last executing test programs:

1m16.382771292s ago: executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001900010000000000000000001c14"], 0x1c}}, 0x0)

1m16.304377427s ago: executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x21, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0}, 0x90)

1m16.135944854s ago: executing program 0:
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xa8, 0x41, 0x22, 0x10, 0x104f, 0x4, 0x8faf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x55, 0x97, 0xdc, 0x0, [], [{{0x9, 0x5, 0x8, 0x3a}}, {{0x9, 0x5, 0x0, 0x2}}]}}]}}]}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f0000000540)=ANY=[], 0x22)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETAF(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "c5003f00"})
socket$netlink(0x10, 0x3, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000080)={0x8, <r1=>r0, 0x1})
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000180)={0xfff9, 0x800})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000240)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@init_itable_val}, {@usrquota}, {@usrquota}]}, 0x1, 0x5d4, &(0x7f0000001600)="$eJzs3c9vFFUcAPDv221LoUgLMSoepIkxkCgtLWCI8QB30uCPePFipYUgBRpao0UTS4IXE+PFGBNPHsT/QonEGyc9efDiyZAQNRxNXDO7O6Utu2233Xaa7ueTbDvz3g7vO12++2bfvrcbQMcazH6UIg5GxHSK6E/zC3VdUa8crN3v4T8fn89uKSqVN/5Kkepl+f1T/Xdf/eDeiPjlpxQHyo+3OzN34/L41NTk9fr+8OyV6eGZuRtHL10Zvzh5cfLq6Mujp06eOHlq5FjbzvXsrfc+6P9s7O3vvvk3jXz/+1iK07G3Xrf4PNplMAZrf5NdS8uzv+updjdWkHL9fBY/xKmrwIBoSf74dUfE09Ef5Xj04PXHp68VGhywqSopotKi7Dmj8nOrRwHbT2o5/4GdIb8OyF/bL38dXCrkqgTYCg/O1AYAHs//rtrYYPRWxwb2PEyxeFgnRUQ7RuayNu7dHbt14e7YrdikcTigsfmbEfFMo/xP1dwcqI7iZ/lfWpL/2XXBufrvrPz1dbY/uGxf/sPWqeV/77ry/51F+f/uOtuX/wAAAAAAANA+d85ExEuN3v8vLcz/iQbzf/oi4nQb2l/9/b/S/TY0AzTw4EzEqw3n/5by2b8D5frWE9X5AN3pwqWpyWMRsS8ijkT3rmx/ZIU2jn5+4Otmdfn8v/yWtX+vPhewHsf9rmXrZyfGZ8c3et5AxIObEc82nP+bFvr/1KD/z54PptfYxoEXbp9rVtc0/3s3dFrAGlS+jTjcsP9PC/dJK38+x3D1emA4vyp43HMfffFDs/ZX7/+BzZL1/3tWzv+BtPjzemZab+P4XFelWd16r/970pvVj5zpqZd9OD47e30koiedLWelS8pHW48ZdqI8H/J8yfL/yPMrj/81uv7fHRHzy/7t9PfSNcW5p/7r+6NZPPp/KE6W/xMt9f+tb4zeHvixWftr6/9PVPv6I/US439Q81Wepj1LyxukY1ejqq2OFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2glJE7I1UGlrYLpWGhiL6IuLJ2FOaujYz++KFa+9fncjqqt//X8q/6be/tp/y7/8fWLQ/umz/eETsj4gvy7ur+0Pnr01NFH3yAAAAAAAAAAAAAAAAAAAAsE30NVn/n/mzXHR0wKbrKjoAoDAN8v/XIuIAtp7+HzqX/IfOJf+hc8l/6FzyHzqX/IfOJf+hc8l/AAAAAADYUfYfuvNbioj5V3ZXb5meel13oZEBm61UdABAYcoR+4qOASiGqT/QubzGB1L1Z0/T+t6mB6UNtDp9fgMHAwAAAAAAAAAAAEDHOXzQ+n/oVNb/Q+cqFx0AUJh8/f+hguMAtp7X+ECsspK/4fr/VY8CAAAAAAAAAAAAANppZu7G5fGpqcnrNt7aHmG0YaN7rXeuVCqfZP8LtkHMO2Ejnwq/XeLZ0Eaxz0sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wcAAP//XN8iGw==")
open(&(0x7f0000000100)='.\x00', 0x591002, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x9, 0x0, 0x405}}}, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0xd)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB='\''], 0xd)

1m13.008016762s ago: executing program 0:
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0xa, [{0x1}, {}]}]}}, &(0x7f0000000f40)=""/4089, 0x36, 0xff9, 0x2}, 0x20)

1m12.729738636s ago: executing program 0:
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2, &(0x7f0000000100)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@noquota}, {@errors_continue}, {@discard_size={'discard', 0x3d, 0x4}}, {@errors_continue}, {@quota}, {@discard}, {@grpquota}]}, 0x1, 0x60b9, &(0x7f0000013cc0)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP3v12rkZCPk7+RtYO8YYZ5NdX+ILrYsJ14Zbya2kl9iud+0s+BavXZI0kh0FSiSMiirahhdtAUVt3lRYVV7QKqC8QK0qVSLtC/oGUaHyIqoCCkiV2ipkqznzPM/OzJ6d2bUn9sw5n48U/7wzZ+acOXPm7H7X+c4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA02vD+mS8OZFlW+y//Y22WXVv7++rxtfll77naWwgAAABcrl/mf756Q7pg/zJu1LDMP779+8/Pz8/PZ58e+pORr87PpyvGs2xkVZbl10UXf/zgQOMywVPZ2MBgw9eDHVY/1OH64Q7Xj3S4frTD9as6XD/W4fpFO2CR1fXfx+R3tin/69r6Ls1uzEby6zYV3OqpgVWDg/F3ObmB/DbzI0ey2exYNpNNNS1fX3YgX/6FDbV1fSSL6xpsWNf62hHy8ycOx20YCPt4U9O6Fu4z+un7svFf/PyJw3915pWbi2bH3dB0f/Xt3LKxtp2fD5fUt3UgW5X2SdzOwYbtXF/wnAw1bedAfrva31u389VlbufQwmZeUa3P+Vg2mP/9pXw/DTf+Wi/tp/Xhsv++Ncuy8wub3brMonVlg9mapksGF56fsfoRWbuP2qH05mx4RcfphmUcp7U5van5OG19TcTnf0O43fAS29D4NP30ydGG5/21+Us5TqPao17qtdJ6DHb7tdIrx2A8Ll7KH/TThcfgpvD4n9i89DFYeOwUHIPpcTccgxs7HYODo0P5NqcnYSC/zcIxuK1p+aF8TQP5fHlz+2Nw8szxU5Nzjz1+++zxQ0dnjs6c2LFt29SOXbv27NkzeWT22MxU/c9L3Nu9b002mF4DG8O+i6+Bd7Us23iozn9jdNH591Jfh2NtXodrW5bt9utwuPXBDVyZF+TiY7r+2rivttPHLgxmS7zG8udn6+W/DtPjbngdDje8Dgu/pxS8DoeX8TqsLXNq6/J+Zhlu+K9oG5b+XnB5x+DahmOw9eeR1mOw2z+P9MoxOBaOix9uXfp7wfqwvU9PrPTnkaFFx2B6uOHcU7sk/bw/ticfRcflLbUrrhnNzs7NnL7j0UNnzpzeloVxRbyl4VhpPV7XNDymbNHxOrji43X/7NufvqXg8rVhX43dXvtjbMnnqrbMzjvaP1f5d7fi/dl06fYsjC670vuz6Lt5bX+OZtnXvvfkPd954mvvX3J/1vLm5ycv/2fxlEsbzr8jS5x/Y+5/vb6+dFdPDY0M11+/Q2nvjDSdj5ufquH83DWQr/vVyeWdj0fCf1f6fHxjm/PxupZlu30+Hml9cPF8PNDptx2Xp/X5HAvHybGp9ufj2jLrtq/0mBxuez6+NcyBsP/fHZJCykUNx85Sx21a1/DwSHhcw3ENzcfpjqblR0I2q63rue2XdpxuubV+X0Pp0S24UsfpeMuy3T5O0+++ljpOBzr99u3StD6fY+G4uHFH++O0tsyLOy//3Lk6/rXh3Dna6RgcGRqtbfNIOgjz8302vzoeg3dkh7OT2bFsOr92ND+eBvJ1Tdy5vGNwNPx3pc+V69ocg1talu32MZi+jy117A0ML37wXdD6fI6F4+KZO9sfg7VlPrC7uz+7bgmXpGUafnZt/f3aUr/zuqVlN71Rx8pw2M7v7W7/u9naMsf2rDRntt9Pt4VLrinYT62v36VeU9PZldlP68J2vrJn6f1U257aMl/du8zjaX+WZeceuSv/fW/495W/PfuD55v+3aXo33TOPXLXz6478g8r2X4A+t/r9bGm/r2u4V+mlvPv/wAAAEBfiLl/MMxE/gcAAIDSiLk//l/hifwPAAAApRFz/3CYSUXy/7oPvDL7+rksNfPng3h92g1315eLHdep8PX4/ILa5Xc9O/Nff39ueesezLLstbv/oHD5dXfH7aobD9t58YPNly/y/O3LWvfB+8+l9Tb2178e7j8+nuUeBkUV3Kksy1644cv5esYfvJDPF+8+mM97zj/9VG2ZV/fWv463f/kt9eX/PJR/9x851HT7l8N++EmYUx8t3h/xdt+68O71ux9YWF+83cDG6/OH/cxD9fuN75Pzlafqy8f9vNT2f+dLz32rtvyj7yze/nODxdv/XLjfZ8P8n7fVl298Dmpfx9t9IWx/XF+83R3f/G7h9l/8Yn35Ux+qL3cwzLj+LeHrTR96ZbZxfz06cKjpcWUfri8X1z/1gz/Kr4/3F++/dfvHDlxo2h+tx8eL/1q/n8mW5ePlcT3R37Wsv3Y/jcdnXP9zf3iwaT93Wv/Fe15+W+1+W9d/W8typx7Zmq9/4f6a37HpL77w5cL1xe3Z/zenmh7P/k+F13FY/zMPheMxXP+/F+v31/ruCgc/1Xz+ict/fe25pscTfeQX9fVffO/RfK4aW73mmmuvu/78O2r7LsteWlW/v07rP/qXJ5u2/xs31fdHvD529FvXv5S4/tOfmzhxcu7s7HTaq0/ckL93zsfq2xO394Zwbm39+sDJMw/PnB6fGp/KsvHyvoXeJftmmD+rj/Ptl55fdAbden94Pm/5sxfWbP6XL8XL/+2++uUXPlr/vvWusNxXwuVrw/O3svUv9syGm/LX98CLYQvnF79f8OVYv+k/9yxrwfD4W38uiMf7qbc+nO+H2nX59434ur7M7f/RdP1+vh3263x4Z+aNNy2sr3H5+N4IF+6tv94ve/+F01x8Xv86PN8f/0n9/uN2xcf7o/BzzHfXNZ/v4vHx7XODrfefv4vH+XA+yc7Xr49Lxf194dWbCjcvvg9Jdv7m/Os/Tvdz84oe5lLmHpubPDZ74uyjk2dm5s5Mzj32+IHjJ8+eOHMgfy/PA5/pdPuF89Oa/Pw0PbNrZ5afrU7Wxxvsam//qfsPT++e2jw9c+TQ2SNn7j81c/ro4bm5wzPTc5sPHTky87lOt5+d3rdt+94du7dPHJ2d3rdn794deydmT5ysbUZ9ozrYNfXZiROnD+Q3mdu3c++2O+/cOTVx/OT0zL7dU1MTZzvdPv/eNFG79e9PnJ45dujM7PGZibnZx2f2bdu7a9f2ju8GePzUkbnxydNnT0yenZs5PVl/LONn8otr3/s63Z5ymvv3+s+zrQbqb8SXffK2Xen9WWuefXLJu6ov0vIGoq+E96L5pzed2rOcr2PuHwkzqUj+BwAAgCqIuX80zET+BwAAgNKIuX9VmIn8DwAAAKURc/9YmElF8n/p+v/rzi1r/fr/+v+N+0v/v2L9/3t7rf9fP1/o/3fH5fbv9f8D/X/9f/1//X/9f7qg1/r/MfevzrJK5n8AAACogpj714SZyP8AAABQGjH3XxNmIv8DAABAacTcf22YSUXyv/6//r/+v/6//n/x+vX/+5P+f3v6/x3o/09m1er/n+/m9uv/6/+zWK/1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu5fG2ZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/Pv9f/1//n67qtf5/zP1vCjOpSP4HAACAKoi5/81hJvI/AAAA9J7hS7tZzP1vCTNZlP8vcQUAAADAVRdz/41ZSxG8Iv/+r/+v/6//r/+v/1+8/uX3/4cy/f/eof/fnv5/B/r/+v/6//r/dFWv9f/z3J+NZW8NM6lI/gcAAIAqiLn/pjAT+R8AAABKI+b+/xdmIv8DAABAacTcvy7MpCL5X/9f/1//X/9f/794/T7/vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7bw4zqUj+BwAAgCqIuf+WMBP5HwAAAEoj5v7/H2Yi/wMAAEBpxNy/PsykIvlf/7/H+/+xOar/r/+v/6//r/+/LPr/7en/d6D/r/+v/6//T1f1Wv8/5v63hZlUJP8DAABAFcTc//YwE/kfAAAASiPm/neEmcj/AAAAUBox94+HmVQk/+v/93j/3+f/6//r/+v/6/+viP5/e/r/Hej/6//r/+v/01W91v+PuX9DmElF8j8AAABUQcz9G8NM5H8AAAAojZj7bw0zkf8BAACgNGLu3xRmUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/Z5hJRfI/AAAAVEHM/ZvDTOR/AAAAKI2Y+98VZiL/AwAAQGnE3L8lzKQi+V//X/9f/1//X/+/eP36//1J/789/f8O9P/1//X/9f/pql7r/8fc/+4wk4rkfwAAAKiCmPu3hpnI/wAAAFAaMfffFmYi/wMAAEBpxNw/EWZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/+v/6//r/dFWv9f9j7r89zKQi+R8AAACqIOb+O8JM5H8AAAAojZj7J8NM5H8AAAAojZj7p8JMKpL/9f/1//X/9f9X1P9/x8L96v/X6f/3Fv3/9vT/O9D/1/+/6v3/Ef1/SqXX+v8x928LM6lI/gcAAIAqiLl/e5iJ/A8AAAClEXP/jjAT+R8AAABKI+b+nWEmFcn/+v/6//r/+v8+/794/fr//Un/v73u9//jQ9T/1//X//f5//r/LNZr/f+Y++8MM6lI/gcAAIAqiLl/V5iJ/A8AAAClEXP/7jAT+R8AAABKI+b+PWEmFcn/+v/6//r/+v/6/8Xr1//vT/r/7fn8/w70//X/9f/1/+mqXuv/x9y/N8ykIvkfAAAAqiDm/veEmcj/AAAAUBox9/9KmIn8DwAAAKURc/+vhplUJP/r/+v/6//r/+v/F69f/78/6f+3p//fgf6//r/+v/4/XdVr/f+Y+/eFmVQk/wMAAEAVxNz/a2Em8j8AAACURsz97w0zkf8BAACgNGLu3x9mUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/X5hJRfI/AAAAVEHM/XeFmcj/AAAAUBox978/zET+BwAAgNKIuf8DYSYVyf/6//r/+v/6//r/xevX/+9P+v/t6f93oP+v/6//r/9PV/Va/z/m/g+GmVQk/wMAAEAVxNz/oTAT+R8AAABKI+b+D4eZyP8AAABQGjH3fyTMpCL5X/9f/1//X/9f/794/fr//Un/vz39/w70/0vW/x+/Tv9f/583SlECWuzS+v/XvrbkCi+z/x9z/6+HmVQk/wMAAEAVxNx/d5iJ/A8AAAClEXP/R8NM5H8AAAAojZj7PxZmUpH8r/+v/6//r/+v/1+8fv3//qT/316f9f9/eX24XP+/Tv+/t7e/J/v/P16q/z+/qvX2+v+8ES6t/1+oK/3/mPs/HmZSkfwPAAAAVRBz/yfCTOR/AAAAKI2Y+z8ZZiL/AwAAQGnE3P8bYSYVyf/6/7XtWGgv6//r/+cX6P/r/+v/9y39//b6rP/v8/9b6P/39vb3ZP/f5/9zlfVa/z/m/k+FmVQk/wMAAEAVxNx/T5iJ/A8AAAClEXP/vWEm8j8AAACURsz994WZVCT/6//7/H/9f/1//f/i9ev/9yf9//b0/zvQ/9f/77X+/3/o/9Pfeq3/H3P//WEmFcn/AAAAUAUx9z8QZiL/AwAAQGnE3P+bYSbyPwAAAJRGzP2fDjOpSP7X/++X/v+4/r/+v/5/y+PR/9f/L6L/357+fwf6//r/vdb/9/n/9Lle6//H3P9gmMny8//YspcEAAAAroqY+38rzKQi//4PAAAAVRBz/2+Hmcj/AAAAUBox9/9OmElF8r/+f7/0/33+f6b/r//f8nj0//X/i1y5/n888+j/6//r/0f6//r/+v+06rX+f8z9vxtmUpH8DwAAAFUQc/9DYSbyPwAAAPSFov8nu1XM/QfCTOR/AAAAKI2Y+w+GmVQk/+v/6//r//do//9PN/7zD7//iYPb9P/1//X/V+SKfv5/7cXv8//1//X/E/1//X/9f1r1Wv8/5v5DYSYVyf8AAABQBTH3/16YifwPAAAApRFz/+EwE/kfAAAASiPm/ukwk4rkf/1//X/9/x7t//fx5//H/aH/36xr/f940tX/L3RF+/8PLPTE9f9X2v8fLbxU/1//v5+3X/9f/5/Feq3/H3P/TJhJRfI/AAAAVEHI/YNH6nPhCvkfAAAASiPm/qNhJvI/AAAAlEbM/Q+HmVQk/+v/6//r/+v/+/z/4vX3bP/f5/+3pf/fXu/0/4vp/+v/9/P26//r/7NYr/X/Y+6fDTOpSP4HAACAKoi5/zNhJvI/AAAAlEbM/Z8NM5H/AQAAoDRi7j8WZlKR/K//r/+v/6//r/9fvH79//6k/9+e/n8H+v/6//r/+v90Va/1/2PuPx5mUpH8DwAAAFUQc/+JMBP5HwAAAEoj5v6TYSbyPwAAAJRGzP2nwkz+j737aN6rLv84fuf/D2MyPAAXbtj7EFjoWh+ACzcudMZxoaPYG8FesfeCvWMBRWzYG9hQ7GLvigU76sRxcl1X8kvO79xJvJOc871er82lwXiiw4Af4T3fJvtf/6//H7b/v5v+f7/v6//1/yPT/8/T/2+h/9f/6//1/+zU0vr/3P0Pjlua7H8AAADoIHf/Q+IW+x8AAACGkbv/srjF/gcAAIBh5O5/aNzSZP+f1P8f2PTs/zPj1f+P1P97/3/f7+v/9f8jO7/9/xX//SOf/l//r/8P+n/9v/6fky2t/8/d/7C4pcn+BwAAgA5y9z88brH/AQAAYBi5+x8Rt9j/AAAAMIzc/Y+MW5rsf+//e/9f/6//1/9Pf1//v07e/5/Xqf+/7JaLH3j7dXe5/ky+r//X/+v/9f/s1tL6/9z9j4pbmux/AAAA6CB3/6PjFvsfAAAAhpG7/zFxi/0PAAAAw8jd/9i4pcn+1//r//X/+n/9//T39f/rpP+f16n/P5vv6//1//p//T+7tbT+P3f/4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuvzxusf8BAABgGLn7j8QtTfa//v/c9///1v/r/+Pq//X/+v9zT/8/T/+/hf5f/6//1/+zU0vr/3P3XxG3NNn/AAAA0EHu/ifELfY/AAAADCN3/xPjFvsfAAAAhpG7/0lxS5P9r//3/r/+X/+v/5/+vv5/nfT/885//z/1Z8j96f9X3/9fpP/X/+v/OdEZ9v93zPxheyf9f+7+J8ctTfY/AAAAdJC7/ylxi/0PAAAAw8jd/9S4xf4HAACAYeTuf1rc0mT/6//1//p//b/+f/r7+v910v/PW8z7/wcOTv6w/n/1/b/3//X/+n/2WNr7/7n7nx63NNn/AAAA0EHu/mfELfY/AAAADCN3/zPjFvsfAAAAhpG7/1lxS5P9r//X/+v/9f/6/+nvz/X/15/w69P/L4v+f95i+v996P/1/2v+9ev/9f+camn9f+7+Z8ctTfY/AAAAdJC7/8q4xf4HAACAYeTuf07cYv8DAADAMHL3PzduabL/p/v/479d/3969P97f/36/+nfP3bV/+e/o/5/tv+/u/f/e9L/z9P/b6H/1//r//fr/w9v+/n6f6Ysrf/P3f+8uKXJ/gcAAIAOcvc/P26x/wEAAGAYuftfELfY/wAAADCM3P0vjFua7H/v/+v/9f/r6/+9/3/MhXz/f3Pe+/+D+v/TpP+fp//fQv+v/9f/e/+fnVpa/5+7/0VxS5P9DwAAAB3k7n9x3GL/AwAAwDqc+PcOnPw3lIbc/S+JW+x/AAAAGEbu/pfGLU32v/5f/6//1//37v8PraT/9/7/6dL/z9P/b3Fh+/8Dg/b/Bwfr/6/a7+cvof+/XP/Pwuzp/284/uMXqv/P3f+yuKXJ/gcAAIAOcve/PG6x/wEAAGAYuftfEbfY/wAAADCM3P2vjFua7P9z3v8f3v/b+n/9v/5f/3/h+/+1vP+v/z9d+v95+v8tvP/v/X/v/+v/2ak9/f8JLlT/n7v/VXFLk/0PAAAAHeTuf3XcYv8DAADAMHL3XxW32P8AAAAwjNz9r4lbmux/7//r//X/+n/9//T39f/rpP+fp//fQv+v/9f/6//ZqaX1/7n7Xxu3NNn/AAAA0EHu/tfFLfY/AAAADCN3/+vjFvsfAAAAhpG7/w1xS5P9r/8/t/1//rj+X/+/0f/r//X/50Xb/v/A1J+JTrVP/3/T/Y/cc++P6P/1//p//b/+nx1YRP9/9Pj/uszd/8a4pcn+BwAAgA5y978pbrH/AQAAYBi5+98ct9j/AAAAMIzc/W+JWwbZ/4e2/Hb9v/f/9f/6f/3/9Pf1/+vUtv8/Td7/30L/r//X/+v/2alF9P8n/PPc/W+NWwbZ/wAAAMCmdv/b4hb7HwAAAIaRu//tcYv9DwAAAMPI3f+OuKXJ/tf/6//1//p//f/09/X/66T/n6f/30L/r//X/+v/2aml9f+5+6+OW5rsfwAAAOggd/874xb7HwAAAIaRu/9dcYv9DwAAAMPI3f/uuKXJ/tf/6//1//p//f/09/X/66T/n6f/32w218z8Aqb6/6N30v/r//X/+n/O0tL6/9z974lbmux/AAAA6CB3/zVxi/0PAAAAw8jdf23cYv8DAADAMHL3vzduabL/9f/6f/2//l//P/19/f866f/n6f+38P6//l//r/9np5bW/+fuf1/c0mT/AwAAQAe5+6+LW+x/AAAAGEbu/vfHLfY/AAAADCN3//VxS5P9r//X/+v/9f/6/+nv6//X6dz1/xv9v/5f/7+F/l//r//nZEvr/3P3fyBuabL/AQAAoIPc/R+MW+x/AAAAGEbu/g/FLfY/AAAADCN3/4fjlib7X/+v/9f/6//1/9Pf1/+vk/f/5+n/t9D/6//1//p/dmpp/X/u/o/ELU32PwAAAHSQu/+GuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v+9/f9mo//X/+v/jzkP/f+hjf5/5/T/8/T/W+j/x+z//28zUP9/eN+fr/9niZbW/+fu/3jc0mT/AwAAQAe5+z8Rt9j/AAAAMIzc/Z+MW+x/AAAAGEbu/k/FLU32v/5f/+/9f/2//n/6+97/Xyf9/zz9/xb6/zH7f+//6/+5YJbW/+fu/3Tc0mT/AwAAQAe5+z8Tt9j/AAAAMIzc/Z+NW+x/AAAAGEbu/s/FLU32v/5f/6//1//r/6e/r/9fJ/3/PP3/Fvp//b/+X//PTi2t/8/d//m4pcn+BwAAgA5y998Yt9j/AAAAMIzc/TfFLfY/AAAADCN3/xfilib7X/+v/9f/r7P/P6T/1//r/yctpf+/9NJ73Kz/1//r//X/+n/9f3dL6/9z938xbmmy/wEAAKCD3P1filvsfwAAABhG7v4vxy32PwAAAAwjd/9X4pYm+//U/v+izbFC9Zip/j8aNf3/CfT/e3/9+v/p3z+8/6//1/+fe0vp/73/f3a/fv2//n/Nv/4z6v8vOfXn6/8Z0dL6/9z9N8ctTfY/AAAAdJC7/6txi/0PAAAAw8jd/7W4xf4HAACAYeTuvyVuabL/vf+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//t/7/w+67//r/9mdpfX/ufu/Hrc02f8AAADQQe7+b8Qt9j8AAAAMI3f/N+MW+x8AAACGkbv/W3FLk/2v/9f/6//1//r/6e/r/9dJ/z9P/7+F/l//r//3/j87tbT+P3f/t+OWJvsfAAAAOsjd/524xf4HAACAYeTu/27cYv8DAADAMHL3fy9uabL/d9//X6L/D/r/pfT/99H/n/R9/b/+f2T6//wz+jT9/xb6f/2//l//z04trf/P3X9r3NJk/wMAAEAHufu/H7fY/wAAADCM3P0/iFvsfwAAABhG7v4fxi1N9r/3/3v1/wc2Hft/7//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/h/FLU32PwAAAKzVve76gFtP91+bu//HcYv9DwAAAMPI3f+TuMX+BwAAgGHk7v9p3NJk/+v/e/X/Pd//1//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/p/FLScMv4Nn/J8SAAAAWJLc/T+PW5r89X8AAADoIHf/L+KWU/b/0dP8u9oBAACApcnd/8u4pclf/9f/L7z/34zf/9+20f/r/4/R/+v/d0H/P+9/7P+PHtD/6/9n6P/1//p/Tra0/j93/6/ilib7HwAAAAa15/9RyN3/67jF/gcAAIBh5O7/Tdxi/wMAAMAwcvf/Nm5psv/1/wvv/8/q/f/D9Y/W0P97//8c9v9XHpr8vv5f/z8y/f887/9vof/X/+v/9f/s1NL6/9z9t8UtTfY/AAAAdJC7/3dxi/0PAAAAw8jd//u4xf4HAACAYeTu/0Pc0mT/6/9H7P/X9f6//t/7/2ff/9/54iM33vt+116t/+e489n/5+8L+n/9v/7/GP2//l//z8mW1v/n7v9j3NJk/wMAAEAHuftvj1vsfwAAABhG7v4/xS32PwAAAAwjd/+f45Ym+1//r/9fSv+f/11fgP7/yPr6/2yKu/f/3v/X/5/K+//z9P9b6P/1//p//T87tbT+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAYeTu/1vcYv8DAADAMHL3/z1uabL/9f/6/6X0/8n7/8d/nvf/j9H/6//PhP5/nv5/C/2//l//r/9np5bW/+fu/0fc0mT/AwAAQAe5+++IW+x/AAAAGEbu/n/GLfY/AAAADCN3/7/ilib7X/+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//l//r/9np5bW/+fu/08AAAD//6cRdCE=")
rename(&(0x7f0000001c80)='./file0\x00', &(0x7f0000001d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000980)=ANY=[@ANYRES16, @ANYRES8, @ANYRESOCT, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6", @ANYRESHEX, @ANYRESDEC, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0], 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)

