkpoint
[  597.285827][T10469] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  597.902544][T10504] loop1: detected capacity change from 0 to 40427
[  597.968694][T10504] F2FS-fs (loop1): invalid crc value
[  602.481495][T10504] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  630.362200][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  630.369026][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  703.003867][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  703.011092][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10469/1:b..l P10491/1:b..l
[  703.021729][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=50725, q=724 ncpus=2)
[  703.029524][    C1] task:syz-executor.2  state:R  running task     stack:25736 pid:10491 tgid:10490 ppid:10070  flags:0x00004002
[  703.043572][    C1] Call Trace:
[  703.046924][    C1]  <TASK>
[  703.049882][    C1]  __schedule+0x17e8/0x4a20
[  703.054477][    C1]  ? mark_lock+0x9a/0x350
[  703.058862][    C1]  ? __lock_acquire+0x1346/0x1fd0
[  703.063920][    C1]  ? __pfx___schedule+0x10/0x10
[  703.068796][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.074518][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.080177][    C1]  ? preempt_schedule+0xe1/0xf0
[  703.085050][    C1]  preempt_schedule_common+0x84/0xd0
[  703.090362][    C1]  preempt_schedule+0xe1/0xf0
[  703.095081][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  703.100474][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.106138][    C1]  preempt_schedule_thunk+0x1a/0x30
[  703.111422][    C1]  _raw_spin_unlock+0x3e/0x50
[  703.116146][    C1]  unmap_page_range+0x3631/0x40f0
[  703.121296][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.126966][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  703.132377][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.138039][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  703.143087][    C1]  ? unmap_vmas+0x1f1/0x5f0
[  703.147616][    C1]  ? __pfx_lock_release+0x10/0x10
[  703.152930][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.158582][    C1]  ? unmap_single_vma+0x1bd/0x2b0
[  703.163646][    C1]  unmap_vmas+0x3cc/0x5f0
[  703.168037][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  703.172942][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.178594][    C1]  ? tlb_gather_mmu+0x24e/0x310
[  703.183488][    C1]  unmap_region+0x1ec/0x350
[  703.188026][    C1]  ? __pfx_unmap_region+0x10/0x10
[  703.193089][    C1]  ? __pfx_mas_prev_range+0x10/0x10
[  703.198367][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.204032][    C1]  ? __mas_set_range+0x133/0x3c0
[  703.209006][    C1]  do_vmi_align_munmap+0x1122/0x18c0
[  703.214354][    C1]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  703.220041][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.225695][    C1]  ? mtree_range_walk+0x6fd/0x8e0
[  703.230766][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.236421][    C1]  ? mas_find+0x8c0/0xbb0
[  703.240776][    C1]  ? __pfx___down_write_common+0x10/0x10
[  703.246458][    C1]  do_vmi_munmap+0x261/0x2f0
[  703.251089][    C1]  __vm_munmap+0x1fc/0x400
[  703.255533][    C1]  ? __pfx___vm_munmap+0x10/0x10
[  703.260503][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  703.266857][    C1]  ? do_syscall_64+0x100/0x230
[  703.271682][    C1]  __x64_sys_munmap+0x68/0x80
[  703.276385][    C1]  do_syscall_64+0xf3/0x230
[  703.280932][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.286875][    C1] RIP: 0033:0x7fac6f27d137
[  703.291313][    C1] RSP: 002b:00007fac7001aea8 EFLAGS: 00000246 ORIG_RAX: 000000000000000b
[  703.299755][    C1] RAX: ffffffffffffffda RBX: 0000000001000000 RCX: 00007fac6f27d137
[  703.307749][    C1] RDX: 0000000000000000 RSI: 0000000008400000 RDI: 00007fac65000000
[  703.315741][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000005ecd
[  703.323733][    C1] R10: 000000000000076c R11: 0000000000000246 R12: 0000000000000003
[  703.331755][    C1] R13: 00007fac7001af80 R14: 00007fac7001af40 R15: 00007fac65000000