1m11.682738601s ago: executing program 0:
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="580000000002000000000000000000000000000010000180f70002800500010000000000300003801700018014"], 0x58}}, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000006"], 0x24d8}], 0x1}, 0x0)

10.803985298s ago: executing program 2:
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
setpgid(0x0, r1)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file3\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file7\x00', 0x0)

9.808595697s ago: executing program 2:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, &(0x7f0000000080)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES16, @ANYRES8], 0x8, 0xa3, &(0x7f00000003c0)="$eJzs17FNw0AABdBvWxjReAEKNmAHRkEuoaMCIXkiVmEEb5AibZqLLlGslCkSJYreK+7+v+q397/5e86QlCkppZQ+yVP2+ev75+P9s55ddh5y8BjuQptmyS9D7cnqrbZ+eZ/Xv+PcZKz3dVYCAADn0Ob1qJXT/nVTku5ikwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyjYAAP//GDMaXg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

9.704330376s ago: executing program 2:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000001980)=ANY=[@ANYBLOB="696f636861727365743d6d61636963656c616e642c646973636172642c696f636861727365743d69736f383835392d342c646d61736b3d30303030303030303030303030303030303030303031312c646973636172642c6572726f72733d72656d6f756e742d726f2c6572726f72733d72656d6f756e742d726f2c646d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d63703836302c6572726f72733d636f6e74696e75652c00401b3ed5707e114e487d8a07ac5bf76c35e1ec263fd239572442aeebf5f0885cac9e374bd219562c4cdeda0e24ce11eca191559cabf479c5ab2264639e972d6ac2080a7132a1c1dc10a33c900944ad0198fe12202479fe30823ef0664ce2"], 0x5, 0x1516, &(0x7f0000002280)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOyyRJDknlkCRJkuSUmKRJXklIDDklDUlIDkNyGEJymJg0zufzMUmSJklCckrWd03xeXur7/2//7fv9b/+c/+ua1/Pup+177XXfu7nsPZ2+LbL0FpNat/ViIjg34K/PiQDQCwADASAawAgAIAKcRXisvtzS0z+9w7C/loPp13pGbArieufs3H9czauf87G9c/ZuP45G9c/Z+P652xcf8Zyss3TC1/LW87d+P5/Tsa///+LZJUd++Xastd3/RdSuP45G9f/f63gv7IT1z9n4/rnbFz/nI3rnxPk+tMern/OxvVnLCe70vef/2GLgSs/hxy1Xen3H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxnOGMv0wBwKX2lZ4XY4wxxhhjjDHG/jo+15WeAWOMMcYYY4wxxv7/QxAgQUEAMZALYiE35AEBAFdDPrgGInAtxMF1kB+uhwJQEApBYYiHIlAUNBiwQBBCMSgOUbgBSsCNUBJKQWkoAw7KQgLcBOXgZigPt0AFuBUqwm1QCSpDFagKt0M1uAOqw51wF9wNNaAm1ILacA/UgXuhLtwH9eB+qA8PQAN4EBrCQ9AIHobG8Ag0gUehKTwGzaA5tICW0Oq/lf8i9ICXoCf0gmToDX3gZegL/aA/DICB8AoMgldhMLwGKTAEhsLrMAzegOHwJoyAkTAK3oLR8DaMgbEwDsZDKkyAifAOTIJ3YTJMgakwDdJgOsyA92AmzILZ8D7MgQ9gLsyD+bAA0uFDWAiLIAM+gsXwMWTCElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDvsgJ2wC3bDJ7AHPoW98Bnsg8//xfzT/5DfFQEBBQpUqDAGYzAWYzEP5sG8mBfzYT6MYATjMA7zY34sgAWwEBbCeIzHolgUDRokJCyGxTCKUSyBJbAklsTSWBodOkzABCyHN2N5LI8VsAJWxIpYCStjZayKVbEaVsPqWB3vwruwBtbAWlgL78F7sDfWxbpYD+thfax/6fYUNsJG2BgbYxNsgk2xKTbDZtgCW2ArbIWtsTW2wTaYiInYDtthe2yPSZiEHbADdsSO2Ak7YWfsjF2wC3bFbtgNX8wF+BK+hL2whuiNfbAP9sWUXP1xAA7AV3AQvoqv4muYgkNwKL6Or+MbOBxP4QgciaNwFFYTb+MYHIskxmMqpuJEnIiTcBJOxik4BadhGk7HGTgDZ+IsnIXv4xz8AD/AeTgPF2A6puNCXIQZmIGL8TRm4hJcistwOa7A5bgKV+MqXIvrcC1uwA24CTfhFtyC23Ab7sAduAsVAH6Cn+KnmIL7cB/ux/14AA/gQTyIWZiFh/AQHsbDeASP4FE8isfwOJ7A43gST+IpPI1n8Ayew3N4Hp+P/7rxrlJrUkBkU0KJGBEjYkWsyCPyiLwir8gn8omIiIg4ESfyi/yigCggColCIl7Ei6KiqDDCCBJhDACIqIiKEqKEKClKitKitHDCiQSRIMqJcqK8KC8qiFtFRXGbqCQqi7auqqgqqolEV13cKe4Sd4kaoqaoJWqL2qKOqCPqirqinqgn6ov6ooF4UDQUvbE/PiyyK9NEDMGmYig2E82FvPgN1loMxzairUgUT4qROALbi9YuSTwjOogx2FH8TYzF50RnMR67iBdEV9FNdBcvih6ijespeonJ2Fv0EdOwr+gn+osBYibWFO/jnNy1xGsiRQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEqJoiJ4h0xSbwrJospYqqYJtLEdDFDvCdmillitnhfzBEfiLlinpgvFoh08aFYKBaJDPGRWCw+FpliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkia/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pKxMrfMI6+SeWVw8dW9VsbJ62R+eb0sIAvKQrKwjJdFZFGppZFWkgxlMVlcRuUNsoS8UZaUpWRpWUY6WVYmyJtkOXmzLC9vkRXkrbKivE1WkpVlFVlV3i6ryTskRH49Rg1ZU9aSteU9so68V9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5SOyiXxUNpWPyWayuWwhW8pW8nHZWj4h28i2MlE+KdvJp2R7+bRMks/IDtJffIs8JzvL52UX+YLsKrvJ7vJneUF62VP2kgC9ZR/5suwr+8n+coAcKF+Rg+SrcrB8TabIIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsoJcqJ8R06S78rJcoqcKqfJNDld9r840mwp/2n+O3+QP/iXo2+Sm+UWuVVuk9vlDrlT7pK75W65R+6Re+VeuU/uk/vlfnlAHpAH5UGZJbPkIXlIHpaH5RF5RB6VR+UxeVyelT/Ik/JHeUqelqflWXlOnpPnL74GoFAJJZVSgYpRuVSsyq3yqKtUXnW1yqeuURF1rYpT16n86npVQBVUhVRhFa+KqKJKK6OsIhWqYqq4iqob8OIbRpVWZZRTZVWCuulfyVcl1I2qpCr1m/xL80v+k/m1Uq1Ua9VatVFtVKJKVO1UO9VetVdJKkl1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VbJKVn3Uy6qv6qf6qwFqoHpFDVKD1GA1WKWoFDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVqlLVRDVRTVKT1GQ1WU1VU1WaSlMz1Aw1U81Us9VsNUfNUXPVXDVfzVfpKl0tVAtVhspQi9VilamWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qU21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVZbKUofUIXVYHVZH1BF1VB1Vx9QxdUKdUCfVSXVKnVJn1Bl1Tp1T59V5dUFdyF72BSIQgQpUEBPEBLFBbJAnyBPkDfIG+YJ8QSSIBHFBXJA/uD4oEBQMCgWFg/igSFA00IEJbCAuFj0a3BCUCG4MSgalgtJBmcAFZYOE4KagXHBzUD64JagQ3BpUDG4LKgWVgypB1eD2oFpwR1A9uDO4K7g7qBHUDGoFtYN7gjrBvUHd4L6gXnB/UD94IGgQPBg0DB4KGgUPB42DR4ImwaNB0+CxoFnQPGgRtAxa/aXje3+q4BOup+6lk3Vv3Ue/rPvqfrq/HqAH6lf0IP2qHqxf0yl6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XqXqCnqjf0ZP0u3qynqKn6mk6TU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtcf6oV6kc7QH+nF+mOdqZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdJb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMX99k/70YZZWJMjIk1sSaPyWPymrwmn8lnIiZi4kycyW/ymwKmgClkCpl4E2+KmqImGxkyxUwxEzVRU8KUMCVNSVPalDbOOJNgEkw5U86UN+VNBVPBVDQVTSVTyVQxVczt5nZzh7nD3GnuNHebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxiSaRNPOtDPtTXuTZJJMB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySbZNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNiUsxQM9QMM8PMcDPcjDAjzajshap524wxY804M96kmlQz0Uw0k8wkM9lMNlPNVJNm0swMM8PMNDPNbDPbzDFzzFwz18w38026STcLzUKTYTLMYrPYZJpMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTJZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5qQ5aU6ZU+aMOWPOmYIXfy+9ibW5bR57lc1rr7b57DX2H+NCtrCNt0VsUattAVvwN7Gx1pa0pWxpW8Y6W9Ym2Jt+F1eylW0VW9XebqvZO2z138V17L22rr3P1rP329r2nt/E9e0DtoF91DZEBLDNbWPb0jaxj9qm9jHbzDa3LWxL284+Zdvbp22SfcZ2sM/+Ll5oF9nVdo1da9fZPfZTe8aetYftt/ac/cn2tL3sQPuKHWRftYPtazbFDvldPMq+ZUfbt+0YO9aOs+N/F0+102yanW5n2PfsTDvrd3G6/dDOsRl2rp1n59sFv8TZc8qwH9nF9mObaZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+4ndarfZ7XaH3Wl3/RJnn8de+5ndZz+3h+w39oD90h60R2yW/fqXOPv8jtjv7FH7vT1mj9sT9gd70v5oT9nTv5x/9rn/YH+2F6y3QEhAkhQFFEO5KJZyUx66ivLS1ZSPrqEIXUtxdB3lp+upABWkQlSY4qkIFSVNhiwRhVSMilOUbqBL6/TSVIYclaUEuonK0c1Unm6hCnQrVaTbqBJVpipUlW6nanQHVac76S66m2pQTapFtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlN6jJpRc2pBLakVPU6t6QlqQ20pkZ6kdvQUtaenKYmeoQ70LHWkv1Eneo460/PUhV6grtSNutOL1INeop7Ui5KpN/Whl6kv9aP+NIAG0is0iF6lwfQapdAQGkqv0zB6g4bTmzSCRtIoeotG09s0hsbSOBpPqTSBJtI7NInepck0habSNEqj6TSD3qOZNItm0/s0hz6guTSP5tMCSqcPaSEtogz6iBbTx5RJS2gpLaPltIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSLtpNn9Ae+pT20me0jz6n/fQFHaAv6SB9RVn0NR2ib+gwfUtH6Dvfi76nY3ScTtAPdJJ+pFN0ms7QWTpHP9F5+pkukCcIMRShDFUYhDFhrjA2zB3mCa8K84ZXh/nCa8JIeG0YF14X5g+vDwuEBcNCYeEwPiwSFg11aEIbUhiGxcLiYTS8ISwR3hiWDEuFpcMyoQvLhgnhTWG58OawfHhLWCG8NawY3hZWCiuHj95fNbw9rBbeEVYP7wwTw7vDGmHNsFZYO7wnrBPeG9YN7wvrhfeH5cMHwgbhg2HD8KGwUfhw2Dh8JGwSPho2DR8Lm4XNwxZhy7BV+HjYOnwibBO2DRPDJ8N24VNh+/DpMCl8JuwQPvtL/wOL/rw/Oewd9glfDl8Ovb9Pzo8uiKZHP4wujC6KZkQ/ii6OfhzNjC6JLo0uiy6ProiujK6Kro6uia6Nrouuj26IboxuinpfOxc4dMJJp1zgYlwuF+tyuzzuKpfXXe3yuWtcxF3r4tx1Lr+73hVwBV0hV9jFuyKuqNPOOOvIha6YK+6i7gZXwt3oSrpSrrQr45wr6xJcS9fKtXKt3ROujWvrEt2T7kn3lHvKPe2eds+4Du5Z19H9zXVyz7nO7nn3vHvBdXXdXHf3ouvhJuT79TOZ7Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7FJcihvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLdaluopvoJrlJbrKb7Ka6qS7NpbkZboab6Wa6arN+PcpcN9fNd/Ndukt3C132mjHDLXaLXabLdEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8Nb8O6va5/W6/O+AOuIPuK5flvnaH3DfusPvWHXHfuaPue3fMHXcn3A/upPvRnXKn3Rl31p1zP7nz7md3wXmXGpkQmRh5JzIp8m5kcmRKZGpkWiQtMj0yI/JeZGZkVmR25P3InMgHkbmReZH5kQWR9MiHkYWRRZGMyEeRxZGPI5mRJZGlkWWR5ZEVEe+LbA19MV/cR/0NvoS/0Zf0pXxpX8Y7X9Yn+Jt8OX+zL+9v8RX8rb6iv81X8pV9Ff+Yb+ab+xa+pW/lH/et/RO+jW/rE/2Tvp1/yrf3T/sk/4zv4J/1Hf3ffCf/nO/sn/dd/Au+q+/mu/sXfQ//ku/pe/lk39v38S/7vr6f7+8H+IH+FT/Iv+oH+9d8ih/ih/rX/TD/hh/u3/Qj/Eg/KuYtP/rSJTKM96l+gp/o3/GT/Lt+sp/ip/ppPs1P9zP8e36mn+Vn+/f9HP+Bn+vn+fl+gU/3H/qFfpHP8B/5xf5jn+mXXLqp7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//E7/Gf+r3+M7/Pf+73+y/8Af+lP+i/8ln+a3/If+MP+2/9Ef+dP+q/98f8cX/C/+BP+h/9KX/an/Fn/Tn/kz/vf/YX+N+sMcYYY4z9l0y43BR/1N/7D54Tf7dzHwC4elvhrL/vz15Rri/wa7ufiG8XAYBnenV5+NJWo0ZycvLFfTMlBMXnAVz6k6BsMXA5XgKJ8BQkQVso94fz7ye6naN/Mn70VoA8f5cTC5fjy+N/8SfjP/7kqIUVwzNx/4/x5wGULH45JzdcjpdAosp+bAvl/2T8gq3/yfxzf5kK0ObvcvLC5fjy/BPgCXgWkn6zJ2OMMcYYY4wx9qt+okqnS9efl/7G5x9dn8eryzm54HL8z67PGWOMMcYYY4wxduU91637048nJbXt9K83qv+3srjxP7XhPcClZxQA/JsDAvzHz2LLf+RYKRc/Ov/YtfysD+B/Rin/isYV/mJijDHGGGOM/eUuL/p/+7y6UhNijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZyoP/Efyd2pc+RMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//8SoNew==")
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0x2000009)
sendfile(r2, r3, 0x0, 0x7ffff000)
splice(r1, 0x0, r0, 0x0, 0xdf, 0x0)

9.454482774s ago: executing program 2:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020030000b02d25a806f8c2d94f90724fc602f1a04000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0)

9.13931976s ago: executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f00000003c0)={0x0, 0x0, r2})

8.841376458s ago: executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap$IORING_OFF_CQ_RING(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0xb8031, 0xffffffffffffffff, 0x8000000)
setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040), 0x4)

8.745596567s ago: executing program 4:
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x21, &(0x7f0000000200)="24fc911e918c74ad7a0e599e17a90ecabe833ca12054887f4142a64471dbe048", 0x20)
getsockopt$inet_tcp_buf(r0, 0x6, 0x21, 0x0, &(0x7f0000000080))

8.640884856s ago: executing program 4:
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
setpgid(0x0, r1)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file3\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file7\x00', 0x0)

7.731824195s ago: executing program 4:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000001980)=ANY=[@ANYBLOB="696f636861727365743d6d61636963656c616e642c646973636172642c696f636861727365743d69736f383835392d342c646d61736b3d30303030303030303030303030303030303030303031312c646973636172642c6572726f72733d72656d6f756e742d726f2c6572726f72733d72656d6f756e742d726f2c646d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d63703836302c6572726f72733d636f6e74696e75652c00401b3ed5707e114e487d8a07ac5bf76c35e1ec263fd239572442aeebf5f0885cac9e374bd219562c4cdeda0e24ce11eca191559cabf479c5ab2264639e972d6ac2080a7132a1c1dc10a33c900944ad0198fe12202479fe30823ef0664ce2"], 0x5, 0x1516, &(0x7f0000002280)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOyyRJDknlkCRJkuSUmKRJXklIDDklDUlIDkNyGEJymJg0zufzMUmSJklCckrWd03xeXur7/2//7fv9b/+c/+ua1/Pup+177XXfu7nsPZ2+LbL0FpNat/ViIjg34K/PiQDQCwADASAawAgAIAKcRXisvtzS0z+9w7C/loPp13pGbArieufs3H9czauf87G9c/ZuP45G9c/Z+P652xcf8Zyss3TC1/LW87d+P5/Tsa///+LZJUd++Xastd3/RdSuP45G9f/f63gv7IT1z9n4/rnbFz/nI3rnxPk+tMern/OxvVnLCe70vef/2GLgSs/hxy1Xen3H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxnOGMv0wBwKX2lZ4XY4wxxhhjjDHG/jo+15WeAWOMMcYYY4wxxv7/QxAgQUEAMZALYiE35AEBAFdDPrgGInAtxMF1kB+uhwJQEApBYYiHIlAUNBiwQBBCMSgOUbgBSsCNUBJKQWkoAw7KQgLcBOXgZigPt0AFuBUqwm1QCSpDFagKt0M1uAOqw51wF9wNNaAm1ILacA/UgXuhLtwH9eB+qA8PQAN4EBrCQ9AIHobG8Ag0gUehKTwGzaA5tICW0Oq/lf8i9ICXoCf0gmToDX3gZegL/aA/DICB8AoMgldhMLwGKTAEhsLrMAzegOHwJoyAkTAK3oLR8DaMgbEwDsZDKkyAifAOTIJ3YTJMgakwDdJgOsyA92AmzILZ8D7MgQ9gLsyD+bAA0uFDWAiLIAM+gsXwMWTCElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDvsgJ2wC3bDJ7AHPoW98Bnsg8//xfzT/5DfFQEBBQpUqDAGYzAWYzEP5sG8mBfzYT6MYATjMA7zY34sgAWwEBbCeIzHolgUDRokJCyGxTCKUSyBJbAklsTSWBodOkzABCyHN2N5LI8VsAJWxIpYCStjZayKVbEaVsPqWB3vwruwBtbAWlgL78F7sDfWxbpYD+thfax/6fYUNsJG2BgbYxNsgk2xKTbDZtgCW2ArbIWtsTW2wTaYiInYDtthe2yPSZiEHbADdsSO2Ak7YWfsjF2wC3bFbtgNX8wF+BK+hL2whuiNfbAP9sWUXP1xAA7AV3AQvoqv4muYgkNwKL6Or+MbOBxP4QgciaNwFFYTb+MYHIskxmMqpuJEnIiTcBJOxik4BadhGk7HGTgDZ+IsnIXv4xz8AD/AeTgPF2A6puNCXIQZmIGL8TRm4hJcistwOa7A5bgKV+MqXIvrcC1uwA24CTfhFtyC23Ab7sAduAsVAH6Cn+KnmIL7cB/ux/14AA/gQTyIWZiFh/AQHsbDeASP4FE8isfwOJ7A43gST+IpPI1n8Ayew3N4Hp+P/7rxrlJrUkBkU0KJGBEjYkWsyCPyiLwir8gn8omIiIg4ESfyi/yigCggColCIl7Ei6KiqDDCCBJhDACIqIiKEqKEKClKitKitHDCiQSRIMqJcqK8KC8qiFtFRXGbqCQqi7auqqgqqolEV13cKe4Sd4kaoqaoJWqL2qKOqCPqirqinqgn6ov6ooF4UDQUvbE/PiyyK9NEDMGmYig2E82FvPgN1loMxzairUgUT4qROALbi9YuSTwjOogx2FH8TYzF50RnMR67iBdEV9FNdBcvih6ijespeonJ2Fv0EdOwr+gn+osBYibWFO/jnNy1xGsiRQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEqJoiJ4h0xSbwrJospYqqYJtLEdDFDvCdmillitnhfzBEfiLlinpgvFoh08aFYKBaJDPGRWCw+FpliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkia/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pKxMrfMI6+SeWVw8dW9VsbJ62R+eb0sIAvKQrKwjJdFZFGppZFWkgxlMVlcRuUNsoS8UZaUpWRpWUY6WVYmyJtkOXmzLC9vkRXkrbKivE1WkpVlFVlV3i6ryTskRH49Rg1ZU9aSteU9so68V9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5SOyiXxUNpWPyWayuWwhW8pW8nHZWj4h28i2MlE+KdvJp2R7+bRMks/IDtJffIs8JzvL52UX+YLsKrvJ7vJneUF62VP2kgC9ZR/5suwr+8n+coAcKF+Rg+SrcrB8TabIIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsoJcqJ8R06S78rJcoqcKqfJNDld9r840mwp/2n+O3+QP/iXo2+Sm+UWuVVuk9vlDrlT7pK75W65R+6Re+VeuU/uk/vlfnlAHpAH5UGZJbPkIXlIHpaH5RF5RB6VR+UxeVyelT/Ik/JHeUqelqflWXlOnpPnL74GoFAJJZVSgYpRuVSsyq3yqKtUXnW1yqeuURF1rYpT16n86npVQBVUhVRhFa+KqKJKK6OsIhWqYqq4iqob8OIbRpVWZZRTZVWCuulfyVcl1I2qpCr1m/xL80v+k/m1Uq1Ua9VatVFtVKJKVO1UO9VetVdJKkl1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VbJKVn3Uy6qv6qf6qwFqoHpFDVKD1GA1WKWoFDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVqlLVRDVRTVKT1GQ1WU1VU1WaSlMz1Aw1U81Us9VsNUfNUXPVXDVfzVfpKl0tVAtVhspQi9VilamWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qU21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVZbKUofUIXVYHVZH1BF1VB1Vx9QxdUKdUCfVSXVKnVJn1Bl1Tp1T59V5dUFdyF72BSIQgQpUEBPEBLFBbJAnyBPkDfIG+YJ8QSSIBHFBXJA/uD4oEBQMCgWFg/igSFA00IEJbCAuFj0a3BCUCG4MSgalgtJBmcAFZYOE4KagXHBzUD64JagQ3BpUDG4LKgWVgypB1eD2oFpwR1A9uDO4K7g7qBHUDGoFtYN7gjrBvUHd4L6gXnB/UD94IGgQPBg0DB4KGgUPB42DR4ImwaNB0+CxoFnQPGgRtAxa/aXje3+q4BOup+6lk3Vv3Ue/rPvqfrq/HqAH6lf0IP2qHqxf0yl6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XqXqCnqjf0ZP0u3qynqKn6mk6TU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtcf6oV6kc7QH+nF+mOdqZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdJb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMX99k/70YZZWJMjIk1sSaPyWPymrwmn8lnIiZi4kycyW/ymwKmgClkCpl4E2+KmqImGxkyxUwxEzVRU8KUMCVNSVPalDbOOJNgEkw5U86UN+VNBVPBVDQVTSVTyVQxVczt5nZzh7nD3GnuNHebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxiSaRNPOtDPtTXuTZJJMB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySbZNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNiUsxQM9QMM8PMcDPcjDAjzajshap524wxY804M96kmlQz0Uw0k8wkM9lMNlPNVJNm0swMM8PMNDPNbDPbzDFzzFwz18w38026STcLzUKTYTLMYrPYZJpMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTJZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5qQ5aU6ZU+aMOWPOmYIXfy+9ibW5bR57lc1rr7b57DX2H+NCtrCNt0VsUattAVvwN7Gx1pa0pWxpW8Y6W9Ym2Jt+F1eylW0VW9XebqvZO2z138V17L22rr3P1rP329r2nt/E9e0DtoF91DZEBLDNbWPb0jaxj9qm9jHbzDa3LWxL284+Zdvbp22SfcZ2sM/+Ll5oF9nVdo1da9fZPfZTe8aetYftt/ac/cn2tL3sQPuKHWRftYPtazbFDvldPMq+ZUfbt+0YO9aOs+N/F0+102yanW5n2PfsTDvrd3G6/dDOsRl2rp1n59sFv8TZc8qwH9nF9mObaZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+4ndarfZ7XaH3Wl3/RJnn8de+5ndZz+3h+w39oD90h60R2yW/fqXOPv8jtjv7FH7vT1mj9sT9gd70v5oT9nTv5x/9rn/YH+2F6y3QEhAkhQFFEO5KJZyUx66ivLS1ZSPrqEIXUtxdB3lp+upABWkQlSY4qkIFSVNhiwRhVSMilOUbqBL6/TSVIYclaUEuonK0c1Unm6hCnQrVaTbqBJVpipUlW6nanQHVac76S66m2pQTapFtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlN6jJpRc2pBLakVPU6t6QlqQ20pkZ6kdvQUtaenKYmeoQ70LHWkv1Eneo460/PUhV6grtSNutOL1INeop7Ui5KpN/Whl6kv9aP+NIAG0is0iF6lwfQapdAQGkqv0zB6g4bTmzSCRtIoeotG09s0hsbSOBpPqTSBJtI7NInepck0habSNEqj6TSD3qOZNItm0/s0hz6guTSP5tMCSqcPaSEtogz6iBbTx5RJS2gpLaPltIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSLtpNn9Ae+pT20me0jz6n/fQFHaAv6SB9RVn0NR2ib+gwfUtH6Dvfi76nY3ScTtAPdJJ+pFN0ms7QWTpHP9F5+pkukCcIMRShDFUYhDFhrjA2zB3mCa8K84ZXh/nCa8JIeG0YF14X5g+vDwuEBcNCYeEwPiwSFg11aEIbUhiGxcLiYTS8ISwR3hiWDEuFpcMyoQvLhgnhTWG58OawfHhLWCG8NawY3hZWCiuHj95fNbw9rBbeEVYP7wwTw7vDGmHNsFZYO7wnrBPeG9YN7wvrhfeH5cMHwgbhg2HD8KGwUfhw2Dh8JGwSPho2DR8Lm4XNwxZhy7BV+HjYOnwibBO2DRPDJ8N24VNh+/DpMCl8JuwQPvtL/wOL/rw/Oewd9glfDl8Ovb9Pzo8uiKZHP4wujC6KZkQ/ii6OfhzNjC6JLo0uiy6ProiujK6Kro6uia6Nrouuj26IboxuinpfOxc4dMJJp1zgYlwuF+tyuzzuKpfXXe3yuWtcxF3r4tx1Lr+73hVwBV0hV9jFuyKuqNPOOOvIha6YK+6i7gZXwt3oSrpSrrQr45wr6xJcS9fKtXKt3ROujWvrEt2T7kn3lHvKPe2eds+4Du5Z19H9zXVyz7nO7nn3vHvBdXXdXHf3ouvhJuT79TOZ7Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7FJcihvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLdaluopvoJrlJbrKb7Ka6qS7NpbkZboab6Wa6arN+PcpcN9fNd/Ndukt3C132mjHDLXaLXabLdEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8Nb8O6va5/W6/O+AOuIPuK5flvnaH3DfusPvWHXHfuaPue3fMHXcn3A/upPvRnXKn3Rl31p1zP7nz7md3wXmXGpkQmRh5JzIp8m5kcmRKZGpkWiQtMj0yI/JeZGZkVmR25P3InMgHkbmReZH5kQWR9MiHkYWRRZGMyEeRxZGPI5mRJZGlkWWR5ZEVEe+LbA19MV/cR/0NvoS/0Zf0pXxpX8Y7X9Yn+Jt8OX+zL+9v8RX8rb6iv81X8pV9Ff+Yb+ab+xa+pW/lH/et/RO+jW/rE/2Tvp1/yrf3T/sk/4zv4J/1Hf3ffCf/nO/sn/dd/Au+q+/mu/sXfQ//ku/pe/lk39v38S/7vr6f7+8H+IH+FT/Iv+oH+9d8ih/ih/rX/TD/hh/u3/Qj/Eg/KuYtP/rSJTKM96l+gp/o3/GT/Lt+sp/ip/ppPs1P9zP8e36mn+Vn+/f9HP+Bn+vn+fl+gU/3H/qFfpHP8B/5xf5jn+mXXLqp7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//E7/Gf+r3+M7/Pf+73+y/8Af+lP+i/8ln+a3/If+MP+2/9Ef+dP+q/98f8cX/C/+BP+h/9KX/an/Fn/Tn/kz/vf/YX+N+sMcYYY4z9l0y43BR/1N/7D54Tf7dzHwC4elvhrL/vz15Rri/wa7ufiG8XAYBnenV5+NJWo0ZycvLFfTMlBMXnAVz6k6BsMXA5XgKJ8BQkQVso94fz7ye6naN/Mn70VoA8f5cTC5fjy+N/8SfjP/7kqIUVwzNx/4/x5wGULH45JzdcjpdAosp+bAvl/2T8gq3/yfxzf5kK0ObvcvLC5fjy/BPgCXgWkn6zJ2OMMcYYY4wx9qt+okqnS9efl/7G5x9dn8eryzm54HL8z67PGWOMMcYYY4wxduU91637048nJbXt9K83qv+3srjxP7XhPcClZxQA/JsDAvzHz2LLf+RYKRc/Ov/YtfysD+B/Rin/isYV/mJijDHGGGOM/eUuL/p/+7y6UhNijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZyoP/Efyd2pc+RMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//8SoNew==")
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0x2000009)
sendfile(r2, r3, 0x0, 0x7ffff000)
splice(r1, 0x0, r0, 0x0, 0xdf, 0x0)

6.512976641s ago: executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x2, 0x4)
bind$unix(r0, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e)

6.116969317s ago: executing program 4:
r0 = syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x4001, &(0x7f00000003c0)={[{@nouser_xattr}, {@jqfmt_vfsv0}, {@four_active_logs}, {@data_flush}, {@heap}, {@nouser_xattr}, {@quota}, {@resuid={'resuid', 0x3d, 0xee01}}, {@usrjquota={'usrjquota', 0x3d, 'noflush_merge'}}, {@noflush_merge}, {@noinline_data}, {@grpjquota={'grpjquota', 0x3d, '+~N~^\x05[\x1b=^\x00\x1e\xe1\x06\x86\xa2\xec\xc19lh\xa6\xb1\x84\xe2\x7f\xe0\x13\xa1HTx\x8ey\xd55:\x90\xe5 \x9b\xbc\xbe\x9d/\xacPN\xbed\xb0\x84\xd7\xfd\xff\x92*Q\xe8&\xd8\x1d\x8c5\r\x96I\xc9\x0eq\x01\xd1;t$\xe0XVU\x1c\xbf\x84L\xd3\xf3\xf43\xd1\xb7\"\nn\f\xeby\x9d\xdf\xcb\\\xcc\xe6Zk\xe6\xf6]\xd9/\xe3\xc5k\x17\x04\xee'}}]}, 0x0, 0x5516, &(0x7f0000000a40)="$eJzs3E1rY+UXAPCTtJ33//yLuHA3FwahhUlo+jLoruoMvmCHMurClaZJGjKT5JYmTWtXLlyKC7+JKLhy6Wdw4dqduFDcCUruvdWpLyA0bez094Obc58nT849TxgGzr0lAVxY88nPP5biZlyNiJmIuBGRnZeKI7Oeh+ci4lZElJ84SsX87xOXIuJaRNwcJ89zloq3Pr0zur32wxs/ffXN5dnrn3357fR2DUzb8xHR28nP93t5TNt5fFTM10edLPZWR0XM3+g9LsZpHvdbW1mG/frRunoWV9r5+nRnbzCO2916Yxzbne1sfqefX3Awah/lyT7wqL6bjZutrSx2BmkW24d5XQeH+f9th4NhnqdZ5PsgSx/D4VHM51sHrXw/O4+z2OgPi/k8b9psHYzjqIjF5aKRdptZHVsn+ab/297s9PcOklFrd9BJ+8latfZCtXa3UttNm61ha7VS7zXvriYL7e54WWXYqvfW22na7raqjbS3mCy0G41KrZYs3Gttder9pFarrlSXKmuLxdmd5NUH7yTdZrIwji93+nvDTneQbKe7Sf6JxWS5uvLiYnK7lry1sZlsPrx/f2Pz7ffuvfvgpY3XXykW/aWsZGF5aXm5UluqLNcWL9D+PyqKnuD+4URK0y4A4PzR/wPTcHr9/+7DiNPv/0P/PxHnqv+94P1/+RT2Dyei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLC+m/v8texkPh9fL+b/V0w9U4xLEVGOiF//xkxcOpZzpsgz9w/r5/5Uw9elyDKMr3G5OK5FxHpx/PL/0/4WAAAA4On1xYe3Psm79fxlftoFcZbymzblG+9PKF8pIubmv59QtvL45dkJJcv+fc/GwYSyZTewrkwoWX7LbXZS2f6VmWPhyhOhlIfymZYDAACcieOdwNl2IQAAAJylj6ddANNRiqNHmUfPgrO/vP/jgeDVYyMAAADgHCpNuwAAAADg1GX9v9//AwAAgKdb/vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MbO3eSkDgRwAB8KffC+8siLe6/iDo7hEVy6NBzAS3AEvIIX4Ay44wgGDJ2JsfIRpS0V8/slZehA/8wQWMxHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KSnfDZ+uLu8r5qzWldTT28AAACAXRb5bFw8Gcbz36n+b6r6n847IYQshLBr7N4NP0qZ3ZST73l//q4NjyEUCZvP6KfjVwjhKh3P/5r+FgAAAOD7mk+mozhajw/DthvEKcVJm+zP9dYrnaPyNlflw2XldkXZJu+iprDi990LtzWlFRNYg5rC4pRbr1TVqyt7j+Lv/jprN3hTdGKRHb6+tr4DAAAn1C0VTY87AAAAaM9N2w2gHcUqb9qLn5YC+7FIy3s/S2cAAADAF7U+sJX7uF3eAAAAwDkpxv/u/wcAAADn6aML+/H+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADRpkc/G88l09Lmr+ls1q3U1YVlfnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBf25x0FQiAMwmDv+s5k7n9YadDM3KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/e4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNifoxQGYSCKoq9t2uqfZOGuWR7oGkQ4BwKXGeYjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRK/z5X3Fp7ElGZ02vh3PJL+uGv+uGksPGmsPZrKPu38EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLBz/y5yVHEAwN/M7Gy8qLiessWJKFhoYzabmJhOLJTDwj9BOC6beGbjj+QKE4JwjZ1cnUa0FBGUs8v/kDqBNLFLsUUEa+XNztxNkgVXQ2Y2t58PvHnfHYZ53/cOjvvOm1sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGjy/kGcxUNvGqfluVv3r23G/vZDfXRj985abDFOmkz66fBq/UPSby8RAAAAlkdW1fchhLv53nrs015R/+fVNbHm/+H5aVzV8w/X/VVf1f6x/f7bvZf3B+pNx4k3Pbc1Hh1/NJXOk5vlYnvhX6/oFCtfPHvJih9I+tHOS5O8WM/ku5s3P+gW4ZEmsgUA/o9jVV8G1d9DsR+2mRgAS6NTK7yr+j/rtZsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBMmO+HZKk5CCGudgzi6ff/a5qz+xu6dtaqdvn59t37PeIs8hHBuazw63uBcFt3lK1cvbIzHo0vNB6+FENoa/b1y+hc+mePiEB5v0JVysJbWeemDtFz/Rcnn6Qha+oUEAMChlZct1vV38731eC5ZDeHvHx+s/9+sxWHO+v/ep6dv1ceq1//Dxma4+AbbF78cXL5y9e2tixvnR+dHn79zYvju8OSZU6fODIpnJQNPTAAAAHg83bLV6/909dH9/6O1OMxZ/3/1/fCb+liZ+n+mg02/tjMBAABYbi++/tefyYzzSbcbvt7Y3r40nB73P5+YHltI9T87UrZ6/Z+ttp0VAAAA0ITJTvLA/v/ZWhzm3P9/7qdXfqnfMwshrJT7/8c2vxifbW46C62BfycOs55fAQAAsDxWylbf/8+L9//T/ZIxDSG89cY0Lr8GcK76P/vw25/rY9Xf/z/Z3BQXUtqfrkfR90Po9NvOCAAAgMPsmbLFYv+PfG/9s1+Pftz1/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA0/4JAAD//7U3PNU=")
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0xf505, 0x0)

5.856302267s ago: executing program 4:
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a6, &(0x7f0000000640)={{@host}, @hyper, 0xb, 0x0, 0x400000})