[  703.339763][    C1]  </TASK>
[  703.342836][    C1] task:syz-executor.4  state:R  running task     stack:24200 pid:10469 tgid:10463 ppid:10066  flags:0x00004002
[  703.354844][    C1] Call Trace:
[  703.358148][    C1]  <TASK>
[  703.361104][    C1]  __schedule+0x17e8/0x4a20
[  703.365659][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.371342][    C1]  ? __pfx___schedule+0x10/0x10
[  703.376227][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.381882][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  703.387902][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[  703.393214][    C1]  preempt_schedule_irq+0xfb/0x1c0
[  703.398349][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  703.404095][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.409767][    C1]  irqentry_exit+0x5e/0x90
[  703.414221][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  703.420274][    C1] RIP: 0010:lock_acquire+0x264/0x550
[  703.425596][    C1] Code: 2b 00 74 08 4c 89 f7 e8 7a 6b 89 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  703.445223][    C1] RSP: 0018:ffffc900045170a0 EFLAGS: 00000206
[  703.451317][    C1] RAX: 0000000000000001 RBX: 1ffff920008a2e20 RCX: 0000000000000001
[  703.459305][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcacd00 RDI: ffffffff8c1fe640
[  703.467295][    C1] RBP: ffffc900045171e8 R08: ffffffff92fa7587 R09: 1ffffffff25f4eb0
[  703.475321][    C1] R10: dffffc0000000000 R11: fffffbfff25f4eb1 R12: 1ffff920008a2e1c
[  703.483356][    C1] R13: dffffc0000000000 R14: ffffc90004517100 R15: 0000000000000246
[  703.491406][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  703.496470][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.502126][    C1]  ? folio_add_lru+0x58f/0xd70
[  703.506929][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.512588][    C1]  ? shmem_alloc_and_add_folio+0xa49/0xdb0
[  703.518454][    C1]  __pte_offset_map+0x9e/0x380
[  703.523262][    C1]  ? __pte_offset_map+0x82/0x380
[  703.528231][    C1]  ? __pfx_lock_release+0x10/0x10
[  703.533282][    C1]  ? __pfx___pte_offset_map+0x10/0x10
[  703.538691][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.544349][    C1]  ? shmem_get_folio_gfp+0xeed/0x1f50
[  703.549747][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  703.554997][    C1]  __pte_offset_map_lock+0xc7/0x300
[  703.560254][    C1]  ? filemap_map_pages+0x18e0/0x1e70
[  703.565572][    C1]  ? __pfx___pte_offset_map_lock+0x10/0x10
[  703.571397][    C1]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  703.577122][    C1]  finish_fault+0x32d/0xde0
[  703.581689][    C1]  ? __pfx_finish_fault+0x10/0x10
[  703.586785][    C1]  ? pte_offset_map_nolock+0x137/0x1f0
[  703.592273][    C1]  ? __lock_acquire+0x1346/0x1fd0
[  703.597334][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.602990][    C1]  ? __do_fault+0x258/0x460
[  703.607519][    C1]  ? handle_pte_fault+0x222c/0x7090
[  703.612748][    C1]  handle_pte_fault+0x3d3d/0x7090
[  703.617853][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.623514][    C1]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  703.629296][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  703.634352][    C1]  ? __pfx_handle_pte_fault+0x10/0x10
[  703.639760][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.645419][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  703.650479][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.656143][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.661804][    C1]  ? follow_page_pte+0x292/0x1d90
[  703.666857][    C1]  ? follow_page_pte+0x859/0x1d90
[  703.671909][    C1]  ? __pfx_lock_release+0x10/0x10
[  703.676978][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.682629][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  703.687873][    C1]  handle_mm_fault+0x10df/0x1ba0
[  703.692855][    C1]  ? __pfx_handle_mm_fault+0x10/0x10
[  703.698201][    C1]  ? __pfx_find_vma+0x10/0x10
[  703.702897][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.708529][    C1]  ? vma_is_secretmem+0xd/0x50