3.038542535s ago: executing program 1:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000001980)=ANY=[@ANYBLOB="696f636861727365743d6d61636963656c616e642c646973636172642c696f636861727365743d69736f383835392d342c646d61736b3d30303030303030303030303030303030303030303031312c646973636172642c6572726f72733d72656d6f756e742d726f2c6572726f72733d72656d6f756e742d726f2c646d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d63703836302c6572726f72733d636f6e74696e75652c00401b3ed5707e114e487d8a07ac5bf76c35e1ec263fd239572442aeebf5f0885cac9e374bd219562c4cdeda0e24ce11eca191559cabf479c5ab2264639e972d6ac2080a7132a1c1dc10a33c900944ad0198fe12202479fe30823ef0664ce2"], 0x5, 0x1516, &(0x7f0000002280)="$eJzs3AuYTlX7MPD7XmvtMSQ9TXIY1lr35kkOyyRJDknlkCRJkuSUmKRJXklIDDklDUlIDkNyGEJymJg0zufzMUmSJklCckrWd03xeXur7/2//7fv9b/+c/+ua1/Pup+177XXfu7nsPZ2+LbL0FpNat/ViIjg34K/PiQDQCwADASAawAgAIAKcRXisvtzS0z+9w7C/loPp13pGbArieufs3H9czauf87G9c/ZuP45G9c/Z+P652xcf8Zyss3TC1/LW87d+P5/Tsa///+LZJUd++Xastd3/RdSuP45G9f/f63gv7IT1z9n4/rnbFz/nI3rnxPk+tMern/OxvVnLCe70vef/2GLgSs/hxy1Xen3H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxnOGMv0wBwKX2lZ4XY4wxxhhjjDHG/jo+15WeAWOMMcYYY4wxxv7/QxAgQUEAMZALYiE35AEBAFdDPrgGInAtxMF1kB+uhwJQEApBYYiHIlAUNBiwQBBCMSgOUbgBSsCNUBJKQWkoAw7KQgLcBOXgZigPt0AFuBUqwm1QCSpDFagKt0M1uAOqw51wF9wNNaAm1ILacA/UgXuhLtwH9eB+qA8PQAN4EBrCQ9AIHobG8Ag0gUehKTwGzaA5tICW0Oq/lf8i9ICXoCf0gmToDX3gZegL/aA/DICB8AoMgldhMLwGKTAEhsLrMAzegOHwJoyAkTAK3oLR8DaMgbEwDsZDKkyAifAOTIJ3YTJMgakwDdJgOsyA92AmzILZ8D7MgQ9gLsyD+bAA0uFDWAiLIAM+gsXwMWTCElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDvsgJ2wC3bDJ7AHPoW98Bnsg8//xfzT/5DfFQEBBQpUqDAGYzAWYzEP5sG8mBfzYT6MYATjMA7zY34sgAWwEBbCeIzHolgUDRokJCyGxTCKUSyBJbAklsTSWBodOkzABCyHN2N5LI8VsAJWxIpYCStjZayKVbEaVsPqWB3vwruwBtbAWlgL78F7sDfWxbpYD+thfax/6fYUNsJG2BgbYxNsgk2xKTbDZtgCW2ArbIWtsTW2wTaYiInYDtthe2yPSZiEHbADdsSO2Ak7YWfsjF2wC3bFbtgNX8wF+BK+hL2whuiNfbAP9sWUXP1xAA7AV3AQvoqv4muYgkNwKL6Or+MbOBxP4QgciaNwFFYTb+MYHIskxmMqpuJEnIiTcBJOxik4BadhGk7HGTgDZ+IsnIXv4xz8AD/AeTgPF2A6puNCXIQZmIGL8TRm4hJcistwOa7A5bgKV+MqXIvrcC1uwA24CTfhFtyC23Ab7sAduAsVAH6Cn+KnmIL7cB/ux/14AA/gQTyIWZiFh/AQHsbDeASP4FE8isfwOJ7A43gST+IpPI1n8Ayew3N4Hp+P/7rxrlJrUkBkU0KJGBEjYkWsyCPyiLwir8gn8omIiIg4ESfyi/yigCggColCIl7Ei6KiqDDCCBJhDACIqIiKEqKEKClKitKitHDCiQSRIMqJcqK8KC8qiFtFRXGbqCQqi7auqqgqqolEV13cKe4Sd4kaoqaoJWqL2qKOqCPqirqinqgn6ov6ooF4UDQUvbE/PiyyK9NEDMGmYig2E82FvPgN1loMxzairUgUT4qROALbi9YuSTwjOogx2FH8TYzF50RnMR67iBdEV9FNdBcvih6ijespeonJ2Fv0EdOwr+gn+osBYibWFO/jnNy1xGsiRQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEqJoiJ4h0xSbwrJospYqqYJtLEdDFDvCdmillitnhfzBEfiLlinpgvFoh08aFYKBaJDPGRWCw+FpliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkia/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pKxMrfMI6+SeWVw8dW9VsbJ62R+eb0sIAvKQrKwjJdFZFGppZFWkgxlMVlcRuUNsoS8UZaUpWRpWUY6WVYmyJtkOXmzLC9vkRXkrbKivE1WkpVlFVlV3i6ryTskRH49Rg1ZU9aSteU9so68V9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5SOyiXxUNpWPyWayuWwhW8pW8nHZWj4h28i2MlE+KdvJp2R7+bRMks/IDtJffIs8JzvL52UX+YLsKrvJ7vJneUF62VP2kgC9ZR/5suwr+8n+coAcKF+Rg+SrcrB8TabIIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsoJcqJ8R06S78rJcoqcKqfJNDld9r840mwp/2n+O3+QP/iXo2+Sm+UWuVVuk9vlDrlT7pK75W65R+6Re+VeuU/uk/vlfnlAHpAH5UGZJbPkIXlIHpaH5RF5RB6VR+UxeVyelT/Ik/JHeUqelqflWXlOnpPnL74GoFAJJZVSgYpRuVSsyq3yqKtUXnW1yqeuURF1rYpT16n86npVQBVUhVRhFa+KqKJKK6OsIhWqYqq4iqob8OIbRpVWZZRTZVWCuulfyVcl1I2qpCr1m/xL80v+k/m1Uq1Ua9VatVFtVKJKVO1UO9VetVdJKkl1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VbJKVn3Uy6qv6qf6qwFqoHpFDVKD1GA1WKWoFDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVqlLVRDVRTVKT1GQ1WU1VU1WaSlMz1Aw1U81Us9VsNUfNUXPVXDVfzVfpKl0tVAtVhspQi9VilamWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qU21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVZbKUofUIXVYHVZH1BF1VB1Vx9QxdUKdUCfVSXVKnVJn1Bl1Tp1T59V5dUFdyF72BSIQgQpUEBPEBLFBbJAnyBPkDfIG+YJ8QSSIBHFBXJA/uD4oEBQMCgWFg/igSFA00IEJbCAuFj0a3BCUCG4MSgalgtJBmcAFZYOE4KagXHBzUD64JagQ3BpUDG4LKgWVgypB1eD2oFpwR1A9uDO4K7g7qBHUDGoFtYN7gjrBvUHd4L6gXnB/UD94IGgQPBg0DB4KGgUPB42DR4ImwaNB0+CxoFnQPGgRtAxa/aXje3+q4BOup+6lk3Vv3Ue/rPvqfrq/HqAH6lf0IP2qHqxf0yl6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XqXqCnqjf0ZP0u3qynqKn6mk6TU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtcf6oV6kc7QH+nF+mOdqZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdJb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMX99k/70YZZWJMjIk1sSaPyWPymrwmn8lnIiZi4kycyW/ymwKmgClkCpl4E2+KmqImGxkyxUwxEzVRU8KUMCVNSVPalDbOOJNgEkw5U86UN+VNBVPBVDQVTSVTyVQxVczt5nZzh7nD3GnuNHebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxiSaRNPOtDPtTXuTZJJMB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySbZNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNiUsxQM9QMM8PMcDPcjDAjzajshap524wxY804M96kmlQz0Uw0k8wkM9lMNlPNVJNm0swMM8PMNDPNbDPbzDFzzFwz18w38026STcLzUKTYTLMYrPYZJpMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTJZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5qQ5aU6ZU+aMOWPOmYIXfy+9ibW5bR57lc1rr7b57DX2H+NCtrCNt0VsUattAVvwN7Gx1pa0pWxpW8Y6W9Ym2Jt+F1eylW0VW9XebqvZO2z138V17L22rr3P1rP329r2nt/E9e0DtoF91DZEBLDNbWPb0jaxj9qm9jHbzDa3LWxL284+Zdvbp22SfcZ2sM/+Ll5oF9nVdo1da9fZPfZTe8aetYftt/ac/cn2tL3sQPuKHWRftYPtazbFDvldPMq+ZUfbt+0YO9aOs+N/F0+102yanW5n2PfsTDvrd3G6/dDOsRl2rp1n59sFv8TZc8qwH9nF9mObaZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+4ndarfZ7XaH3Wl3/RJnn8de+5ndZz+3h+w39oD90h60R2yW/fqXOPv8jtjv7FH7vT1mj9sT9gd70v5oT9nTv5x/9rn/YH+2F6y3QEhAkhQFFEO5KJZyUx66ivLS1ZSPrqEIXUtxdB3lp+upABWkQlSY4qkIFSVNhiwRhVSMilOUbqBL6/TSVIYclaUEuonK0c1Unm6hCnQrVaTbqBJVpipUlW6nanQHVac76S66m2pQTapFtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlN6jJpRc2pBLakVPU6t6QlqQ20pkZ6kdvQUtaenKYmeoQ70LHWkv1Eneo460/PUhV6grtSNutOL1INeop7Ui5KpN/Whl6kv9aP+NIAG0is0iF6lwfQapdAQGkqv0zB6g4bTmzSCRtIoeotG09s0hsbSOBpPqTSBJtI7NInepck0habSNEqj6TSD3qOZNItm0/s0hz6guTSP5tMCSqcPaSEtogz6iBbTx5RJS2gpLaPltIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSLtpNn9Ae+pT20me0jz6n/fQFHaAv6SB9RVn0NR2ib+gwfUtH6Dvfi76nY3ScTtAPdJJ+pFN0ms7QWTpHP9F5+pkukCcIMRShDFUYhDFhrjA2zB3mCa8K84ZXh/nCa8JIeG0YF14X5g+vDwuEBcNCYeEwPiwSFg11aEIbUhiGxcLiYTS8ISwR3hiWDEuFpcMyoQvLhgnhTWG58OawfHhLWCG8NawY3hZWCiuHj95fNbw9rBbeEVYP7wwTw7vDGmHNsFZYO7wnrBPeG9YN7wvrhfeH5cMHwgbhg2HD8KGwUfhw2Dh8JGwSPho2DR8Lm4XNwxZhy7BV+HjYOnwibBO2DRPDJ8N24VNh+/DpMCl8JuwQPvtL/wOL/rw/Oewd9glfDl8Ovb9Pzo8uiKZHP4wujC6KZkQ/ii6OfhzNjC6JLo0uiy6ProiujK6Kro6uia6Nrouuj26IboxuinpfOxc4dMJJp1zgYlwuF+tyuzzuKpfXXe3yuWtcxF3r4tx1Lr+73hVwBV0hV9jFuyKuqNPOOOvIha6YK+6i7gZXwt3oSrpSrrQr45wr6xJcS9fKtXKt3ROujWvrEt2T7kn3lHvKPe2eds+4Du5Z19H9zXVyz7nO7nn3vHvBdXXdXHf3ouvhJuT79TOZ7Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7FJcihvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLdaluopvoJrlJbrKb7Ka6qS7NpbkZboab6Wa6arN+PcpcN9fNd/Ndukt3C132mjHDLXaLXabLdEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8Nb8O6va5/W6/O+AOuIPuK5flvnaH3DfusPvWHXHfuaPue3fMHXcn3A/upPvRnXKn3Rl31p1zP7nz7md3wXmXGpkQmRh5JzIp8m5kcmRKZGpkWiQtMj0yI/JeZGZkVmR25P3InMgHkbmReZH5kQWR9MiHkYWRRZGMyEeRxZGPI5mRJZGlkWWR5ZEVEe+LbA19MV/cR/0NvoS/0Zf0pXxpX8Y7X9Yn+Jt8OX+zL+9v8RX8rb6iv81X8pV9Ff+Yb+ab+xa+pW/lH/et/RO+jW/rE/2Tvp1/yrf3T/sk/4zv4J/1Hf3ffCf/nO/sn/dd/Au+q+/mu/sXfQ//ku/pe/lk39v38S/7vr6f7+8H+IH+FT/Iv+oH+9d8ih/ih/rX/TD/hh/u3/Qj/Eg/KuYtP/rSJTKM96l+gp/o3/GT/Lt+sp/ip/ppPs1P9zP8e36mn+Vn+/f9HP+Bn+vn+fl+gU/3H/qFfpHP8B/5xf5jn+mXXLqp7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//E7/Gf+r3+M7/Pf+73+y/8Af+lP+i/8ln+a3/If+MP+2/9Ef+dP+q/98f8cX/C/+BP+h/9KX/an/Fn/Tn/kz/vf/YX+N+sMcYYY4z9l0y43BR/1N/7D54Tf7dzHwC4elvhrL/vz15Rri/wa7ufiG8XAYBnenV5+NJWo0ZycvLFfTMlBMXnAVz6k6BsMXA5XgKJ8BQkQVso94fz7ye6naN/Mn70VoA8f5cTC5fjy+N/8SfjP/7kqIUVwzNx/4/x5wGULH45JzdcjpdAosp+bAvl/2T8gq3/yfxzf5kK0ObvcvLC5fjy/BPgCXgWkn6zJ2OMMcYYY4wx9qt+okqnS9efl/7G5x9dn8eryzm54HL8z67PGWOMMcYYY4wxduU91637048nJbXt9K83qv+3srjxP7XhPcClZxQA/JsDAvzHz2LLf+RYKRc/Ov/YtfysD+B/Rin/isYV/mJijDHGGGOM/eUuL/p/+7y6UhNijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZyoP/Efyd2pc+RMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//8SoNew==")
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0x2000009)
sendfile(r2, r3, 0x0, 0x7ffff000)
splice(r1, 0x0, r0, 0x0, 0xdf, 0x0)

2.935700479s ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x50, 0x3, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8}, @CTA_TIMEOUT_TCP_UNACK={0x8}, @CTA_TIMEOUT_TCP_FIN_WAIT={0x8}, @CTA_TIMEOUT_TCP_ESTABLISHED={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x50}}, 0x0)

2.862032682s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0x24, 0x0, 0x0, 0x0, 0x0, 0x66, 0x10}, [@call={0x16}]}, &(0x7f0000000140)='GPL\x00', 0x2, 0x2, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff4e}, 0x23)

2.840631961s ago: executing program 1:
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
r2 = socket(0x1d, 0x2, 0x6)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bind$can_j1939(r2, &(0x7f0000000000)={0x1d, r1, 0x3}, 0x18)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[], 0x14}}, 0x0)
r3 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000380)=<r4=>0x0)
syz_io_uring_setup(0x7283, &(0x7f0000000280), &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={0x0, 0x28}}, 0x0)

2.777025218s ago: executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@loopback, 0x80000003}, 0x20)

2.659141096s ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x25c, 0x23}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8a240000}]}, 0x38}, 0x1, 0x0, 0x0, 0x90}, 0xffe1883828a17c64)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x4, 0x101001)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x80000000, 0x4, 0x8, 0x8, "6a643f107d9ce4f52c3aa55538ffc960d6dc69a2821127d402189945e0af7c6559fe2ea04245f6e77b90eb67d0c8d419132b0b46fa357bf22ba5be852a80233e", "47d20f5237c64dc5e950e46024a9b15e89271c9ee326c34987efecbf702c1e7f", [0x1000, 0x100]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x0, 0xb}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x3, 0x21c529b3, 0x400, 0xe07efbb2, 0x840, r2, 0x95f3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000340)={0x488, <r5=>0x0}, 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x37, 0x1, 0x9, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x0, &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)={@map=r3, r4, 0x27, 0x3030, 0x0, @link_id=r5, r6}, 0x20)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x6, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x5}, [@cb_func={0x18, 0x4, 0x4, 0x0, 0x2}, @jmp={0x5, 0x1, 0x9, 0x0, 0x2, 0x6, 0xffffffffffffffff}]}, &(0x7f0000000540)='syzkaller\x00', 0x40, 0x41, &(0x7f0000000580)=""/65, 0x41100, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000640)=[r3, r3, r3, r3], &(0x7f0000000680)=[{0x5, 0x5, 0x9, 0x2}, {0x0, 0x6, 0xe, 0xa}, {0x3, 0x3, 0xb, 0x7}, {0x1, 0x3, 0x6, 0x2}], 0x10, 0x6}, 0x90)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0x0, r0, 0x0, 0xb, &(0x7f0000000780)='/dev/loop#\x00', <r8=>0x0}, 0x30)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000800)={@map=r3, r7, 0x2c, 0x2000, r4, @prog_id=r8, r6}, 0x20)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = io_uring_setup(0x7ea7, &(0x7f0000000840)={0x0, 0x9337, 0x400, 0x1, 0x2be})
r11 = io_uring_setup(0x1c71, &(0x7f00000008c0)={0x0, 0x250c, 0x8, 0x2, 0x1eb, 0x0, r10})
bind$inet6(r9, &(0x7f0000000940)={0xa, 0x4e22, 0x40, @mcast1}, 0x1c)
r12 = syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x1130, 0x3101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x2, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x2d, 0x2, 0x3, 0x1, 0x1, 0xcd, {0x9, 0x21, 0x2, 0x5, 0x1, {0x22, 0x68e}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x3, 0x4e, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x0, 0x20, 0xd2}}]}}}]}}]}}, &(0x7f0000000d80)={0xa, &(0x7f00000009c0)={0xa, 0x6, 0x300, 0x7, 0x1, 0x4, 0x40, 0x20}, 0x10, &(0x7f0000000a00)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0x4, 0x80, 0x3f, 0x0, 0x8c}]}, 0x8, [{0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x2401}}, {0x4, &(0x7f0000000a80)=@string={0x4, 0x3, "8036"}}, {0x60, &(0x7f0000000ac0)=@string={0x60, 0x3, "9580281c2b04ad478f9c591ac1ead282a1c67d39a414c5b864a695fffa475a6f02bc07c93154534d14ad0b7a88ac2ed557ef3956eed9187ee3d8dd882e0c709341609b27879254ddba2523ff3c8381b5c2c2d0d61923bff79bffc700ffe6"}}, {0x70, &(0x7f0000000b40)=@string={0x70, 0x3, "fa345dec7900f7f15c79f1162ca6eac2f9e270a7e5c69959c8c9c63a50f5461c8bd64a2153a64bce31effa8a3a304ca311f202fad7a74f4624609d309aa56360ae1ba0d3c461186879730fa2cc68c1f3a8f8e02e769a80cbb01ca981d6899290d49e39ca2b91e6690f5e2d29cc77"}}, {0x7, &(0x7f0000000bc0)=@string={0x7, 0x3, "97f9ea401d"}}, {0x4, &(0x7f0000000c00)=@lang_id={0x4, 0x3, 0x1007}}, {0x78, &(0x7f0000000c40)=@string={0x78, 0x3, "2385f0798b9fb5cf3f2e9fb795eace8999a8100e33cb3b564d3750adeb645ede03ffa8dc2f43bcaa7ba6a8800557678cc044dbe5ec7f0c1c13eced95b4174f4fb6f70e033000c265e1e272271ccd25b60845800baaddb011d517f3915bd9024b6e23c8b249277dd06f23677394b5da08bdcd701a78bd"}}, {0xa1, &(0x7f0000000cc0)=@string={0xa1, 0x3, "8f59bb39934bd83d36982f91fec6688bd75c08745d9b156f34285580c421537de2146655675644444e37a76a5650ca2473d36a04a2312b41a5806ea54c20708c2865ec8f9177bf47550ea01ce28831c831f4e123048dd52cc7f788a83c1ca84edf528ebed83b6867e72b356285382f52c899e228f79da88579fd31f64c5933ebedcfa9b2981f91b299f2086fea6199cc0ac58b12ea2ce32f2480c7892a306b"}}]})
syz_usb_control_io$hid(r12, &(0x7f0000000f80)={0x24, &(0x7f0000000e00)={0x20, 0x8, 0xa2, {0xa2, 0x9, "d7465af3c65abf0982f13e95b0fff2e08c5d550f642ff440b135fc21f1072edacc872473495ad7ecf99b925c3971635dc06cb6c51465265d04ba67c0150ac7a2e2b33733e3561373d125f2b4fd07c3ac517329360225e8d11e6108592adf252c62dc5cff10857c52fc50933894c663d232cc0a31656446c38876692ecf9cdc2a10eabe45a0ad321d67b68b4233d8f830e467ac653e59b2d4fa5d28ca7020ad0f"}}, &(0x7f0000000ec0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc01}}, &(0x7f0000000f00)={0x0, 0x22, 0xc, {[@main=@item_012={0x0, 0x0, 0x8}, @global=@item_012={0x0, 0x1, 0x3}, @main=@item_4={0x3, 0x0, 0x8, "81d11dd9"}, @local=@item_4={0x3, 0x2, 0xa, "198e2944"}]}}, &(0x7f0000000f40)={0x0, 0x21, 0x9, {0x9, 0x21, 0xa4, 0x9, 0x1, {0x22, 0x683}}}}, &(0x7f0000001240)={0x2c, &(0x7f0000000fc0)={0x0, 0xa, 0xfc, "488303e9e2dff1a3a47ab464c74263b5f0010f132d54b5b0b7eddd7e61d9ebc86593893414d8a8a40f2d1bad032bd544b5c6ed2bf253fbe3bb3b3e0817bae197ce4b50779951629c67101af2ab3a3f5ebc763590d0f5be0d4d5b758e47121536e3fff0a215e19d30a4af43b2a8dbb6f74700cebe9d6e246c16cdbbe1792bacb608948082fd13f91977388aef00f1c039abe5526e65267b03e78f6d85eaec0ab3c475e4668e335cb2573f6cc49a41b4230bcacd4cb72fed2eb3b006cbe3aefa2a9f857199a605028435608eb613550b626ef55b6ec0bba1ed1678aecb6260cfc5166c11b637481f867276c9f71d305a6fc318731572f09d360a729262"}, &(0x7f0000001100)={0x0, 0xa, 0x1, 0x8e}, &(0x7f0000001140)={0x0, 0x8, 0x1, 0x40}, &(0x7f0000001180)={0x20, 0x1, 0x7a, "7b47c50f7a8b911efc99f283cd43229f7dcb1cd82c4576b28ce4028086c0a65876934dde91bb2b6132db90fcfcc45f9c4a66f74fb8f69adcb594b0c501c91a01e7c5c7f2cc1801c482cdafff709b62b831603f5a0a087ad08f0269f532bbe83ad870f6ec82e1e1ab919d22843ca107b73fe5eb87b204bbbf602b"}, &(0x7f0000001200)={0x20, 0x3, 0x1, 0x7}})
mkdirat(r10, &(0x7f0000001280)='./file0\x00', 0xc)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r0)
r14 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r14, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000001300)={0x2, 0x10, 0x5, 0x0, 0xa, 0x0, 0x70bd2d, 0x25dfdbfd, [@sadb_x_policy={0x8, 0x12, 0x4, 0x0, 0x0, 0x6e6bbb, 0x5, {0x6, 0x32, 0x0, 0x2, 0x0, 0x9, 0x0, @in=@multicast2, @in=@private=0xa010101}}]}, 0x50}}, 0x20000040)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x3f, 0xfffffffffffffff8, 0x0, 0x18, 0x1c, 0x8, "dcfcf4abd9b2a458b6a21b67d9f8b0fde7844252de6c276d76f6b47b97c7a430e523c39c9599bb01943389e13f18b933d254b361b8d95debf672d613b9b538bb", "dada9b859d787d6f9a0fc18b0ed49ac71427747fd526f8110071f7924b817f6656fb9fe3f852f272cd36c67386945bc5f2dd9a61fb9e2cd237ec68f57258a57a", "ca002c6b136deae5ff5b0c3492425ff523ae8a2d5cc9a83ca7795a77dc33d64d", [0x1, 0x100000001]})
ioctl$FIBMAP(r11, 0x1, &(0x7f0000001500)=0x101)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000001580)={'wlan0\x00', <r15=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000001680)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001640)={&(0x7f00000015c0)={0x4c, r13, 0x4, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r15}, @val={0xc, 0x99, {0x2, 0x70}}}}, [@NL80211_ATTR_FRAME_MATCH={0x21, 0x5b, "a79d138b91979d7e13fb00f40c424a9fe39abb087c94955b4f5bbcf0fa"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4001000)
inotify_init()
finit_module(r2, &(0x7f00000016c0)='syzkaller\x00', 0x1)