[  703.713300][    C1]  ? check_vma_flags+0x500/0x5a0
[  703.718257][    C1]  __get_user_pages+0x6ef/0x1590
[  703.723250][    C1]  ? mt_find+0x62d/0x850
[  703.727510][    C1]  ? __pfx___get_user_pages+0x10/0x10
[  703.732903][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.738576][    C1]  populate_vma_page_range+0x264/0x330
[  703.744088][    C1]  ? __pfx_populate_vma_page_range+0x10/0x10
[  703.750079][    C1]  ? userfaultfd_unmap_complete+0x30c/0x360
[  703.756001][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.761660][    C1]  ? do_mmap+0x915/0xfa0
[  703.765927][    C1]  __mm_populate+0x27a/0x460
[  703.770544][    C1]  ? __pfx___mm_populate+0x10/0x10
[  703.775661][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.781289][    C1]  vm_mmap_pgoff+0x2c3/0x3d0
[  703.785878][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  703.790980][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  703.797327][    C1]  ? do_syscall_64+0x100/0x230
[  703.802098][    C1]  ? ksys_mmap_pgoff+0xdf/0x720
[  703.806960][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.812584][    C1]  ? __x64_sys_mmap+0x7f/0x140
[  703.817369][    C1]  do_syscall_64+0xf3/0x230
[  703.821886][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.827779][    C1] RIP: 0033:0x7fe0bb67d0a9
[  703.832189][    C1] RSP: 002b:00007fe0bc4ba0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  703.840601][    C1] RAX: ffffffffffffffda RBX: 00007fe0bb7b3f80 RCX: 00007fe0bb67d0a9
[  703.848575][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  703.856537][    C1] RBP: 00007fe0bb6ec074 R08: ffffffffffffffff R09: 0000000000000000
[  703.864529][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  703.872498][    C1] R13: 000000000000000b R14: 00007fe0bb7b3f80 R15: 00007ffd01c21e58
[  703.880512][    C1]  </TASK>
[  703.883531][    C1] rcu: rcu_preempt kthread starved for 10127 jiffies! g50725 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  703.894803][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  703.904790][    C1] rcu: RCU grace-period kthread stack dump:
[  703.910738][    C1] task:rcu_preempt     state:I stack:25168 pid:17    tgid:17    ppid:2      flags:0x00004000
[  703.921077][    C1] Call Trace:
[  703.924374][    C1]  <TASK>
[  703.927329][    C1]  __schedule+0x17e8/0x4a20
[  703.931886][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.937549][    C1]  ? __pfx___schedule+0x10/0x10
[  703.942432][    C1]  ? __pfx_lock_release+0x10/0x10
[  703.947484][    C1]  ? __asan_memset+0x23/0x50
[  703.952123][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  703.957951][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  703.964307][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.969976][    C1]  schedule+0x14b/0x320
[  703.974161][    C1]  schedule_timeout+0x1be/0x310
[  703.979051][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  703.984542][    C1]  ? __pfx_process_timeout+0x10/0x10
[  703.989888][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  703.995560][    C1]  ? prepare_to_swait_event+0x32e/0x350
[  704.001144][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  704.006037][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  704.011000][    C1]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[  704.017096][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  704.022416][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  704.028356][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.034019][    C1]  ? finish_swait+0xd4/0x1e0
[  704.038640][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  704.043258][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  704.048477][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  704.049714][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  704.054404][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.054451][    C1]  ? __kthread_parkme+0x169/0x1d0
[  704.071354][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  704.076586][    C1]  kthread+0x2f2/0x390