2.010997189s ago: executing program 3:
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x54f6, &(0x7f0000005800)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Bb1V18wS7Fl4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJlnKltfQGm2sdvPB6bfmSeT3/yeUFqeSUgAp9Zi9stPlbgSFyJiPiIuRxT7lXIrrKZ4LiKuRsTcI1ulHP9j4GxEXIyIK5PiqWalfOiz6+Nrt3984+evvz135tLnX303u1kDs/Z8RPS30v5uP2XeSfmgHG+Mu0X2b43LTA/0H5bHecrd9kZRYbdxcF6jyJuddH6+tTOc5Gav0Zxkp7tZjG8N0gWH485BneIJDxrbxXGrvVFkd5gX2dlPfe3tp79t+8NRqtMq631YlI/R6CDTeHuvneaz9bDI5mBUjqe6eau9N8lxmeXlopn3WkUfG0d5pf/f3uwOdvaycXt72M0H2e1a/YVa/U61vp232qP2rWqj37pzK1vq9CanVUftRn+1k+edXrvWzPvL2VKn2azW69nS3fZGtzHI6vXazdqN6u3lcu969ur9d7NeK1ua5Mvdwc6o2xtmm/l2lp6xnK3Ubr64nF2rZ2+vrWfrb927t7b+zvt337v/0trrr5Qn/aWtbGnlxspKtX6julJfPrnzn/yv/0/z/7hseorzhyOpzLoBgJPH+h+YhZO+/g/r/6mw/j/d84cjsf4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi1vl/44rViZzEdXyrHnyqHnimPKxExFxG//Y35OHuo5nxZZ+Efzl/4Uw/fVKKoMLnGuXK7GBGr5fbr04/7VQAAAIAn15cfXf00rdbTj8VZN8RxSjdt5i5/MKV6lYhYWPxhClWivNkUzx69q2Ty+30m9qZUrbiBdX5KxdIttzPTqvavzB+K849EJcXcsbYDAAAci8MrgeNdhQAAAHCcPpl1A8xG8U5r+Vn88gP851KUbwheOHQEAAAAnECVWTcAAAAAPHbF+t/3/wEAAMCTLX3/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDv7NxPTupQFAfg00Lf4/0xEuPcrTiDZbgEhw4NC3ATLAG34AZYA85cggFDW6I1mJj0to3k+5L2chvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpediNX+8v3pom7PdtZPmbgAAAIBjNsVqXr6YVvN/9fWz+tJFPc8iIo+IY737KH41Mkd1TvHF+4tPNTxFlAn7z/hdH38j4ro+Xs+7/hYAAADgdK0Xy1nVrVen6dAF0adq0Sb/f5MoL4uIYvqSKC3fny4ThZW/73HcJUorF7AmicKqJbdxqrRvGTWGyYchq4a813IAAIBeNDuBfrsQAAAA+nQ7dAEMI4vDVuZhL7j85/37huCfxgwAAAD4gbKhCwAAAAA6V/b/nv8HAAAAp616/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2hSr+XqxnLXN2e7aSXM3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAn+3zlRYQR0A3BCGQGGCh12tp6coAihj4E5Ci9FoCV360GWhVIWVhQ5m7IBgRQgKFrf9D51bqUrYONxSJiQFkn528HpE4iGJfks9Hen5fW5bf9zlRlK+f7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa5J3dOCs2vWmcVsfuPb61VvT3Z/rCna0Hy0Ur4qTJpA+Hl+OdpN9eIgAAABwfWV3fhxAe5tsrRZ/2yvo/r88pav7vnp3GdT0/W/fXfV37F+3XXx69uDNQbzpOcdHL6+PRmX+m0jm4WS625/71jE5558tnL1n5A0nf33xhkpf3M/nm7t13u2V4oolsAYD/43TdV0H9/1DRD9tMDIBjoxMV3nX9n/XazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgCd3N8HQdJyGE5c5uXLj/+NZa2c/s39l6sFy3C7dvb8XXLC6RhxAur49HZ5qayCFw/cbNT1bH49G15oNXQgjtjV4FH85xTghtZijYb5BWv+uLks/hCFr+wwQAwJGTV62o6x/m2yvFsWQphL++f7L+fz2KQ1z/z/Rx/f/oowv34rHi+n/Y2AwX32Dj6ueD6zduvrl+dfXK6Mro07fODt8enrt4/vzFQfmsZOCJCQAAAPvTrVpc/6dLIUxm1v9PRXGYs/7/4tvhV/FYmfp/T7uLfm1nAgAAcLw9/+ofvyd7HE+63fDl6sbGteF0u7N/drptIdX/7ETV4vo/W2o7KwAAAKAJk83kifX/S1Ec5lz/f+aHl36Kr5mFEE5W6/+n1z4bX2puOi35c66zmvg48YFPFQAAgIV2smrx+n9evv+f7rzykIYQ3nhtGldfAzhX/Z+99/WP8Vjx+//nmpviQkr70/tR9v0QOv22MwIAAOAoe6pqRbH/W7698vHPpz7oev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoGl/BwAA//+S5D5T")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x7a00, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x548, &(0x7f0000000b40)="$eJzs3U1oHGUYAOB3ZrPWttG0oKDSQ1GhQukm6Y9WT+lVLBR6ELzUZbMNIZtsyG5qE3JI70UsKCq91JsePCoePIgXj169KJ4F0aDQ9CCRye6mbf5ca5OtmeeB2f1+lrzfl5l3st8wQwLIraPZSxrxbERcSCIG7unri3bn0dbnlpcWKneWFipJrKxc/C2JJCJuLy1UOp9P2u8HI2IxIp6JiG+LEcfTjXEbc/MT5VqtOtOuDzYnpwcbc/MnxifLY9Wx6tSpV149c/b0meGTww9trtd/uvHu9e9fv3Xjs8+PLFY+KCcxEv3tvnvn8TC1fifFGFnXfnongvVQ0usB8EAK7TwvRsTTMRCFdtYDe9/KvogVIKcS+Q851fkekK1/O9tufv/49VxrAZLFXW5vrZ6+1rWJeHx1bXLgj+S+lUm23jy0mwNlT1q8FhFDfX0bj/+kffw9uKGHMUB21DfnWjtq4/5P184/scn5p79z7fQ/6pz/ljec/+7GL2xx/rvQZYy/3vr54y3jX4t4btP4yVr8ZJP4aUS83WX8m29+dXarvpVPIo7F5vE7ku2vDw9eHq9Vh1qvm8b4+tiR17ab/4Et4o9sM/+sbbrL+X/53RfPL24T/6UXtt//m8XfHxHvdRn/8O1P39iqL4s/usX8t4uftd3qMv7LI0d/7PKjAAAAAAAAAADAv5Cu3suWpKW1cpqWSq1neJ+KA2mt3mgev1yfnRpt3fN2KIpp506rgVY9yerD7ftxO/WT6+qnIuJwRLxf2L9aL1XqtdFeTx4AAAAAAAAAAAAAAAAAAAAeEQfXPf//Z6H1/D+QE/7lN+SX/If8uj//k56NA9h9/v5Dfsl/yC/5D/kl/yG/5D/kl/yH/JL/kF/yHwAAAAAAAAAAAAAAAAAAAAAAAAAAdsSF8+ezbeXO0kIlq49emZudqF85MVptTJQmZyulSn1mujRWr4/VqqVKffKffl6tXp8eiqnZq4PNaqM52JibvzRZn51qXhqfLI9VL1WLuzIrAAAAAAAAAAAAAAAAAAAA+H/pX92StBQR6Wo5TUuliCci4lAUk8vjtepQRDwZET8Uivuy+nCvBw0AAAAAAAAAAAAAAAAAAAB7TGNufqJcq1VnFDYWImLxERiGgkJPDn4AAAAAAAAAAAAAAAAAAGBX3X3ot9cjAQAAAAAAAAAAAAAAAAAAgDxLf0kiItuODbzYv773sWS5sPoeEe/cvPjh1XKzOTOctf++1t78qN1+shfjB7rVydNOHgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3NebmJ8q1WnVmBwu9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAg/g7AAD//4zf2Wg=")

1.180114965s ago: executing program 1:
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x20000042}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x120042}, 0x10)
close(r0)

410.957722ms ago: executing program 1:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$vga_arbiter(r0, &(0x7f0000000740)=ANY=[@ANYBLOB='trylock io'], 0xf)

256.486466ms ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

253.198481ms ago: executing program 3:
r0 = socket(0x1e, 0x1, 0x0)
sendmmsg$sock(r0, &(0x7f0000000180)=[{{&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}, {{&(0x7f0000000400)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0xfffffffc}}, 0x80, 0x0}}], 0x2, 0x40)

0s ago: executing program 1:
unshare(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c8000c00080002"], 0x11)

kernel console output (not intermixed with test programs):