[  704.080687][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  704.085905][    C1]  ? __pfx_kthread+0x10/0x10
[  704.090522][    C1]  ret_from_fork+0x4d/0x80
[  704.095027][    C1]  ? __pfx_kthread+0x10/0x10
[  704.099644][    C1]  ret_from_fork_asm+0x1a/0x30
[  704.104810][    C1]  </TASK>
[  704.107843][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  704.114185][    C1] Sending NMI from CPU 1 to CPUs 0:
[  704.119437][    C0] NMI backtrace for cpu 0
[  704.119457][    C0] CPU: 0 PID: 9056 Comm: kworker/u8:35 Not tainted 6.10.0-rc4-syzkaller-00179-g4545981f33be #0
[  704.119481][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  704.119496][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  704.119570][    C0] RIP: 0010:unwind_next_frame+0x26c/0x2a00
[  704.119614][    C0] Code: 55 00 39 eb 0f 86 02 1e 00 00 89 e8 48 8d 1c 85 60 35 d4 90 48 89 d8 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df 42 0f b6 04 30 <84> c0 0f 85 b0 20 00 00 44 8b 3b 89 e8 ff c0 48 8d 1c 85 60 35 d4
[  704.119634][    C0] RSP: 0018:ffffc900154e6a88 EFLAGS: 00000216
[  704.119653][    C0] RAX: 0000000000000000 RBX: ffffffff90fb88a0 RCX: 00000000000ac001
[  704.119669][    C0] RDX: ffff88802181da00 RSI: 000000000009d4d0 RDI: 00000000000ac000
[  704.119686][    C0] RBP: 000000000009d4d0 R08: ffffffff8140f234 R09: ffffc900154e6c50
[  704.119702][    C0] R10: 0000000000000003 R11: ffffffff8181de80 R12: ffffc900154e6b60
[  704.119719][    C0] R13: 00000000000ac001 R14: dffffc0000000000 R15: ffffffff8ad4d05d
[  704.119739][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  704.119758][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  704.119775][    C0] CR2: ffffffffffffffe8 CR3: 000000006004e000 CR4: 0000000000350ef0
[  704.119794][    C0] Call Trace:
[  704.119803][    C0]  <NMI>
[  704.119813][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  704.119843][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  704.119873][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  704.119897][    C0]  ? nmi_handle+0x2a/0x5a0
[  704.119947][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  704.119979][    C0]  ? nmi_handle+0x151/0x5a0
[  704.120014][    C0]  ? nmi_handle+0x2a/0x5a0
[  704.120051][    C0]  ? unwind_next_frame+0x26c/0x2a00
[  704.120083][    C0]  ? default_do_nmi+0x63/0x160
[  704.120109][    C0]  ? exc_nmi+0x123/0x1f0
[  704.120132][    C0]  ? end_repeat_nmi+0xf/0x53
[  704.120172][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120205][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  704.120234][    C0]  ? unwind_next_frame+0x244/0x2a00
[  704.120269][    C0]  ? unwind_next_frame+0x26c/0x2a00
[  704.120302][    C0]  ? unwind_next_frame+0x26c/0x2a00
[  704.120336][    C0]  ? unwind_next_frame+0x26c/0x2a00
[  704.120369][    C0]  </NMI>
[  704.120377][    C0]  <TASK>
[  704.120389][    C0]  ? cfg80211_inform_bss_data+0x3dc/0x5a70
[  704.120419][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120446][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120473][    C0]  ? __kernel_text_address+0xd/0x40
[  704.120506][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120532][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  704.120556][    C0]  arch_stack_walk+0x151/0x1b0
[  704.120601][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120633][    C0]  stack_trace_save+0x118/0x1d0
[  704.120654][    C0]  ? worker_thread+0x86d/0xd70
[  704.120678][    C0]  ? kthread+0x2f2/0x390
[  704.120704][    C0]  ? ret_from_fork+0x4d/0x80
[  704.120736][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  704.120771][    C0]  kasan_save_track+0x3f/0x80
[  704.120802][    C0]  ? kasan_save_track+0x3f/0x80
[  704.120826][    C0]  ? __kasan_kmalloc+0x98/0xb0
[  704.120852][    C0]  ? __kmalloc_noprof+0x1f9/0x400
[  704.120892][    C0]  ? cfg80211_inform_single_bss_data+0xd78/0x2360
[  704.120920][    C0]  ? cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.120982][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.121007][    C0]  __kasan_kmalloc+0x98/0xb0
[  704.121034][    C0]  ? cfg80211_inform_single_bss_data+0xd78/0x2360
[  704.121063][    C0]  __kmalloc_noprof+0x1f9/0x400
[  704.121102][    C0]  cfg80211_inform_single_bss_data+0xd78/0x2360
[  704.121130][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.121152][    C0]  ? __read_once_word_nocheck+0x9/0x20
[  704.121195][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.121217][    C0]  ? __read_once_word_nocheck+0x9/0x20
[  704.121253][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  704.121296][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  704.121332][    C0]  ? __kernel_text_address+0xd/0x40
[  704.121363][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  704.121395][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  704.121419][    C0]  ? cfg80211_inform_bss_data+0x3c5/0x5a70
[  704.121450][    C0]  cfg80211_inform_bss_data+0x3dd/0x5a70
[  704.121478][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  704.121529][    C0]  ? __pfx_validate_chain+0x10/0x10
[  704.121581][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  704.121615][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.121637][    C0]  ? mark_lock+0x9a/0x350
[  704.121666][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.121688][    C0]  ? __lock_acquire+0x1346/0x1fd0
[  704.121735][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  704.121763][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  704.121816][    C0]  cfg80211_inform_bss_frame_data+0x3bc/0x720
[  704.121853][    C0]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[  704.121886][    C0]  ieee80211_bss_info_update+0x8a7/0xbc0
[  704.121924][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  704.121958][    C0]  ? __pfx_lock_release+0x10/0x10
[  704.121981][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122010][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122037][    C0]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70
[  704.122087][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70
[  704.122119][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  704.122154][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122184][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122206][    C0]  ? mark_lock+0x9a/0x350
[  704.122235][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122256][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  704.122284][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  704.122309][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  704.122330][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  704.122378][    C0]  ieee80211_iface_work+0x8a3/0xf10
[  704.122423][    C0]  cfg80211_wiphy_work+0x223/0x260
[  704.122460][    C0]  ? process_scheduled_works+0x945/0x1830
[  704.122484][    C0]  process_scheduled_works+0xa2e/0x1830
[  704.122530][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  704.122561][    C0]  ? assign_work+0x364/0x3d0
[  704.122588][    C0]  worker_thread+0x86d/0xd70
[  704.122620][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  704.122662][    C0]  ? __kthread_parkme+0x169/0x1d0
[  704.122690][    C0]  ? __pfx_worker_thread+0x10/0x10
[  704.122716][    C0]  kthread+0x2f2/0x390
[  704.122743][    C0]  ? __pfx_worker_thread+0x10/0x10
[  704.122768][    C0]  ? __pfx_kthread+0x10/0x10
[  704.122799][    C0]  ret_from_fork+0x4d/0x80
[  704.122830][    C0]  ? __pfx_kthread+0x10/0x10
[  704.122858][    C0]  ret_from_fork_asm+0x1a/0x30
[  704.122902][    C0]  </TASK>
[  705.344107][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
2024/06/22 04:19:49 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  707.704526][ T5132] Bluetooth: hci5: command 0x0406 tx timeout
[  707.713055][ T5128] Bluetooth: hci3: command 0x0406 tx timeout
[  707.713063][ T5132] Bluetooth: hci4: command 0x0406 tx timeout
[  707.719143][ T5128] Bluetooth: hci6: command 0x0406 tx timeout
[  709.438425][   T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0