t active
[  163.365458][ T2898] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.415532][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802f272c00: rx timeout, send abort
[  163.512861][ T2898] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.517541][ T7618] binder: 7617:7618 ioctl c018620c 20000080 returned -22
[  163.545909][ T7531] hsr_slave_0: entered promiscuous mode
[  163.560369][ T7531] hsr_slave_1: entered promiscuous mode
[  163.610545][ T7559] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.617768][ T7559] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.631645][ T7559] bridge_slave_0: entered allmulticast mode
[  163.649329][ T7559] bridge_slave_0: entered promiscuous mode
[  163.681993][ T2898] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.742986][ T7559] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.750479][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.757773][ T7559] bridge_slave_1: entered allmulticast mode
[  163.765336][ T7559] bridge_slave_1: entered promiscuous mode
[  163.863504][ T7559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.876860][ T7559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.888691][ T7627] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.890530][ T5111] Bluetooth: hci0: command tx timeout
[  163.926011][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802f272c00: abort rx timeout. Force session deactivation
[  164.011142][ T7559] team0: Port device team_slave_0 added
[  164.040454][ T5111] Bluetooth: hci1: command tx timeout
[  164.049613][ T7559] team0: Port device team_slave_1 added
[  164.152612][ T7631] syz_tun: entered promiscuous mode
[  164.167613][ T7631] macvlan2: entered allmulticast mode
[  164.175068][ T7631] syz_tun: entered allmulticast mode
[  164.190788][ T7631] syz_tun: left allmulticast mode
[  164.198302][ T7631] syz_tun: left promiscuous mode
[  165.126656][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.149087][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.178763][ T7559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.189768][ T5111] Bluetooth: hci2: command tx timeout
[  165.203943][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_1
[  165.211026][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.237214][ T7559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  165.289107][ T7644] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  165.357577][ T7642] loop2: detected capacity change from 0 to 4096
[  165.394369][ T2898] bridge_slave_1: left allmulticast mode
[  165.400334][ T2898] bridge_slave_1: left promiscuous mode
[  165.406146][ T2898] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.445121][ T7642] ntfs3: loop2: Failed to load $Extend (-22).
[  165.461037][ T2898] bridge_slave_0: left allmulticast mode
[  165.466800][ T2898] bridge_slave_0: left promiscuous mode
[  165.479855][ T7642] ntfs3: loop2: Failed to initialize $Extend.
[  165.486330][ T2898] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.080488][ T7660] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  166.134325][ T5111] Bluetooth: hci1: command tx timeout
[  166.229374][ T7664] loop2: detected capacity change from 0 to 512
[  166.276966][ T7664] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  166.298095][ T7664] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  166.308383][ T7664] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  166.337187][ T7664] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  166.345916][ T2898] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.348646][ T7664] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino
[  166.372780][ T2898] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.380660][ T7664] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  166.395549][ T7664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.409946][ T2898] bond0 (unregistering): Released all slaves
[  166.437278][ T7664] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  166.455631][ T7664] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  166.471236][ T7559] hsr_slave_0: entered promiscuous mode
[  166.478831][ T7559] hsr_slave_1: entered promiscuous mode
[  166.494080][ T7559] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  166.504817][ T7664] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  166.520712][ T7559] Cannot create hsr debugfs directory
[  166.544259][ T7664] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  166.556347][ T7664] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  166.577764][ T7664] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  166.595185][ T7664] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  166.607841][ T7664] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  166.618674][ T7664] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  166.643243][ T7664] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  166.660378][ T7664] EXT4-fs error (device loop2): ext4_find_dest_de:2111: inode #2: block 3: comm syz-executor.2: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  166.708912][ T7608] chnl_net:caif_netlink_parms(): no params data found
[  166.733404][ T5113] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.934979][ T2898] hsr_slave_0: left promiscuous mode
[  166.941452][ T2898] hsr_slave_1: left promiscuous mode
[  166.948524][ T2898] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.956428][ T2898] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.977910][ T2898] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.989290][ T2898] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.012416][ T2898] veth1_macvtap: left promiscuous mode
[  167.017973][ T2898] veth0_macvtap: left promiscuous mode
[  167.023704][ T2898] veth1_vlan: left promiscuous mode
[  167.028975][ T2898] veth0_vlan: left promiscuous mode
[  167.254828][ T5111] Bluetooth: hci2: command tx timeout
[  167.268955][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888066206400: rx timeout, send abort
[  167.547871][ T2898] team0 (unregistering): Port device team_slave_1 removed
[  167.589672][ T2898] team0 (unregistering): Port device team_slave_0 removed
[  167.777350][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888066206400: abort rx timeout. Force session deactivation
[  168.083485][ T7676] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  168.294026][ T7608] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.312657][ T7608] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.319916][ T7608] bridge_slave_0: entered allmulticast mode
[  168.341834][ T7608] bridge_slave_0: entered promiscuous mode
[  168.361762][ T7608] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.368992][ T7608] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.380416][ T7608] bridge_slave_1: entered allmulticast mode
[  168.400364][ T7608] bridge_slave_1: entered promiscuous mode
[  168.572646][ T7608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.623859][ T7608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.813523][ T7531] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  168.842717][ T7608] team0: Port device team_slave_0 added
[  168.855120][ T7679] loop2: detected capacity change from 0 to 32768
[  168.866705][ T7608] team0: Port device team_slave_1 added
[  168.874713][ T7531] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  168.951275][ T7531] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  168.995141][ T7608] batman_adv: batadv0: Adding interface: batadv_slave_0
[  169.003840][ T7608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.041204][ T7608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.056770][ T7608] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.064197][ T7608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.092395][ T7608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.113527][ T7531] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  169.239242][ T7608] hsr_slave_0: entered promiscuous mode
[  169.246353][ T7608] hsr_slave_1: entered promiscuous mode
[  169.253013][ T7608] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.262029][ T7608] Cannot create hsr debugfs directory
[  169.321509][ T5111] Bluetooth: hci2: command tx timeout
[  169.527328][ T7559] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  169.601097][   T29] audit: type=1800 audit(1851702108.416:88): pid=7700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1935 res=0 errno=0
[  169.650527][ T7608] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.702538][ T7531] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.797916][ T7608] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.839463][ T7559] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  169.875092][ T7702] loop2: detected capacity change from 0 to 512
[  169.876052][ T7559] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  169.906184][ T7702] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  169.947115][ T7702] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  169.968127][ T7702] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  169.983721][ T7702] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  169.991735][ T7608] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.010881][ T7702] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino
[  170.012708][ T7559] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  170.038217][ T7702] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  170.097641][ T7702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.112663][ T7608] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.179467][ T7702] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  170.184909][ T7531] 8021q: adding VLAN 0 to HW filter on device team0
[  170.191300][ T7702] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  170.214282][ T7702] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  170.237694][ T7705] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  170.251085][ T7705] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  170.265928][ T7705] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  170.274538][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.286318][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.337768][ T7702] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  170.351092][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.358248][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.400383][ T7702] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  170.420411][ T7702] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  170.485512][ T7705] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  170.525929][ T7705] EXT4-fs error (device loop2): ext4_find_dest_de:2111: inode #2: block 3: comm syz-executor.2: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  170.580289][ T7707] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  170.619476][ T7559] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.664201][ T7608] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  170.696222][ T5113] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.709132][ T7608] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  170.734210][ T7608] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  170.760489][ T7559] 8021q: adding VLAN 0 to HW filter on device team0
[  170.779380][ T7608] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  170.788326][ T7711] loop3: detected capacity change from 0 to 2048
[  170.812124][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.819255][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.827927][ T7711] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  170.847217][ T7711] UDF-fs: Scanning with blocksize 512 failed
[  170.886228][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.893439][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.896482][ T7711] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.034827][ T7531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.097582][ T7717] loop2: detected capacity change from 0 to 4096
[  171.099181][ T7559] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  171.118141][ T7717] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  171.154905][ T7717] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  171.266534][ T7608] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.323173][ T7608] 8021q: adding VLAN 0 to HW filter on device team0
[  171.334484][ T7531] veth0_vlan: entered promiscuous mode
[  171.363046][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.370234][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.388206][ T7531] veth1_vlan: entered promiscuous mode
[  171.402870][ T5111] Bluetooth: hci2: command tx timeout
[  171.408664][ T5155] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.415828][ T5155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.560341][ T7531] veth0_macvtap: entered promiscuous mode
[  171.629354][ T7531] veth1_macvtap: entered promiscuous mode
[  171.659013][ T7559] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.723206][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.744997][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.757727][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.778799][ T7738] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  171.790153][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.811281][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.826803][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.839029][ T7531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.925631][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.948893][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.971346][ T7747] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  171.987366][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.998828][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.022073][ T7531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.033638][ T7531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.047019][ T7531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.094404][ T7531] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.105396][ T7531] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.114609][ T7531] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  172.125703][ T7531] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.169143][ T7559] veth0_vlan: entered promiscuous mode
[  172.195390][ T7608] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.265359][ T7559] veth1_vlan: entered promiscuous mode
[  172.424128][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.427802][ T7559] veth0_macvtap: entered promiscuous mode
[  172.457075][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.479924][ T7559] veth1_macvtap: entered promiscuous mode
[  172.573902][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.583631][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.595599][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.605879][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.617904][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.640223][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.657416][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.678565][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.693866][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.716872][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.729156][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.788145][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.810985][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.838382][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.871706][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.888350][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.900293][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.919567][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.945657][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.987341][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.021616][ T7559] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.031918][ T7559] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.042712][ T7559] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.051551][ T7559] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.160718][ T7755] loop3: detected capacity change from 0 to 32768
[  174.202387][ T7608] veth0_vlan: entered promiscuous mode
[  174.237730][ T7608] veth1_vlan: entered promiscuous mode
[  174.339409][ T2898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.354262][ T2898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.442612][ T7782] loop1: detected capacity change from 0 to 64
[  174.452434][ T7608] veth0_macvtap: entered promiscuous mode
[  174.473736][ T7608] veth1_macvtap: entered promiscuous mode
[  174.487584][ T2898] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.515982][ T2898] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.590863][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.618529][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.657482][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.671678][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.681718][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.693913][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.714481][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.726216][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.750786][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.768153][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.781597][ T7608] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.806811][ T7790] loop3: detected capacity change from 0 to 256
[  174.821615][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.828979][ T7790] FAT-fs (loop3): Unrecognized mount option "shor	" or missing value
[  174.844267][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.857240][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.870839][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.880854][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.891627][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.902756][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.924184][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.942509][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.961443][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.976237][ T7608] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.016654][ T7608] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.030496][ T7790] CUSE: unknown device info "e"
[  175.044554][ T7790] CUSE: unknown device info "./file0"
[  175.050748][ T7608] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.072070][ T7790] CUSE: DEVNAME unspecified
[  175.076272][ T7608] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.112852][ T7608] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.317006][ T2898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.353459][ T2898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.373896][ T7780] loop2: detected capacity change from 0 to 32768
[  175.395710][ T7780] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (7780)
[  175.426383][ T7780] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  175.442451][ T7780] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  175.462382][ T7780] BTRFS info (device loop2): using free-space-tree
[  175.475856][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.499636][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.518640][ T7811] pim6reg1: entered promiscuous mode
[  175.531772][ T7811] pim6reg1: entered allmulticast mode
[  175.621452][ T7780] BTRFS info (device loop2): checking UUID tree
[  175.841115][ T7838] loop1: detected capacity change from 0 to 2048
[  175.899975][ T5113] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  176.150533][ T7848] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  176.177960][ T7850] netlink: 'syz-executor.4': attribute type 30 has an invalid length.
[  176.387164][ T7860] loop2: detected capacity change from 0 to 256
[  176.451366][ T7860] FAT-fs (loop2): Unrecognized mount option "shor	" or missing value
[  176.459308][ T7865] loop1: detected capacity change from 0 to 512
[  176.496174][ T7869] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  176.537020][ T7860] CUSE: unknown device info "e"
[  176.546887][ T7860] CUSE: unknown device info "./file0"
[  176.568894][ T7860] CUSE: DEVNAME unspecified
[  176.761653][ T7873] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  176.769875][ T7873] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  176.771436][ T7883] loop2: detected capacity change from 0 to 512
[  176.827504][ T7883] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.2: corrupted in-inode xattr: e_value size too large
[  176.914010][ T7883] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  176.928440][ T7883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.072909][ T5113] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.284829][ T7904] tunl0: entered promiscuous mode
[  177.316267][ T7904] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  177.375588][ T7904] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.4'.
[  177.410444][ T7916] trusted_key: syz-executor.0 sent an empty control message without MSG_MORE.
[  177.535085][ T7923] netlink: 'syz-executor.1': attribute type 30 has an invalid length.
[  178.877422][ T7945] loop4: detected capacity change from 0 to 512
[  178.933647][ T7945] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  179.009935][ T7945] EXT4-fs (loop4): 1 truncate cleaned up
[  179.025307][ T7945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.188447][ T7955] tunl0: entered promiscuous mode
[  179.223108][ T7955] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  179.255041][ T7955] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[  179.264373][ T7945] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: overlapping e_value 
[  179.297539][ T7945] EXT4-fs (loop4): Remounting filesystem read-only
[  179.317971][ T7945] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1766: inode #15: comm syz-executor.4: unable to update i_inline_off
[  179.398264][ T7945] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  179.503727][ T7608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.540915][ T7937] loop1: detected capacity change from 0 to 40427
[  179.586654][ T7920] loop2: detected capacity change from 0 to 32768
[  179.666780][ T7920] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  179.815360][ T7920] XFS (loop2): Ending clean mount
[  180.000808][ T5113] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  180.412184][ T7988] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'.
[  180.429685][ T7988] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'.
[  180.747545][ T7995] loop2: detected capacity change from 0 to 4096
[  180.892709][ T7995] ntfs3: loop2: failed to convert "0000" to iso8859-15
[  181.448477][ T8019] loop3: detected capacity change from 0 to 512
[  181.537006][ T8019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  181.761849][ T5116] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.787170][ T8026] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.843309][ T8026] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  181.950105][    C0] sched: RT throttling activated
[  182.997051][ T8057] x_tables: unsorted underflow at hook 2
[  183.252222][ T8061] loop0: detected capacity change from 0 to 1024
[  183.262143][ T8063] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  183.276079][ T8061] EXT4-fs: Ignoring removed nomblk_io_submit option
[  183.284210][ T8063] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  183.326715][ T8061] EXT4-fs (loop0): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.425114][ T8070] loop2: detected capacity change from 0 to 512
[  183.449271][ T7559] EXT4-fs (loop0): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  183.458972][ T8072] binder: 8071:8072 ioctl c0306201 20000480 returned -22
[  183.473729][ T8070] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  183.650373][ T8078] IPVS: Error connecting to the multicast addr
[  184.808106][ T8057] loop3: detected capacity change from 0 to 40427
[  184.838186][ T8057] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  184.845401][ T8092] loop2: detected capacity change from 0 to 256
[  184.860507][ T8057] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  184.911151][ T8057] F2FS-fs (loop3): Found nat_bits in checkpoint
[  184.950450][ T8092] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  185.027593][ T8096] loop1: detected capacity change from 0 to 4096
[  185.076263][ T8106] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  185.100131][ T8106] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  185.126113][ T8057] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  185.133450][ T8057] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  185.249588][ T8057] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  185.292786][ T8057] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  185.319477][ T8111] binder: 8110:8111 ioctl c0306201 20000480 returned -22
[  185.449886][ T8118] loop1: detected capacity change from 0 to 512
[  186.826379][   T53] Bluetooth: hci4: command 0x0406 tx timeout
[  186.835618][ T5118] Bluetooth: hci3: command 0x0406 tx timeout
[  186.921042][ T8128] trusted_key: encrypted_key: insufficient parameters specified
[  187.371537][ T8116] loop4: detected capacity change from 0 to 40427
[  187.403555][ T8116] F2FS-fs (loop4): invalid crc value
[  187.436693][ T8116] F2FS-fs (loop4): Found nat_bits in checkpoint
[  187.437985][ T8147] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  187.484629][ T8146] binder: 8143:8146 ioctl c0306201 20000480 returned -22
[  187.586536][ T8116] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  187.712782][   T29] audit: type=1800 audit(1851702126.536:89): pid=8116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=10 res=0 errno=0
[  187.825409][ T7608] syz-executor.4: attempt to access beyond end of device
[  187.825409][ T7608] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  187.886396][ T7608] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  187.904860][ T7608] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  188.217502][ T8170] loop2: detected capacity change from 0 to 256
[  188.241232][ T8170] exfat: Deprecated parameter 'namecase'
[  188.246955][ T8170] exfat: Deprecated parameter 'namecase'
[  188.268763][ T8170] exfat: Deprecated parameter 'namecase'
[  188.307270][ T8170] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[  188.365040][ T8175] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  188.797440][ T8188] fscrypt (sda1, inode 1965): Unsupported encryption flags (0x10)
[  189.117566][ T8200] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  189.391251][ T8212] loop2: detected capacity change from 0 to 8
[  189.413848][ T8212] SQUASHFS error: lzo decompression failed, data probably corrupt
[  189.430701][ T8212] SQUASHFS error: Failed to read block 0x91: -5
[  189.451222][ T8206] loop3: detected capacity change from 0 to 2048
[  189.459601][ T8212] SQUASHFS error: Unable to read metadata cache entry [8f]
[  189.493587][ T8212] SQUASHFS error: Unable to read inode 0x11f
[  189.534441][ T8206] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[  189.585401][ T8221] fscrypt (sda1, inode 1967): Unsupported encryption flags (0x10)
[  189.944652][ T8225] loop4: detected capacity change from 0 to 4096
[  189.962022][ T8225] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  190.198036][ T8225] ntfs3: loop4: ino=1d, "file1" attr_set_size
[  190.263721][ T8238] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  190.400719][ T8235] loop1: detected capacity change from 0 to 4096
[  190.407585][ T8235] ntfs3: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  190.427711][ T8240] loop2: detected capacity change from 0 to 512
[  190.445650][ T8240] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.467637][ T8240] EXT4-fs (loop2): Test dummy encryption mode enabled
[  190.502935][ T8240] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0102]
[  190.524879][ T8240] System zones: 1-12
[  190.537885][ T8240] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  190.563247][ T8240] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  190.603297][ T8240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.778281][ T5113] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.877954][ T8254] loop1: detected capacity change from 0 to 256
[  190.964133][ T8257] loop2: detected capacity change from 0 to 8
[  190.978272][ T8257] SQUASHFS error: lzo decompression failed, data probably corrupt
[  190.986348][ T8257] SQUASHFS error: Failed to read block 0x91: -5
[  190.992770][ T8257] SQUASHFS error: Unable to read metadata cache entry [8f]
[  191.000374][ T8257] SQUASHFS error: Unable to read inode 0x11f
[  191.014869][ T8258] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  191.501791][ T8258] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.510943][ T8258] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.721260][ T5107] Bluetooth: hci4: unexpected event for opcode 0x080f
[  191.730808][ T5107] Bluetooth: hci4: unexpected event for opcode 0x2016
[  191.960498][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88806624a800: rx timeout, send abort
[  192.043474][ T8258] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.078252][   T29] audit: type=1326 audit(1851702130.896:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8eef87cf69 code=0x0
[  192.100475][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.112200][ T8258] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.190941][ T8288] loop2: detected capacity change from 0 to 512
[  192.211519][ T8288] EXT4-fs: Ignoring removed mblk_io_submit option
[  192.228766][ T8288] EXT4-fs (loop2): Test dummy encryption mode enabled
[  192.239811][ T8288] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0102]
[  192.259484][ T8288] System zones: 1-12
[  192.296467][ T8288] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  192.332059][ T8288] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  192.411167][ T8288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.446021][ T8258] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.460361][ T8258] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.468875][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88806624a800: abort rx timeout. Force session deactivation
[  192.479073][ T8258] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.509147][ T8258] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.562020][ T5113] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.840607][ T8305] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  193.178837][ T8311] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  193.188819][ T8311] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.2'.
[  193.358243][ T8330] loop0: detected capacity change from 0 to 256
[  193.369046][ T8330] FAT-fs (loop0): Unrecognized mount option "À" or missing value
[  193.552882][ T8336] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  193.800424][ T5107] Bluetooth: hci4: command 0x0406 tx timeout
[  193.825306][ T8344] loop1: detected capacity change from 0 to 4096
[  193.841102][ T8344] ntfs3: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  193.939960][ T8336] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.948924][ T8336] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.079354][ T8355] loop2: detected capacity change from 0 to 256
[  194.104897][ T8355] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  194.381769][    C1] vxcan0: j1939_tp_rxtimer: 0xffff8880435dc400: rx timeout, send abort
[  194.554278][ T8336] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.603844][ T8336] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.686334][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  194.693025][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  194.890196][    C1] vxcan0: j1939_tp_rxtimer: 0xffff8880435dc400: abort rx timeout. Force session deactivation
[  194.972431][ T8336] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.003591][ T8336] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.011615][ T8356] loop1: detected capacity change from 0 to 32768
[  195.019923][ T8336] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.030312][ T8336] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.262928][ T8379] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  195.280417][ T8379] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  195.306107][ T8381] macvtap0: entered promiscuous mode
[  195.327935][ T8381] macvtap0: left promiscuous mode
[  195.773286][ T8393] loop4: detected capacity change from 0 to 4096
[  195.781267][ T8393] ntfs3: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  195.803768][ T5107] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  195.813503][ T5107] Bluetooth: hci4: Injecting HCI hardware error event
[  195.823627][ T5111] Bluetooth: hci4: hardware error 0x00
[  195.874626][ T8395] loop1: detected capacity change from 0 to 4096
[  196.023307][ T8408] loop3: detected capacity change from 0 to 256
[  196.076085][ T8408] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  196.103063][ T8412] macvtap0: entered promiscuous mode
[  196.115206][ T8412] macvtap0: left promiscuous mode
[  196.155686][ T8418] loop1: detected capacity change from 0 to 1024
[  196.446489][ T8428] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  196.727703][ T8439] loop3: detected capacity change from 0 to 512
[  196.779012][ T8439] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 256 (level 2)
[  196.836698][ T8439] EXT4-fs (loop3): Remounting filesystem read-only
[  196.862989][ T8439] EXT4-fs (loop3): 2 truncates cleaned up
[  196.893609][ T8439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.965176][ T8448] loop4: detected capacity change from 0 to 1024
[  197.032679][ T8448] hfsplus: bad catalog entry type
[  197.049873][ T5116] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.107341][  T950] hfsplus: b-tree write err: -5, ino 4
[  197.238208][ T8453] loop1: detected capacity change from 0 to 1024
[  197.302085][ T8449] loop2: detected capacity change from 0 to 2048
[  197.331647][ T8457] loop3: detected capacity change from 0 to 256
[  197.436797][ T8449]  loop2: p1 p2 < > p3 p4 < p5 >
[  197.860930][ T8449] loop2: partition table partially beyond EOD, truncated
[  197.880413][ T5111] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  197.932852][ T8457] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  198.204928][ T8449] loop2: p1 start 2305 is beyond EOD, truncated
[  198.270494][ T8449] loop2: p2 start 4294902784 is beyond EOD, truncated
[  198.343040][ T8449] loop2: p3 start 4278191616 is beyond EOD, truncated
[  198.383296][ T8449] loop2: p5 start 2305 is beyond EOD, truncated
[  198.411489][ T8468] loop1: detected capacity change from 0 to 2048
[  198.455379][   T29] audit: type=1326 audit(1851702137.276:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.519776][   T29] audit: type=1326 audit(1851702137.276:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.565336][   T29] audit: type=1326 audit(1851702137.306:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.657303][   T29] audit: type=1326 audit(1851702137.306:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.702672][ T8485] loop1: detected capacity change from 0 to 256
[  198.711240][   T29] audit: type=1326 audit(1851702137.316:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.746960][   T29] audit: type=1326 audit(1851702137.316:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.784675][ T8488] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  198.784776][   T29] audit: type=1326 audit(1851702137.316:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e567cf69 code=0x7ffc0000
[  198.794437][   T29] audit: type=1326 audit(1851702137.316:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01e567a6e7 code=0x7ffc0000
[  198.816831][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.897214][   T29] audit: type=1326 audit(1851702137.316:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f01e56403c9 code=0x7ffc0000
[  198.919857][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.942107][ T1805] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  199.081506][   T29] audit: type=1326 audit(1851702137.316:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f01e567a6e7 code=0x7ffc0000
[  199.492397][ T1805] usb 1-1: Using ep0 maxpacket: 16
[  199.569114][ T1805] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  199.733657][ T1805] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 0
[  199.980963][ T1805] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  199.997536][ T1805] usb 1-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=8f.af
[  200.008683][ T1805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.019487][ T1805] usb 1-1: Product: syz
[  200.024010][ T1805] usb 1-1: Manufacturer: syz
[  200.028792][ T1805] usb 1-1: SerialNumber: syz
[  200.036629][ T1805] usb 1-1: config 0 descriptor??
[  200.044315][ T1805] iuu_phoenix 1-1:0.0: required endpoints missing
[  200.182480][ T8508] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  200.334824][ T8513] loop1: detected capacity change from 0 to 512
[  200.393801][ T8481] loop0: detected capacity change from 0 to 1024
[  200.402649][ T8516] delete_channel: no stack
[  200.414865][ T8481] EXT4-fs: Ignoring removed orlov option
[  200.430378][ T8514] delete_channel: no stack
[  200.440917][ T8481] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.493768][ T8481] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  200.578715][ T8481] System zones: 0-1, 3-36
[  200.646952][ T8481] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.712257][ T8526] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  200.748738][ T8522] loop2: detected capacity change from 0 to 64
[  200.765743][ T8481] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 0
[  200.909343][ T5161] usb 1-1: USB disconnect, device number 4
[  201.595512][ T8521] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 418: padding at end of block bitmap is not set
[  201.704393][ T8532] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  201.736868][ T7559] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.150449][ T8555] loop2: detected capacity change from 0 to 1024
[  202.177961][ T8557] loop4: detected capacity change from 0 to 64
[  202.200753][ T8555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.220604][ T8555] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.262104][ T8376] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  202.450145][ T8376] usb 2-1: Using ep0 maxpacket: 32
[  202.457728][ T8376] usb 2-1: New USB device found, idVendor=13b1, idProduct=0026, bcdDevice=16.0c
[  202.488283][ T8376] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.525376][ T8376] usb 2-1: config 0 descriptor??
[  202.585448][ T8376] usb 2-1: bad CDC descriptors
[  202.732399][ T8552] loop0: detected capacity change from 0 to 32768
[  202.828997][   T45] usb 2-1: USB disconnect, device number 3
[  202.863222][ T8552] read_mapping_page failed!
[  202.868108][ T8552] ERROR: (device loop0): txCommit: 
[  202.868108][ T8552] 
[  202.909172][ T8579] jfs: Unrecognized mount option "ÿÿÿ01777777777777777777777ñ¼ÊíX�c¥vÌ:ýQºòœÞ" or missing value
[  203.412450][  T950] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.474012][ T8582] loop1: detected capacity change from 0 to 256
[  203.603820][  T950] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.813599][  T950] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.816243][ T8574] loop2: detected capacity change from 0 to 32768
[  203.904217][ T8574] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+"
[  203.925493][ T8574] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)...
[  203.962753][  T950] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.964873][ T8574] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 1ms
[  204.016948][ T5161] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use
[  204.023969][ T5161] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal...
[  204.067798][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  204.087036][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  204.095664][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  204.109009][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  204.120448][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  204.128006][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  204.168300][ T5161] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 144ms
[  204.230276][ T5161] gfs2: fsid=(œ[{{{+.0: jid=0: Done
[  204.240082][ T8574] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount
[  204.283308][  T950] bridge_slave_1: left allmulticast mode
[  204.288976][  T950] bridge_slave_1: left promiscuous mode
[  204.296476][  T950] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.328757][  T950] bridge_slave_0: left allmulticast mode
[  204.334571][  T950] bridge_slave_0: left promiscuous mode
[  204.343806][  T950] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.923514][ T5107] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  204.933784][ T5107] Bluetooth: hci1: Injecting HCI hardware error event
[  204.947333][ T5118] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  204.957600][   T53] Bluetooth: hci1: hardware error 0x00
[  204.976778][ T5118] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  204.990203][ T5118] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  205.005086][ T5118] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  205.013503][ T5118] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  205.030426][ T5118] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  205.079276][ T8611] Process accounting resumed
[  205.279929][ T8603] loop3: detected capacity change from 0 to 32768
[  205.287917][ T8603] XFS: attr2 mount option is deprecated.
[  205.303863][ T8603] XFS: ikeep mount option is deprecated.
[  205.309618][ T8603] XFS: noikeep mount option is deprecated.
[  205.385970][ T8603] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  205.434968][  T950] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.449067][  T950] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.463796][  T950] bond0 (unregistering): Released all slaves
[  205.478786][ T8603] XFS (loop3): Ending clean mount
[  205.501847][ T8603] XFS (loop3): Quotacheck needed: Please wait.
[  205.515745][ T8613] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  205.671795][ T8603] XFS (loop3): Quotacheck: Done.
[  205.717690][  T950] mac80211_hwsim hwsim19 wlan1 (unregistering): left allmulticast mode
[  205.780484][ T5116] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  206.029314][ T8592] chnl_net:caif_netlink_parms(): no params data found
[  206.161360][  T950] hsr_slave_0: left promiscuous mode
[  206.179891][  T950] hsr_slave_1: left promiscuous mode
[  206.205414][ T5111] Bluetooth: hci2: command tx timeout
[  206.240536][  T950] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  206.248026][  T950] batman_adv: batadv0: Removing interface: batadv_slave_0
[  206.264355][  T950] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.276271][  T950] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.337320][  T950] veth1_macvtap: left promiscuous mode
[  206.353656][ T8634] loop3: detected capacity change from 0 to 128
[  206.370655][  T950] veth0_macvtap: left promiscuous mode
[  206.376354][  T950] veth1_vlan: left promiscuous mode
[  206.390595][  T950] veth0_vlan: left promiscuous mode
[  206.395925][ T8634] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  206.580741][ T8638] loop2: detected capacity change from 0 to 256
[  206.604828][ T8638] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  207.080364][ T5111] Bluetooth: hci0: command tx timeout
[  207.087374][   T53] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  207.198711][  T950] team0 (unregistering): Port device team_slave_1 removed
[  207.248925][  T950] team0 (unregistering): Port device team_slave_0 removed
[  207.408758][ T8640] loop2: detected capacity change from 0 to 32768
[  207.441592][ T8640] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+"
[  207.449784][ T8640] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)...
[  207.464323][ T8640] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 0ms
[  207.474719][ T8376] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use
[  207.482375][ T8376] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal...
[  207.557914][ T8376] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 75ms
[  207.565860][ T8376] gfs2: fsid=(œ[{{{+.0: jid=0: Done
[  207.571296][ T8640] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount
[  208.221579][ T8592] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.240164][ T8592] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.248199][ T8592] bridge_slave_0: entered allmulticast mode
[  208.255645][ T8592] bridge_slave_0: entered promiscuous mode
[  208.342827][ T8655] RDS: rds_bind could not find a transport for ff::, load rds_tcp or rds_rdma?
[  208.372378][   T53] Bluetooth: hci2: command tx timeout
[  208.693309][ T8592] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.800866][ T8592] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.861038][ T8592] bridge_slave_1: entered allmulticast mode
[  208.867824][ T8592] bridge_slave_1: entered promiscuous mode
[  208.888467][ T8654] loop2: detected capacity change from 0 to 4096
[  208.918501][ T8654] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  209.025455][ T8654] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  209.065524][ T8592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.088866][ T8592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.111564][ T8608] chnl_net:caif_netlink_parms(): no params data found
[  209.162939][   T53] Bluetooth: hci0: command tx timeout
[  209.236801][ T8654] ntfs3: loop2: ino=21, "pids.current" mmap(write) compressed not supported
[  209.242955][ T8592] team0: Port device team_slave_0 added
[  209.287137][ T2898] ntfs3: loop2: ino=5, ntfs3_write_inode failed, -22.
[  209.334837][ T8592] team0: Port device team_slave_1 added
[  209.467105][ T8592] batman_adv: batadv0: Adding interface: batadv_slave_0
[  209.475248][ T8592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.502637][ T8592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.533116][ T8608] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.541004][ T8608] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.548564][ T8608] bridge_slave_0: entered allmulticast mode
[  209.556697][ T8608] bridge_slave_0: entered promiscuous mode
[  209.590774][ T8376] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  209.629836][ T8592] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.641528][ T8592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  209.700877][ T8592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.719704][ T8608] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.738305][ T8608] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.748175][ T8608] bridge_slave_1: entered allmulticast mode
[  209.774044][ T8608] bridge_slave_1: entered promiscuous mode
[  209.811240][ T8376] usb 4-1: Using ep0 maxpacket: 16
[  209.818298][ T8376] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  209.838487][ T8376] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 0
[  209.871015][ T8376] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  209.900375][ T8376] usb 4-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=8f.af
[  209.909430][ T8376] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.918586][ T8376] usb 4-1: Product: syz
[  209.924261][ T8376] usb 4-1: Manufacturer: syz
[  209.936342][ T8376] usb 4-1: SerialNumber: syz
[  209.949017][ T8376] usb 4-1: config 0 descriptor??
[  209.957853][ T8608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.970599][ T8376] iuu_phoenix 4-1:0.0: required endpoints missing
[  209.983786][ T8608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.007647][ T8592] hsr_slave_0: entered promiscuous mode
[  210.030499][ T8592] hsr_slave_1: entered promiscuous mode
[  210.050412][ T8592] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.058045][ T8592] Cannot create hsr debugfs directory
[  210.139795][ T8608] team0: Port device team_slave_0 added
[  210.151177][ T8608] team0: Port device team_slave_1 added
[  210.250207][ T8664] loop3: detected capacity change from 0 to 1024
[  210.262080][ T8664] EXT4-fs: Ignoring removed orlov option
[  210.267757][ T8664] EXT4-fs: Ignoring removed nomblk_io_submit option
[  210.330964][ T8608] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.337935][ T8608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.341198][ T8674] loop2: detected capacity change from 0 to 256
[  210.377535][ T8664] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  210.377575][ T8608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.386207][ T8664] System zones: 0-1, 3-36
[  210.409693][ T8664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.424350][ T8674] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  210.440629][   T53] Bluetooth: hci2: command tx timeout
[  210.459574][ T8608] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.476008][ T8608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.510625][ T8664] __quota_error: 45 callbacks suppressed
[  210.510647][ T8664] Quota error (device loop3): do_check_range: Getting block 234881027 out of range 1-5
[  210.532079][ T8664] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  210.541618][ T8608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.555720][ T8664] EXT4-fs error (device loop3): ext4_acquire_dquot:6860: comm syz-executor.3: Failed to acquire dquot type 0
[  210.583742][ T5158] usb 4-1: USB disconnect, device number 5
[  210.778506][  T950] bridge_slave_1: left allmulticast mode
[  210.784674][  T950] bridge_slave_1: left promiscuous mode
[  210.790546][  T950] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.810318][  T950] bridge_slave_0: left allmulticast mode
[  210.819456][ T8675] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 418: padding at end of block bitmap is not set
[  210.835974][  T950] bridge_slave_0: left promiscuous mode
[  212.247443][   T53] Bluetooth: hci0: command tx timeout
[  212.265303][  T950] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.530154][   T53] Bluetooth: hci2: command tx timeout
[  212.540248][ T5116] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.962941][  T950] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.973905][  T950] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.984104][  T950] bond0 (unregistering): Released all slaves
[  213.121192][ T8701] loop3: detected capacity change from 0 to 256
[  213.176437][ T8608] hsr_slave_0: entered promiscuous mode
[  213.186015][ T8701] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  213.216032][ T8608] hsr_slave_1: entered promiscuous mode
[  213.223887][ T8608] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.232751][ T8608] Cannot create hsr debugfs directory
[  213.639751][  T950] hsr_slave_0: left promiscuous mode
[  213.666922][  T950] hsr_slave_1: left promiscuous mode
[  213.683443][  T950] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.699220][  T950] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.069391][ T8703] loop3: detected capacity change from 0 to 32768
[  214.092754][ T8703] XFS: attr2 mount option is deprecated.
[  214.098441][ T8703] XFS: ikeep mount option is deprecated.
[  214.129000][ T8703] XFS: noikeep mount option is deprecated.
[  214.186266][ T8703] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  214.266010][ T8703] XFS (loop3): Ending clean mount
[  214.280516][   T53] Bluetooth: hci0: command tx timeout
[  214.301958][ T8703] XFS (loop3): Quotacheck needed: Please wait.
[  214.357516][ T8703] XFS (loop3): Quotacheck: Done.
[  214.443877][  T950] team0 (unregistering): Port device team_slave_1 removed
[  214.455018][ T5116] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  214.550447][  T950] team0 (unregistering): Port device team_slave_0 removed
[  214.676507][ T8727] loop2: detected capacity change from 0 to 256
[  214.689074][ T8727] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  215.272962][ T5158] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  215.273658][ T8742] Illegal XDP return value 4294967274 on prog  (id 216) dev N/A, expect packet loss!
[  215.460143][ T5158] usb 4-1: Using ep0 maxpacket: 8
[  215.469970][ T5158] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  215.473251][ T8744] loop2: detected capacity change from 0 to 4096
[  215.495857][ T5158] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  215.499062][ T8744] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  215.530119][ T5158] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.553429][ T8744] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  215.558687][ T5158] usb 4-1: config 0 descriptor??
[  215.599287][ T5158] gspca_main: vc032x-2.14.0 probing 046d:0892
[  215.700712][ T8744] loop2: detected capacity change from 4096 to 0
[  215.739674][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.739674][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.753993][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.760990][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.760990][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.782569][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.789519][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.789519][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.828991][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.836069][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.836069][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.856574][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.872880][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.872880][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.909002][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.920288][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.920288][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.934765][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.942797][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.942797][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.957187][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.967781][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.967781][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  215.981247][ T8744] ntfs3: loop2: failed to read volume at offset 0x3000
[  215.988159][ T8744] syz-executor.2: attempt to access beyond end of device
[  215.988159][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  216.001725][ T8744] syz-executor.2: attempt to access beyond end of device
[  216.001725][ T8744] loop2: rw=0, sector=24, nr_sectors = 4 limit=0
[  216.019618][ T5158] gspca_vc032x: reg_w err -71
[  216.028955][ T5158] vc032x 4-1:0.0: probe with driver vc032x failed with error -71
[  216.070390][ T5158] usb 4-1: USB disconnect, device number 6
[  216.111820][ T5113] Buffer I/O error on dev loop2, logical block 511, lost sync page write
[  216.195164][ T8608] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  216.209969][ T8608] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  216.219328][ T8608] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  216.233521][ T8608] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  216.293244][ T8592] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  216.307404][ T8592] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  216.318636][ T8592] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  216.328111][ T8592] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  216.428862][ T8608] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.452298][ T8608] 8021q: adding VLAN 0 to HW filter on device team0
[  216.536116][   T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.574063][ T8376] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.581269][ T8376] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.652627][ T5158] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.659780][ T5158] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.752154][   T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.902587][   T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.946020][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  216.958059][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  216.972578][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  216.980851][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  216.991568][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  216.998924][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  217.026542][ T8592] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.085066][   T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.175321][ T8592] 8021q: adding VLAN 0 to HW filter on device team0
[  217.242060][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.249204][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.271515][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.278618][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.390566][   T29] audit: type=1800 audit(1851702156.206:144): pid=8761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1944 res=0 errno=0
[  217.410897][ T8608] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.472791][   T61] bridge_slave_0: left allmulticast mode
[  217.478454][   T61] bridge_slave_0: left promiscuous mode
[  217.490452][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.885494][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  217.897884][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  217.908178][   T61] bond0 (unregistering): Released all slaves
[  218.045537][ T8592] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  218.062099][ T8768] loop3: detected capacity change from 0 to 2048
[  218.079494][ T8768] hpfs: filesystem error: invalid number of hotfixes: 0, used: 1; already mounted read-only
[  218.092986][ T8768] hpfs: filesystem error: improperly stopped
[  218.099125][ T8768] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  218.107177][ T8768] hpfs: filesystem error: sector(s) 'dir_band' badly placed at 7b318cc2
[  218.189559][ T8608] veth0_vlan: entered promiscuous mode
[  218.269877][ T8608] veth1_vlan: entered promiscuous mode
[  218.437604][ T8752] chnl_net:caif_netlink_parms(): no params data found
[  218.506864][   T61] hsr_slave_0: left promiscuous mode
[  218.514529][   T61] hsr_slave_1: left promiscuous mode
[  218.521866][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.529349][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.552105][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.559541][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.622092][   T61] veth1_macvtap: left promiscuous mode
[  218.627671][   T61] veth0_macvtap: left promiscuous mode
[  218.633888][   T61] veth1_vlan: left promiscuous mode
[  218.639228][   T61] veth0_vlan: left promiscuous mode
[  218.841732][ T8775] loop3: detected capacity change from 0 to 32768
[  219.083582][ T5111] Bluetooth: hci3: command tx timeout
[  219.403255][   T61] team0 (unregistering): Port device team_slave_1 removed
[  219.464671][   T61] team0 (unregistering): Port device team_slave_0 removed
[  220.017933][ T8780] loop3: detected capacity change from 0 to 32768
[  220.029222][ T8780] btrfs: Deprecated parameter 'usebackuproot'
[  220.035399][ T8780] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  220.065390][ T8780] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (8780)
[  220.092222][ T8780] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.115121][ T8780] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  220.231238][ T8780] BTRFS info (device loop3): rebuilding free space tree
[  220.255978][ T8780] BTRFS info (device loop3): disabling free space tree
[  220.263328][ T8780] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  220.274443][ T8780] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  220.321379][ T8608] veth0_macvtap: entered promiscuous mode
[  220.348511][ T8592] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.358038][ T8608] veth1_macvtap: entered promiscuous mode
[  220.432326][ T5116] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.508986][ T8752] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.539229][ T8752] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.576242][ T8752] bridge_slave_0: entered allmulticast mode
[  220.598136][ T8752] bridge_slave_0: entered promiscuous mode
[  220.656517][ T8752] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.670259][ T8752] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.677490][ T8752] bridge_slave_1: entered allmulticast mode
[  220.711002][ T8752] bridge_slave_1: entered promiscuous mode
[  220.827983][   T61] IPVS: stop unused estimator thread 0...
[  220.848528][ T8752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.864103][ T8608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.883551][ T8608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.897675][ T8608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.916491][ T8608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.933980][ T8812] input: syz0 as /devices/virtual/input/input7
[  220.952310][ T8608] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.973083][ T8752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.054586][ T8752] team0: Port device team_slave_0 added
[  221.077022][ T8608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.088002][ T8608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.098238][ T8608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.109182][ T8608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.120919][ T8608] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.134919][ T8752] team0: Port device team_slave_1 added
[  221.160834][ T5111] Bluetooth: hci3: command tx timeout
[  221.194357][ T8608] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.204306][ T8608] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.213676][ T8608] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.229077][ T8608] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.234932][   T29] audit: type=1800 audit(1851702160.056:145): pid=8816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1944 res=0 errno=0
[  221.276517][ T8592] veth0_vlan: entered promiscuous mode
[  221.284255][ T8752] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.293388][ T8752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.329098][ T8752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.352599][ T8752] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.360447][ T8752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.386587][ T8752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.436516][ T8592] veth1_vlan: entered promiscuous mode
[  221.494767][ T8752] hsr_slave_0: entered promiscuous mode
[  221.513823][ T8752] hsr_slave_1: entered promiscuous mode
[  221.584423][ T8592] veth0_macvtap: entered promiscuous mode
[  221.612188][ T8592] veth1_macvtap: entered promiscuous mode
[  221.680130][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.688054][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.746286][ T8777] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.771079][ T8777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.795683][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.819121][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.830274][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.846660][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.856533][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.867953][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.879083][ T8592] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.905843][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.916701][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.926982][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.946808][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.957369][ T8592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.968592][ T8592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.980724][ T8592] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.996117][ T8592] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.006052][ T8592] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.014840][ T8592] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.024645][ T8592] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.136124][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.144490][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.185361][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.195466][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.323720][ T8752] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  222.332923][ T8752] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  222.343323][ T8752] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  222.352455][ T8752] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  222.443874][ T8752] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.467825][ T8752] 8021q: adding VLAN 0 to HW filter on device team0
[  222.481835][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.488984][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.514580][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.521744][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.569352][ T8752] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  222.699158][ T8752] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.748532][ T8752] veth0_vlan: entered promiscuous mode
[  222.761580][ T8752] veth1_vlan: entered promiscuous mode
[  222.798199][ T8752] veth0_macvtap: entered promiscuous mode
[  222.812272][ T8752] veth1_macvtap: entered promiscuous mode
[  222.829983][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.842851][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.853731][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.864442][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.874377][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.884949][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.896584][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.907027][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.918384][ T8752] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.933187][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.943768][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.955262][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.965825][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.975740][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.988670][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.999318][ T8752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.009979][ T8752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.021402][ T8752] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.039903][ T8752] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.049318][ T8752] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.059130][ T8752] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.069256][ T8752] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.149020][ T1057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.157710][ T1057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.186466][  T950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.194543][  T950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.240442][ T5111] Bluetooth: hci3: command tx timeout
[  225.320216][ T5111] Bluetooth: hci3: command tx timeout
[  230.910266][ T8365] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  231.100182][ T8365] usb 4-1: Using ep0 maxpacket: 32
[  231.119308][ T8365] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.131857][ T8873] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  231.151009][ T8365] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.193584][ T8365] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  231.222762][ T8365] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.241348][ T8365] usb 4-1: config 0 descriptor??
[  231.263778][ T8365] hub 4-1:0.0: USB hub found
[  231.387057][ T8873] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.394924][ T8873] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.472485][ T8365] hub 4-1:0.0: 1 port detected
[  231.559356][ T8856] loop1: detected capacity change from 0 to 40427
[  232.012529][ T8873] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.039663][ T8873] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.220393][ T5114] hub 4-1:0.0: activate --> -90
[  232.286896][ T8873] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.296512][ T8873] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.306226][ T8873] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.317214][ T8873] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.541630][ T8886] loop1: detected capacity change from 0 to 1024
[  232.565479][   T29] audit: type=1800 audit(1851702171.196:146): pid=8886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  233.220938][ T8893] ip6gretap1: entered promiscuous mode
[  233.231006][ T8269] usb 4-1: USB disconnect, device number 7
[  233.239027][    T8] usb 4-1-port1: cannot reset (err = -71)
[  233.249551][ T8893] ip6gretap1: entered allmulticast mode
[  233.253363][    T8] usb 4-1-port1: attempt power cycle
[  233.483309][ T8907] dlm: non-version read from control device 0
[  233.595054][ T8913] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  234.178732][ T8944] netlink: 11562 bytes leftover after parsing attributes in process `syz-executor.2'.
[  234.198866][ T8949] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  234.209007][ T8949] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  234.509982][   T29] audit: type=1326 audit(1851702173.326:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe9b9e7cf69 code=0x0
[  234.660383][ T8981] loop3: detected capacity change from 0 to 512
[  234.669312][ T8981] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  234.707517][ T8981] EXT4-fs (loop3): 1 truncate cleaned up
[  234.714985][ T8981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.777154][ T5116] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.798430][   T29] audit: type=1326 audit(1851702174.616:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9030 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8eef87cf69 code=0x0
[  236.293539][ T9023] loop4: detected capacity change from 0 to 32768
[  236.323194][ T9023] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.371804][ T9029] loop2: detected capacity change from 0 to 40427
[  236.402302][ T9029] F2FS-fs (loop2): Found nat_bits in checkpoint
[  236.467563][ T9023] XFS (loop4): Ending clean mount
[  236.496012][ T9029] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  236.504012][ T9023] XFS (loop4): Quotacheck needed: Please wait.
[  236.576858][ T8752] bio_check_eod: 13 callbacks suppressed
[  236.576871][ T8752] syz-executor.2: attempt to access beyond end of device
[  236.576871][ T8752] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  236.598528][ T8752] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  236.617042][ T9023] XFS (loop4): Quotacheck: Done.
[  236.678140][   T29] audit: type=1800 audit(1851702175.496:149): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=9292 res=0 errno=0
[  236.738128][   T29] audit: type=1804 audit(1851702175.556:150): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1705993634/syzkaller.CvoIyT/22/file0/bus" dev="loop4" ino=9292 res=1 errno=0
[  236.904864][   T29] audit: type=1804 audit(1851702175.726:151): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1705993634/syzkaller.CvoIyT/22/file0/bus" dev="loop4" ino=9292 res=1 errno=0
[  236.979843][   T29] audit: type=1804 audit(1851702175.796:152): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1705993634/syzkaller.CvoIyT/22/file0/bus" dev="loop4" ino=9292 res=1 errno=0
[  237.183138][ T8592] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  237.793076][ T9072] RDS: rds_bind could not find a transport for ff::, load rds_tcp or rds_rdma?
[  238.529660][ T9081] netlink: 11562 bytes leftover after parsing attributes in process `syz-executor.3'.
[  238.970576][   T29] audit: type=1326 audit(1851702177.786:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9102 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe23187cf69 code=0x0
[  239.302299][ T9095] loop3: detected capacity change from 0 to 32768
[  239.414039][ T9108] RDS: rds_bind could not find a transport for ff::, load rds_tcp or rds_rdma?
[  239.577627][ T9095] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (9095)
[  239.954360][ T9095] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  239.993387][ T9095] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  240.038869][ T9095] BTRFS info (device loop3): using free-space-tree
[  240.246417][ T9132] loop2: detected capacity change from 0 to 256
[  240.300145][ T5116] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  240.610359][ T8375] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  240.827598][ T8375] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  240.856108][ T8375] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.889167][ T8375] usb 2-1: config 0 descriptor??
[  241.458717][ T9165] netlink: 3084 bytes leftover after parsing attributes in process `syz-executor.3'.
[  241.478251][ T9165] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  241.486828][ T9165] netlink: 193500 bytes leftover after parsing attributes in process `syz-executor.3'.
[  241.615884][ T9171] loop4: detected capacity change from 0 to 1024
[  241.636664][ T9171] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  241.658319][ T9171] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  241.674607][ T9175] loop3: detected capacity change from 0 to 256
[  241.688455][ T9171] jbd2_journal_init_inode: Cannot locate journal superblock
[  241.696008][ T9171] EXT4-fs (loop4): Could not load journal inode
[  241.726939][ T8375] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  241.739967][ T8375] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  241.751429][ T8375] asix 2-1:0.0: probe with driver asix failed with error -71
[  241.767991][ T8375] usb 2-1: USB disconnect, device number 4
[  242.204431][ T9185] loop4: detected capacity change from 0 to 2048
[  242.255560][ T9185] UDF-fs: warning (device loop4): udf_fill_super: No partition found (2)
[  242.365769][ T9182] fuse: Bad value for 'group_id'
[  243.182848][ T9226] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.577942][ T9249] netlink: 'syz-executor.3': attribute type 15 has an invalid length.
[  244.054176][ T9273] loop4: detected capacity change from 0 to 1024
[  244.078089][ T9273] hfsplus: failed to load extents file
[  245.171674][ T9289] loop1: detected capacity change from 0 to 32768
[  246.239809][ T9325] loop2: detected capacity change from 0 to 1024
[  246.251727][ T9325] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  246.265093][ T9325] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  246.308975][ T9325] jbd2_journal_init_inode: Cannot locate journal superblock
[  246.316886][ T9325] EXT4-fs (loop2): Could not load journal inode
[  246.350145][ T8375] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  246.401414][ T9310] loop4: detected capacity change from 0 to 40427
[  246.423031][ T9310] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  246.433386][ T9310] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  246.445932][ T9310] F2FS-fs (loop4): invalid crc value
[  246.468663][ T9310] F2FS-fs (loop4): Found nat_bits in checkpoint
[  246.561683][ T8375] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  246.571193][ T9339] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  246.581112][ T8375] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.605102][ T8375] usb 4-1: config 0 descriptor??
[  246.627544][ T9340] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  246.640672][ T9310] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  246.649603][ T9310] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  246.745596][ T8592] syz-executor.4: attempt to access beyond end of device
[  246.745596][ T8592] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  246.778623][ T8592] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  247.259098][ T9337] loop2: detected capacity change from 0 to 32768
[  247.279483][ T9337] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9337)
[  247.334123][ T9337] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  247.352464][ T9337] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  247.374641][ T9337] BTRFS info (device loop2): using free-space-tree
[  247.447143][ T8375] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  247.460576][ T8375] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  247.473468][ T8375] asix 4-1:0.0: probe with driver asix failed with error -71
[  247.485567][ T8375] usb 4-1: USB disconnect, device number 12
[  247.526601][ T9343] loop1: detected capacity change from 0 to 32768
[  247.599726][ T8752] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.203711][ T9387] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  248.277168][ T9392] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  248.765384][ T9389] loop4: detected capacity change from 0 to 32768
[  248.775362][ T9389] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9389)
[  248.795956][ T9389] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.807198][ T9389] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  248.816062][ T9389] BTRFS info (device loop4): using free-space-tree
[  248.879414][ T8592] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.963863][ T8269] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  249.161493][ T8269] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  249.177453][ T8269] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.188571][ T8269] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.208940][ T8269] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  249.231206][ T8269] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  249.247872][ T8269] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  249.256396][ T8269] usb 3-1: Manufacturer: syz
[  249.271044][ T8269] usb 3-1: config 0 descriptor??
[  249.338955][ T9433] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  249.423680][ T9435] Invalid ELF header len 1
[  249.694028][ T8269] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[  249.706079][ T8269] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[  249.736267][ T8269] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  249.780255][ T9444] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  250.338476][ T9465] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  250.520509][ T5111] Bluetooth: hci0: command 0x0401 tx timeout
[  250.541221][ T9472] loop4: detected capacity change from 0 to 2048
[  250.560924][ T9472] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  250.581679][ T8269] usb 3-1: USB disconnect, device number 3
[  250.592622][ T9472] syz-executor.4: attempt to access beyond end of device
[  250.592622][ T9472] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  250.608474][ T9473] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.661650][ T9472] syz-executor.4: attempt to access beyond end of device
[  250.661650][ T9472] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  250.701231][ T9472] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  250.709802][ T9472] NILFS (loop4): error -5 reading inode: ino=12
[  250.748039][ T9477] loop3: detected capacity change from 0 to 4096
[  250.771030][ T9477] NILFS (loop3): invalid segment: Checksum error in segment payload
[  250.779257][ T9477] NILFS (loop3): trying rollback from an earlier position
[  250.804264][ T9477] NILFS (loop3): recovery complete
[  250.814735][ T9479] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.828087][ T9472] syz-executor.4: attempt to access beyond end of device
[  250.828087][ T9472] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  250.848580][ T9472] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  250.859343][ T9472] NILFS (loop4): error -5 reading inode: ino=15
[  250.873067][ T9472] syz-executor.4: attempt to access beyond end of device
[  250.873067][ T9472] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  250.887661][ T9472] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  250.897630][ T9472] NILFS (loop4): error -5 reading inode: ino=15
[  251.272097][ T9485] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  251.528934][ T9505] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  251.988760][ T9515] loop1: detected capacity change from 0 to 2048
[  252.362554][ T9502] loop2: detected capacity change from 0 to 32768
[  252.385740][ T9523] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  252.412381][ T9502] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  252.509980][ T9502] XFS (loop2): Ending clean mount
[  252.538136][ T8752] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  252.711423][ T8269] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  252.760595][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  252.896702][ T8269] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  252.908203][ T8269] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  252.932314][ T8269] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  252.950611][ T8269] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  252.959661][ T8269] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.971588][ T8269] usb 2-1: config 0 descriptor??
[  252.977250][    T8] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  252.980460][ T9533] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  252.986469][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.011506][    T8] usb 5-1: config 0 descriptor??
[  253.115702][ T9542] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  253.350616][ T9551] netlink: 'syz-executor.2': attribute type 6 has an invalid length.
[  253.454620][ T8269] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  253.465287][ T8269] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  253.493749][ T8269] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  253.786522][ T8269] usb 2-1: USB disconnect, device number 5
[  253.834117][    T8] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  253.844688][    T8] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  253.856524][    T8] asix 5-1:0.0: probe with driver asix failed with error -71
[  253.869068][    T8] usb 5-1: USB disconnect, device number 3
[  254.022258][ T9557] loop2: detected capacity change from 0 to 40427
[  254.039087][ T9557] F2FS-fs (loop2): Found nat_bits in checkpoint
[  254.083530][ T9557] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  254.214233][ T5111] Bluetooth: hci0: command tx timeout
[  254.445918][ T9563] syz-executor.2: attempt to access beyond end of device
[  254.445918][ T9563] loop2: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  254.461588][ T9563] syz-executor.2: attempt to access beyond end of device
[  254.461588][ T9563] loop2: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  254.700764][   T29] audit: type=1800 audit(1851702193.246:154): pid=9563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=10 res=0 errno=0
[  255.017674][ T9565] Invalid ELF header len 1
[  255.121547][ T8752] syz-executor.2: attempt to access beyond end of device
[  255.121547][ T8752] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  255.138171][ T8752] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  255.196121][ T9567] loop4: detected capacity change from 0 to 2048
[  255.250126][ T9567] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  255.278741][ T9572] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  255.289845][ T9567] syz-executor.4: attempt to access beyond end of device
[  255.289845][ T9567] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  255.347183][ T9567] syz-executor.4: attempt to access beyond end of device
[  255.347183][ T9567] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  255.397595][ T9567] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  255.421588][ T9567] NILFS (loop4): error -5 reading inode: ino=12
[  255.505287][ T9567] syz-executor.4: attempt to access beyond end of device
[  255.505287][ T9567] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  255.528009][ T9567] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  255.537037][ T9567] NILFS (loop4): error -5 reading inode: ino=15
[  255.556664][ T9567] syz-executor.4: attempt to access beyond end of device
[  255.556664][ T9567] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  255.581778][ T9567] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3)
[  255.596175][ T9567] NILFS (loop4): error -5 reading inode: ino=15
[  255.907686][ T9582] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  255.936605][ T9582] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.2'.
[  256.013162][ T9569] loop1: detected capacity change from 0 to 32768
[  256.123216][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  256.129545][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  256.289296][ T9578] loop3: detected capacity change from 0 to 32768
[  256.355376][   T45] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  256.572730][   T45] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  256.585143][   T45] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  256.610560][   T45] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  256.620856][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  256.639455][   T45] usb 3-1: SerialNumber: syz
[  256.670552][ T9588] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  256.671239][ T9596] loop1: detected capacity change from 0 to 1024
[  257.322606][ T5157] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  257.544012][ T5157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  257.589114][   T45] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  257.610562][ T5157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  257.632035][   T45] usb 3-1: USB disconnect, device number 4
[  257.645992][ T5157] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  257.685505][ T5157] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  257.737940][ T5157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.756120][ T5157] usb 5-1: config 0 descriptor??
[  257.767040][ T9602] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  257.898467][ T9609] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  257.961434][ T9610] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  258.022237][ T9607] loop3: detected capacity change from 0 to 40427
[  258.042509][ T9607] F2FS-fs (loop3): Found nat_bits in checkpoint
[  258.150528][ T9607] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  258.244630][ T5157] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd
[  258.257236][ T5157] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  258.270464][ T5157] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  258.417889][ T9622] Invalid ELF header len 1
[  258.639378][ T9625] syz-executor.3: attempt to access beyond end of device
[  258.639378][ T9625] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  258.654303][ T9625] syz-executor.3: attempt to access beyond end of device
[  258.654303][ T9625] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  258.963042][   T29] audit: type=1800 audit(1851702197.426:155): pid=9625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0
[  259.205350][ T5157] usb 5-1: USB disconnect, device number 4
[  259.282528][ T5116] syz-executor.3: attempt to access beyond end of device
[  259.282528][ T5116] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  259.310295][ T5116] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  259.325714][ T9627] xt_connbytes: Forcing CT accounting to be enabled
[  259.347327][ T9627] xt_time: invalid argument - start or stop time greater than 23:59:59
[  259.490274][ T7559] jfs_flush_journal: synclist not empty
[  259.497095][ T7559] metapage: ffff88802e0859b0: 00001000 00000000 00003c24 00000000
[  259.517624][ T7559] metapage: ffff88802e0859c0: 2fe45228 ffff8880 2fe45228 ffff8880
[  259.559283][ T7559] metapage: ffff88802e0859d0: 00000004 00000000 00000000 00000000
[  259.574903][ T7559] metapage: ffff88802e0859e0: 2917d000 ffff8880 0000002c 00000000
[  259.590374][ T7559] metapage: ffff88802e0859f0: 00000000 dead4ead ffffffff 00000000
[  259.604021][ T7559] metapage: ffff88802e085a00: ffffffff ffffffff 949030c0 ffffffff
[  259.633483][ T7559] metapage: ffff88802e085a10: 92d284a0 ffffffff 00000000 00000000
[  259.650369][ T7559] metapage: ffff88802e085a20: 8c02ad40 ffffffff 00000200 00000000
[  259.679926][ T7559] metapage: ffff88802e085a30: 2e085a30 ffff8880 2e085a30 ffff8880
[  259.698331][ T7559] metapage: ffff88802e085a40: 00a45f40 ffffea00 7d0aa000 ffff8880
[  259.714097][ T7559] metapage: ffff88802e085a50: 00001000 00003ea8 00000001 00000000
[  259.731910][ T7559] metapage: ffff88802e085a60: 2fe45000 ffff8880
[  259.738183][ T7559] page: ffffea0000a45f40: 00fff5000000422c ffffea0000895e88
[  259.780159][ T7559] page: ffffea0000a45f50: ffffea00009b8e08 ffff8880609746d8
[  259.787518][ T7559] page: ffffea0000a45f60: 000000000000002c ffff88802e0859b0
[  259.821205][ T7559] page: ffffea0000a45f70: 00000003ffffffff ffff88807b8b2000
[  259.999485][ T9643] loop4: detected capacity change from 0 to 64
[  260.275553][ T9629] loop2: detected capacity change from 0 to 40427
[  260.284131][ T9629] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  260.291918][ T9629] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  260.306848][ T9629] F2FS-fs (loop2): invalid crc value
[  260.318243][ T9629] F2FS-fs (loop2): Found nat_bits in checkpoint
[  260.428294][ T9629] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  260.437598][ T9629] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  260.464506][ T9662] xt_connbytes: Forcing CT accounting to be enabled
[  260.478636][ T9662] xt_time: invalid argument - start or stop time greater than 23:59:59
[  260.501482][   T45] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  260.596087][ T8752] syz-executor.2: attempt to access beyond end of device
[  260.596087][ T8752] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  260.619268][ T8752] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  261.266231][ T9680] loop4: detected capacity change from 0 to 64
[  261.332443][   T45] usb 2-1: device descriptor read/all, error -71
[  261.809335][ T9693] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  261.830127][ T9693] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.4'.
[  262.010224][ T9695] xt_time: invalid argument - start or stop time greater than 23:59:59
[  262.101038][ T5157] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  262.302016][ T5157] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  262.334526][ T5157] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  262.371928][ T5157] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  262.412808][ T5157] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  262.441915][ T5157] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.476980][ T5157] usb 3-1: config 0 descriptor??
[  262.495350][ T9689] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  262.978093][ T5157] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd
[  263.002146][ T5157] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  263.041645][ T5157] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  263.137327][ T9701] loop1: detected capacity change from 0 to 40427
[  263.152450][ T9701] F2FS-fs (loop1): heap/no_heap options were deprecated
[  263.167939][ T9697] loop4: detected capacity change from 0 to 40427
[  263.176058][ T9701] F2FS-fs (loop1): invalid crc value
[  263.181779][ T9701] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  263.192334][ T9697] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  263.203001][ T9697] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  263.214373][ T9701] F2FS-fs (loop1): Found nat_bits in checkpoint
[  263.253710][ T9697] F2FS-fs (loop4): invalid crc value
[  263.269822][ T9697] F2FS-fs (loop4): Found nat_bits in checkpoint
[  263.295140][ T9701] F2FS-fs (loop1): write access unavailable, skipping recovery
[  263.311897][ T9701] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  263.329412][    T8] usb 3-1: USB disconnect, device number 5
[  263.362580][ T9697] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  263.369654][ T9697] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  263.451934][ T8592] syz-executor.4: attempt to access beyond end of device
[  263.451934][ T8592] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  263.468051][ T8592] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  263.550152][ T5157] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  263.638704][ T9726] loop1: detected capacity change from 0 to 64
[  263.771793][ T5157] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  263.798206][ T5157] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  263.814676][ T5157] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  263.824195][ T5157] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  263.832410][ T5157] usb 4-1: SerialNumber: syz
[  263.840965][ T9720] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  263.860863][ T9728] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  263.869001][ T9728] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'.
[  264.031587][ T9733] loop1: detected capacity change from 0 to 1024
[  264.773200][ T5157] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  264.798994][ T5157] usb 4-1: USB disconnect, device number 13
[  264.948573][ T9755] loop2: detected capacity change from 0 to 64
[  265.101473][ T9758] loop2: detected capacity change from 0 to 256
[  265.132112][ T9758] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  265.293746][ T9751] loop1: detected capacity change from 0 to 40427
[  265.303109][ T9751] F2FS-fs (loop1): heap/no_heap options were deprecated
[  265.325320][ T9751] F2FS-fs (loop1): invalid crc value
[  265.336116][ T9751] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  265.353526][ T9751] F2FS-fs (loop1): Found nat_bits in checkpoint
[  265.494644][ T9751] F2FS-fs (loop1): write access unavailable, skipping recovery
[  265.510253][ T9751] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  266.047822][ T9771] loop1: detected capacity change from 0 to 1024
[  266.340804][ T9764] loop3: detected capacity change from 0 to 40427
[  266.366034][ T9764] F2FS-fs (loop3): Found nat_bits in checkpoint
[  266.416287][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  266.428025][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  266.442242][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  266.451414][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  266.459810][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  266.469749][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  266.653884][ T9764] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  266.878905][ T9784] chnl_net:caif_netlink_parms(): no params data found
[  267.126626][ T9793] syz-executor.3: attempt to access beyond end of device
[  267.126626][ T9793] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  267.143976][ T9793] syz-executor.3: attempt to access beyond end of device
[  267.143976][ T9793] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  267.635918][   T29] audit: type=1800 audit(1851702205.926:156): pid=9793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0
[  267.799137][ T5116] syz-executor.3: attempt to access beyond end of device
[  267.799137][ T5116] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  267.841337][ T9796] loop4: detected capacity change from 0 to 256
[  267.841750][ T9784] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.863540][ T5116] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  267.888603][ T9784] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.901945][ T9784] bridge_slave_0: entered allmulticast mode
[  267.914333][ T9784] bridge_slave_0: entered promiscuous mode
[  267.926792][ T9784] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.934731][ T9784] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.943376][ T9784] bridge_slave_1: entered allmulticast mode
[  267.962779][ T9784] bridge_slave_1: entered promiscuous mode
[  267.979976][ T9796] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  268.080279][ T9784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.102368][ T9784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.216014][ T9784] team0: Port device team_slave_0 added
[  268.254951][ T9784] team0: Port device team_slave_1 added
[  268.428403][ T9784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.444069][ T9784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.474120][ T9784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.512042][ T9784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.519108][ T9784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.545664][   T53] Bluetooth: hci3: command tx timeout
[  268.556601][ T9784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.644769][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.854014][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.933521][ T9784] hsr_slave_0: entered promiscuous mode
[  268.939835][ T9784] hsr_slave_1: entered promiscuous mode
[  268.970290][ T9784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.977921][ T9784] Cannot create hsr debugfs directory
[  269.000299][ T8269] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  269.073197][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.192213][ T8269] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  269.217575][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.220900][ T8269] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  269.293217][ T8269] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  269.304154][ T8269] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  269.320949][ T8269] usb 4-1: SerialNumber: syz
[  269.337126][ T9799] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  269.437852][ T5111] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  269.449250][ T5111] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  269.462540][ T5111] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  269.471472][ T5111] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  269.485458][ T5111] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  269.498831][ T5111] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  269.803583][   T35] bridge_slave_1: left allmulticast mode
[  269.809602][   T35] bridge_slave_1: left promiscuous mode
[  269.827060][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.846563][   T35] bridge_slave_0: left allmulticast mode
[  269.925290][   T35] bridge_slave_0: left promiscuous mode
[  269.941831][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.166341][ T8269] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  270.196944][ T8269] usb 4-1: USB disconnect, device number 14
[  270.610107][   T53] Bluetooth: hci3: command tx timeout
[  271.579888][   T53] Bluetooth: hci2: command tx timeout
[  271.630636][ T9818] input: syz0 as /devices/virtual/input/input11
[  271.705593][ T9822] loop1: detected capacity change from 0 to 256
[  271.740885][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.756247][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.785490][   T35] bond0 (unregistering): Released all slaves
[  272.205312][   T35] hsr_slave_0: left promiscuous mode
[  272.216487][   T35] hsr_slave_1: left promiscuous mode
[  272.225511][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.237735][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.247594][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.255623][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.279942][   T35] veth1_macvtap: left promiscuous mode
[  272.286046][   T35] veth0_macvtap: left promiscuous mode
[  272.291796][   T35] veth1_vlan: left promiscuous mode
[  272.297167][   T35] veth0_vlan: left promiscuous mode
[  272.683113][   T53] Bluetooth: hci3: command tx timeout
[  272.898905][   T35] team0 (unregistering): Port device team_slave_1 removed
[  272.958700][   T35] team0 (unregistering): Port device team_slave_0 removed
[  273.265308][ T9839] loop3: detected capacity change from 0 to 40427
[  273.294691][ T9839] F2FS-fs (loop3): Found nat_bits in checkpoint
[  273.379453][ T9839] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  273.645363][   T53] Bluetooth: hci2: command tx timeout
[  273.781109][ T9847] syz-executor.3: attempt to access beyond end of device
[  273.781109][ T9847] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  273.796446][ T9847] syz-executor.3: attempt to access beyond end of device
[  273.796446][ T9847] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  274.009794][   T29] audit: type=1800 audit(1851702212.576:157): pid=9847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0
[  274.474583][ T5116] syz-executor.3: attempt to access beyond end of device
[  274.474583][ T5116] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  274.502852][ T9851] syz-executor.1[9851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.503088][ T9851] syz-executor.1[9851] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  274.514871][ T5116] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  274.564417][ T9803] chnl_net:caif_netlink_parms(): no params data found
[  274.706193][ T9784] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  274.724090][ T9784] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  274.771245][   T53] Bluetooth: hci3: command tx timeout
[  274.814763][ T9784] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  274.825380][   T53] ==================================================================
[  274.833473][   T53] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x299/0x370
[  274.841291][   T53] Read of size 4 at addr ffff888045600104 by task kworker/u9:0/53
[  274.849082][   T53] 
[  274.851412][   T53] CPU: 1 PID: 53 Comm: kworker/u9:0 Tainted: G        W          6.10.0-rc2-next-20240604-syzkaller #0
[  274.862424][   T53] Tainted: [W]=WARN
[  274.866216][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  274.876263][   T53] Workqueue: hci0 hci_rx_work
[  274.880961][   T53] Call Trace:
[  274.884230][   T53]  <TASK>
[  274.887149][   T53]  dump_stack_lvl+0x241/0x360
[  274.891826][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  274.897024][   T53]  ? __pfx__printk+0x10/0x10
[  274.901609][   T53]  ? _printk+0xd5/0x120
[  274.905755][   T53]  ? __virt_addr_valid+0x183/0x520
[  274.910872][   T53]  ? __virt_addr_valid+0x183/0x520
[  274.915983][   T53]  print_report+0x169/0x550
[  274.920479][   T53]  ? __virt_addr_valid+0x183/0x520
[  274.925585][   T53]  ? __virt_addr_valid+0x183/0x520
[  274.930690][   T53]  ? __virt_addr_valid+0x44e/0x520
[  274.935791][   T53]  ? __phys_addr+0xba/0x170
[  274.940287][   T53]  ? do_raw_spin_lock+0x299/0x370
[  274.945297][   T53]  kasan_report+0x143/0x180
[  274.949790][   T53]  ? do_raw_spin_lock+0x299/0x370
[  274.954804][   T53]  do_raw_spin_lock+0x299/0x370
[  274.959646][   T53]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  274.965016][   T53]  _raw_spin_lock_irqsave+0xe1/0x120
[  274.970298][   T53]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  274.976185][   T53]  ? __local_bh_enable_ip+0x168/0x200
[  274.981550][   T53]  ? skb_dst_force+0x52/0x370
[  274.986219][   T53]  ? __sock_queue_rcv_skb+0x3ee/0x9b0
[  274.991585][   T53]  __sock_queue_rcv_skb+0x408/0x9b0
[  274.996778][   T53]  l2cap_sock_recv_cb+0x177/0x4f0
[  275.001801][   T53]  l2cap_recv_frame+0x8b6d/0x105f0
[  275.006901][   T53]  ? deref_stack_reg+0x1c7/0x260
[  275.011834][   T53]  ? validate_chain+0x11e/0x5920
[  275.016768][   T53]  ? validate_chain+0x11e/0x5920
[  275.021704][   T53]  ? validate_chain+0x11e/0x5920
[  275.026634][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.031828][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.037021][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.042210][   T53]  ? validate_chain+0x11e/0x5920
[  275.047139][   T53]  ? stack_trace_save+0x118/0x1d0
[  275.052152][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.057342][   T53]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  275.062702][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.067893][   T53]  ? mark_lock+0x9a/0x360
[  275.072212][   T53]  ? __lock_acquire+0x1359/0x2000
[  275.077230][   T53]  ? mark_lock+0x9a/0x360
[  275.081567][   T53]  ? hci_rx_work+0x4e7/0xca0
[  275.086146][   T53]  ? __pfx_lock_release+0x10/0x10
[  275.091170][   T53]  ? __mutex_unlock_slowpath+0x21d/0x750
[  275.096790][   T53]  ? __pfx_lock_release+0x10/0x10
[  275.101804][   T53]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  275.107782][   T53]  ? hci_conn_enter_active_mode+0x260/0x370
[  275.113670][   T53]  ? l2cap_recv_acldata+0x48e/0x1550
[  275.118945][   T53]  ? hci_conn_hash_lookup_handle+0x21/0x240
[  275.124829][   T53]  ? hci_conn_hash_lookup_handle+0x226/0x240
[  275.130802][   T53]  hci_rx_work+0x50f/0xca0
[  275.135210][   T53]  ? process_scheduled_works+0x945/0x1830
[  275.140919][   T53]  process_scheduled_works+0xa2c/0x1830
[  275.146464][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  275.152436][   T53]  ? assign_work+0x364/0x3d0
[  275.157019][   T53]  worker_thread+0x86d/0xd50
[  275.161605][   T53]  ? __kthread_parkme+0x169/0x1d0
[  275.166619][   T53]  ? __pfx_worker_thread+0x10/0x10
[  275.171721][   T53]  kthread+0x2f0/0x390
[  275.175779][   T53]  ? __pfx_worker_thread+0x10/0x10
[  275.180885][   T53]  ? __pfx_kthread+0x10/0x10
[  275.185465][   T53]  ret_from_fork+0x4b/0x80
[  275.189873][   T53]  ? __pfx_kthread+0x10/0x10
[  275.194451][   T53]  ret_from_fork_asm+0x1a/0x30
[  275.199214][   T53]  </TASK>
[  275.202223][   T53] 
[  275.204531][   T53] Allocated by task 9853:
[  275.208840][   T53]  kasan_save_track+0x3f/0x80
[  275.213509][   T53]  __kasan_kmalloc+0x98/0xb0
[  275.218100][   T53]  __kmalloc_noprof+0x1f9/0x400
[  275.222940][   T53]  sk_prot_alloc+0xe0/0x210
[  275.227428][   T53]  sk_alloc+0x38/0x370
[  275.231482][   T53]  bt_sock_alloc+0x3c/0x340
[  275.235975][   T53]  l2cap_sock_create+0x13f/0x2d0
[  275.240910][   T53]  bt_sock_create+0x161/0x230
[  275.245575][   T53]  __sock_create+0x490/0x920
[  275.250159][   T53]  __sys_socket+0x150/0x3c0
[  275.254652][   T53]  __x64_sys_socket+0x7a/0x90
[  275.259316][   T53]  do_syscall_64+0xf3/0x230
[  275.263809][   T53]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.269691][   T53] 
[  275.272001][   T53] Freed by task 9852:
[  275.275962][   T53]  kasan_save_track+0x3f/0x80
[  275.280632][   T53]  kasan_save_free_info+0x40/0x50
[  275.285643][   T53]  poison_slab_object+0xe0/0x150
[  275.290568][   T53]  __kasan_slab_free+0x37/0x60
[  275.295321][   T53]  kfree+0x149/0x360
[  275.299200][   T53]  __sk_destruct+0x476/0x5f0
[  275.303774][   T53]  l2cap_sock_release+0x15b/0x1d0
[  275.308785][   T53]  sock_close+0xbc/0x240
[  275.313019][   T53]  __fput+0x406/0x8b0
[  275.316991][   T53]  __x64_sys_close+0x7f/0x110
[  275.321664][   T53]  do_syscall_64+0xf3/0x230
[  275.326160][   T53]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.332046][   T53] 
[  275.334357][   T53] The buggy address belongs to the object at ffff888045600000
[  275.334357][   T53]  which belongs to the cache kmalloc-2k of size 2048
[  275.348392][   T53] The buggy address is located 260 bytes inside of
[  275.348392][   T53]  freed 2048-byte region [ffff888045600000, ffff888045600800)
[  275.362261][   T53] 
[  275.364570][   T53] The buggy address belongs to the physical page:
[  275.370993][   T53] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45600
[  275.379744][   T53] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  275.388231][   T53] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  275.395764][   T53] page_type: 0xfdffffff(slab)
[  275.400431][   T53] raw: 00fff00000000040 ffff888015042000 dead000000000100 dead000000000122
[  275.409089][   T53] raw: 0000000000000000 0000000080080008 00000001fdffffff 0000000000000000
[  275.417661][   T53] head: 00fff00000000040 ffff888015042000 dead000000000100 dead000000000122
[  275.426320][   T53] head: 0000000000000000 0000000080080008 00000001fdffffff 0000000000000000
[  275.434987][   T53] head: 00fff00000000003 ffffea0001158001 ffffffffffffffff 0000000000000000
[  275.443647][   T53] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  275.452303][   T53] page dumped because: kasan: bad access detected
[  275.458710][   T53] page_owner tracks the page as allocated
[  275.464407][   T53] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 8364, tgid 8364 (kworker/0:15), ts 218083447206, free_ts 217978244236
[  275.487155][   T53]  post_alloc_hook+0x1f3/0x230
[  275.491920][   T53]  get_page_from_freelist+0x2cbd/0x2d70
[  275.497462][   T53]  __alloc_pages_noprof+0x256/0x6c0
[  275.502649][   T53]  alloc_slab_page+0x5f/0x120
[  275.507334][   T53]  allocate_slab+0x5a/0x2f0
[  275.511843][   T53]  ___slab_alloc+0xcd1/0x14b0
[  275.516515][   T53]  __slab_alloc+0x58/0xa0
[  275.520839][   T53]  kmalloc_node_track_caller_noprof+0x281/0x440
[  275.527072][   T53]  kmalloc_reserve+0x111/0x2a0
[  275.531836][   T53]  pskb_expand_head+0x202/0x1390
[  275.536768][   T53]  netlink_trim+0x183/0x220
[  275.541261][   T53]  netlink_broadcast_filtered+0x76/0x1290
[  275.546971][   T53]  nlmsg_notify+0xfb/0x1c0
[  275.551382][   T53]  netdev_state_change+0x139/0x1a0
[  275.556679][   T53]  linkwatch_do_dev+0x112/0x170
[  275.561547][   T53]  __linkwatch_run_queue+0x44f/0x6c0
[  275.566836][   T53] page last free pid 8767 tgid 8767 stack trace:
[  275.573152][   T53]  free_unref_page+0xd22/0xea0
[  275.577927][   T53]  __put_partials+0xeb/0x130
[  275.582518][   T53]  put_cpu_partial+0x17c/0x250
[  275.587290][   T53]  __slab_free+0x2ea/0x3d0
[  275.591701][   T53]  qlist_free_all+0x9e/0x140
[  275.596286][   T53]  kasan_quarantine_reduce+0x14f/0x170
[  275.601742][   T53]  __kasan_slab_alloc+0x23/0x80
[  275.606590][   T53]  kmem_cache_alloc_noprof+0x135/0x2a0
[  275.612048][   T53]  getname_flags+0xbd/0x4f0
[  275.616549][   T53]  __x64_sys_symlinkat+0x7c/0xb0
[  275.621483][   T53]  do_syscall_64+0xf3/0x230
[  275.625986][   T53]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.631883][   T53] 
[  275.634202][   T53] Memory state around the buggy address:
[  275.639819][   T53]  ffff888045600000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.647869][   T53]  ffff888045600080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.655923][   T53] >ffff888045600100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.663985][   T53]                    ^
[  275.668054][   T53]  ffff888045600180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.676107][   T53]  ffff888045600200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.684155][   T53] ==================================================================
[  275.692384][   T53] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  275.699657][   T53] CPU: 1 PID: 53 Comm: kworker/u9:0 Tainted: G        W          6.10.0-rc2-next-20240604-syzkaller #0
[  275.710670][   T53] Tainted: [W]=WARN
[  275.714462][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  275.724514][   T53] Workqueue: hci0 hci_rx_work
[  275.729208][   T53] Call Trace:
[  275.732499][   T53]  <TASK>
[  275.735432][   T53]  dump_stack_lvl+0x241/0x360
[  275.740122][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.745338][   T53]  ? __pfx__printk+0x10/0x10
[  275.749929][   T53]  ? rcu_is_watching+0x15/0xb0
[  275.754690][   T53]  ? lock_release+0xbf/0x9f0
[  275.759275][   T53]  ? vscnprintf+0x5d/0x90
[  275.763595][   T53]  panic+0x349/0x870
[  275.767486][   T53]  ? check_panic_on_warn+0x21/0xb0
[  275.772595][   T53]  ? __pfx_panic+0x10/0x10
[  275.777002][   T53]  ? do_raw_spin_unlock+0x13c/0x8b0
[  275.782192][   T53]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  275.788081][   T53]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  275.794405][   T53]  ? print_report+0x502/0x550
[  275.799077][   T53]  check_panic_on_warn+0x86/0xb0
[  275.804011][   T53]  ? do_raw_spin_lock+0x299/0x370
[  275.809027][   T53]  end_report+0x77/0x160
[  275.813260][   T53]  kasan_report+0x154/0x180
[  275.817776][   T53]  ? do_raw_spin_lock+0x299/0x370
[  275.822794][   T53]  do_raw_spin_lock+0x299/0x370
[  275.827635][   T53]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  275.833000][   T53]  _raw_spin_lock_irqsave+0xe1/0x120
[  275.838287][   T53]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  275.844180][   T53]  ? __local_bh_enable_ip+0x168/0x200
[  275.849549][   T53]  ? skb_dst_force+0x52/0x370
[  275.854310][   T53]  ? __sock_queue_rcv_skb+0x3ee/0x9b0
[  275.859678][   T53]  __sock_queue_rcv_skb+0x408/0x9b0
[  275.864874][   T53]  l2cap_sock_recv_cb+0x177/0x4f0
[  275.869897][   T53]  l2cap_recv_frame+0x8b6d/0x105f0
[  275.875004][   T53]  ? deref_stack_reg+0x1c7/0x260
[  275.879937][   T53]  ? validate_chain+0x11e/0x5920
[  275.884873][   T53]  ? validate_chain+0x11e/0x5920
[  275.889812][   T53]  ? validate_chain+0x11e/0x5920
[  275.894744][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.899936][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.905128][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.910329][   T53]  ? validate_chain+0x11e/0x5920
[  275.915265][   T53]  ? stack_trace_save+0x118/0x1d0
[  275.920293][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.925485][   T53]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  275.930848][   T53]  ? __pfx_validate_chain+0x10/0x10
[  275.936047][   T53]  ? mark_lock+0x9a/0x360
[  275.940378][   T53]  ? __lock_acquire+0x1359/0x2000
[  275.945413][   T53]  ? mark_lock+0x9a/0x360
[  275.949746][   T53]  ? hci_rx_work+0x4e7/0xca0
[  275.954331][   T53]  ? __pfx_lock_release+0x10/0x10
[  275.959353][   T53]  ? __mutex_unlock_slowpath+0x21d/0x750
[  275.964982][   T53]  ? __pfx_lock_release+0x10/0x10
[  275.970001][   T53]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  275.975984][   T53]  ? hci_conn_enter_active_mode+0x260/0x370
[  275.981875][   T53]  ? l2cap_recv_acldata+0x48e/0x1550
[  275.987153][   T53]  ? hci_conn_hash_lookup_handle+0x21/0x240
[  275.993041][   T53]  ? hci_conn_hash_lookup_handle+0x226/0x240
[  275.999014][   T53]  hci_rx_work+0x50f/0xca0
[  276.003427][   T53]  ? process_scheduled_works+0x945/0x1830
[  276.009141][   T53]  process_scheduled_works+0xa2c/0x1830
[  276.014691][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  276.020667][   T53]  ? assign_work+0x364/0x3d0
[  276.025248][   T53]  worker_thread+0x86d/0xd50
[  276.029834][   T53]  ? __kthread_parkme+0x169/0x1d0
[  276.034858][   T53]  ? __pfx_worker_thread+0x10/0x10
[  276.039970][   T53]  kthread+0x2f0/0x390
[  276.044037][   T53]  ? __pfx_worker_thread+0x10/0x10
[  276.049141][   T53]  ? __pfx_kthread+0x10/0x10
[  276.053725][   T53]  ret_from_fork+0x4b/0x80
[  276.058143][   T53]  ? __pfx_kthread+0x10/0x10
[  276.062725][   T53]  ret_from_fork_asm+0x1a/0x30
[  276.067489][   T53]  </TASK>
[  276.070733][   T53] Kernel Offset: disabled
[  276.075049][   T53] Rebooting in 86400 seconds..