last executing test programs:

7.110752947s ago: executing program 3 (id=2399):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x17, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7.019177939s ago: executing program 3 (id=2402):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r2, &(0x7f0000000400)=[{&(0x7f0000000480)=""/174, 0xae}, {&(0x7f00000006c0)=""/248, 0xf8}], 0x2)

6.160398795s ago: executing program 3 (id=2419):
pipe(&(0x7f0000000080))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
splice(0xffffffffffffffff, &(0x7f00000001c0)=0x6, r1, 0x0, 0x4, 0x0)

6.015545956s ago: executing program 2 (id=2421):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/bus/input/handlers\x00', 0x0, 0x0)
read$char_usb(r0, &(0x7f00000030c0)=""/4110, 0x100e)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/140, 0x8c}], 0x1, 0x8001, 0x0)
read$char_usb(r0, &(0x7f0000000000)=""/44, 0x1f)

5.940193152s ago: executing program 2 (id=2423):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x0, 0x6210, &(0x7f000000a4c0)="$eJzs3U1vHVf9B/DfffRD/22tLqr+K4TcBx5KaRInJQQKtF3Agk0XqFuUyHWriBRQElBaWcSVNyxY8QpASCwRYolY8AK6YMuOFSsi2Uigrhg09jnx+Obe2sb2nWufz0dyZn5z5vqe8ffOfcjM3BMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHz3O99b6UTE9Z+mBUsR/xe9iG7EQl0vR8TC8lJevx8Rz8ROczwdEYO5iPr2O/88GfFqRHz8RMTW9vpqvfjyIfvx7d//9Tfff+ytv/xucPHff7g7eb17937xrz/eP84WAwAAQHmqqqo66WP+s+nzfbftTgEAU5Ff/6skLz/39S///tafZqk/arVarVZPoW6qxrvfLCJio3mb+j2Dw/EAcMZsxCdtd4EWyb9o/Yh4rO1OADOt03YHOBVb2+urnZRvp/l6sLzbns8F2Zf/Rufh9R2TpgcZPcdkWo+vzejFUxP6szClPsySnH93NP/ru+3DtN5p5z8tk/If7l76VJycf280/xHnJ//u2PxLlfPvHyn/nvwBAAAAAGCG5f//X2r5+O/c8TflUD7t+O/ylPoAAAAAAAAAACftuOP/PXSi4//1Xpu0nvH/AAAA4Ojqz+q1Xz2xt2zSd7HVy9/uRDw+sj5QmHSxzGLb/QAAAAAAAAAAAACAkvR3z+F9uxMxiIjHFxerqqp/mkbrozru7c+60rcfijPYm237SR4AAHZ9/MTItfydiPmIeDt9199gcXGxquYXFqvFamEuv58dzs1XC43PtXlaL5sbHuK9cX9Y1b9svnG7poM+Lx/UPvr76vsaVr1DdOyEDNJfc0JzS2EDQLL7arTlFemcqaonJ735gH3s/+fQUiy1/bhi9rX9MAUAAABOX1VVVSd9nfez6Zh/t+1OAQBTkV//R48LHKvuTmiPOJnfr1ar1ee47s9Yf9Tnq26qxrvfLCJio3mb+j2D4fgB4IzZiE/a7gItkn/R+hHxTNudAGZap+0OcCq2ttdXOynfTvP1II3vns8F2Zf/Rmfndvn246YHGT3HZFqPr83oxVMT+vP0lPowS3L+3dH8r++2D9N6p53/tEzKf7hzyVx5cv690fxHnJ/8u2PzL1XOv3+k/HvyBwAAAACAGZb//3+p6OO/rmAAAAAAAAAA4Gzb2l5fzde95uP/nxmznus/z6ecf+eo+S+kefmfaTn/7kj+XxxZr9eYf/Dm3v7/z+311d/e/cf/5+lh85/LM530yOqkR0Qn3VOnn6bH2bpHbQ56w/qeBp1ur59Oc6oG78bNuBVrcWnfut3099hrX9nXXvd0sK/98r72/iPtV/a1D9L3DlQLuf1CrMaP4la8s9Net80dsP3zB7RXB7Tn/Hue/4uU8+83fur8F1N7Z2Rae/BR95H9vjkddz9v3Pzszy+d/uYcaDN6D7etqd6+51voz87f5LFh/OTO2u0L927cvXt7JdJk39LLkSYnLOc/2PmZ23v+f2G3PT/vN/fXBx8Nj5z/rNiM/sT8X2jM19v70pT71oac/zD95PzfSe3j9/+znP/k/f/lFvoDAAAAAAAAAAAAAAAAn6aqqp1LRN+IiKvp+p+2rs0EAKYrv/5XSV6uVhddx9Js9UetVqtPqG6qxnu9WUTEn5u3qd8z/GzcLwMAZtl/IuJvbXeC1si/YPn7/urpi213BpiqOx98+IMbt26t3b7Tdk8AAAAAAAAAgP9VHv9zuTH+84sRsTSy3r7xX9+M5eOO/9nPMw8HGD3hgb4n2OwOe93GcOPPxc743Bcmjf/9fDw6/nceE7fX3I4JBge0Dw9onzugfX7s0r20xl7o0ZDzf64x3nmd/7Mjw6+XMP7r6Jj3Jcj5P994PNf5f2FkvWb+1a9nLv+Nw664Gd19+V+8+/6PL9754MNXbr5/472199Z+eGVl5dKVq1evXbt28d2bt9Yu7f57Or2eATn/PPa180DLkvPPmcu/LDn/z6Va/mXJ+X8+1fIvS84/v9+Tf1ly/vmzj/zLkvN/KdXyL0vO/0upln9ZtrbX5+r8X061/MuS9/8vp1r+Zcn5v5Jq+Zcl538h1fIvS87/YqoPkb+vhz9Hcv75CJf9vyw5/5VUy78sOf/LqZZ/WXL+V1It/7Lk/F9NtfzLkvP/SqrlX5ac/9VUy78sOf+vplr+Zcn5X0u1/MuS8/9aquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/zdTLf+y5Py/lWr5lyXn/3qq5V+Wve//N2PGjJk80/YzEwAAAAAAAAAAAAAwahqnE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBfduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkeuu7wB+Zi/22kmIgRCc1MDaMcY4m+z6El9oXUy4NkApkFDoBdv1rs2Cb3jtEiiSTQMlEkZFFRXpQ1tAqI1UVVgVD7RKaR6qXp6a9oG+VLSVkBpVIQqoSG1Fs9Wc8///d2Z2dmbWO17PnvP5SMlvd+bMnDNnzszud9ffPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Gjrm2c+X8uyrP5f/r9NWXZr/eMN45vyy95ws7cQAAAAWKn/y///wu3pgiM93Khhmb999T98a35+fj774PDvjn55fj5dMZ5lo+uzLL8uuvbvH6o1LhM8lo3Vhho+H+qy+uEu1490uX60y/Xruly/vsv1Y12uX7QDFtlQ/Dwmv7Pt+Yebil2a3ZGN5tdtb3Orx2rrh4biz3Jytfw286Mns9nsdDaTTTUtXyxby5d/amt9Xe/I4rqGGta1pX6E/PDTJ+I21MI+3t60roX7jH7wpmz8Rz/89Ik/uvjcXe1m193QdH/Fdu7cVt/Oz4ZLim2tZevTPonbOdSwnVvaPCfDTdtZy29X/7h1O1/ocTuHFzZzVbU+52PZUP7xM/l+Gmn8sV7aT1vCZf99T5ZlVxY2u3WZRevKhrKNTZcMLTw/Y8URWb+P+qH0smxkWcfp1h6O0/qc3t58nLa+JuLzvzXcbmSJbWh8mn7wmXWLnvflHqdR/VEv9VppPQb7/VoZlGMwHhfP5A/68bbH4Pbw+D+9Y+ljsO2x0+YYTI+74Rjc1u0YHFo3nG9zehJq+W0WjsHdTcsP52uq5fPZHZ2PwcmLZ85Pzn3yU/fNnjl+aubUzNm9u3dP7d2//+DBg5MnZ0/PTBX/v869Pfg2ZkPpNbAt7Lv4Gnhdy7KNh+r81/r3Ohzr8Drc1LJsv1+HI60PrrY6L8jFx3Tx2ni4vtPHrg5lS7zG8udn18pfh+lxN7wORxpeh22/prR5HY708DqsL3N+V2/fs4w0/NduG27U14JNDcdg6/cjrcdgv78fGZRjcCwcF/+ya+mvBVvC9j4+sdzvR4YXHYPp4Yb3nvol6fv9sYP5aHdc3l2/4pZ12aW5mQv3P3r84sULu7MwVsXLG46V1uN1Y8NjyhYdr0PLPl6PzL768bvbXL4p7Kux++r/G1vyuaovs+/+zs9V/tWt/f5sunRPFkafrfb+bPfVvL4/U5bssD/ry3x2cuXfi6dc2vD+O7rE+2/M/S8W60t39djw6Ejx+h1Oe2e06f24+akayd+7avm6X5js7f14NPy32u/Hd3R4P97csmy/349HWx9cfD+udftpx8q0Pp9j4Tg5PdX5/bi+zOY9yz0mRzq+H98TZi3s/9eHpJByUcOxs9Rxm9Y1MjIaHtdIXEPzcbq3afnRkM3q63pyz/UdpzvvKe5rOD26Bat1nI63LNvv4zS9Xy11nNa6/fTt+rQ+n2PhuLhjb+fjtL7M0/tW/t65IX7Y8N65rtsxODq8rr7No+kgLN7v5zfEY/D+7ER2LjudTefXrsuPp1q+rokHejsG14X/Vvu9cnOHY3Bny7L9PgbT17Gljr3ayOIH3wetz+dYOC6eeKDzMVhf5i0H+vu9685wSVqm4XvX1p+vLfUzr7tbdtON/JlXfTv/+kDnn83Wlzl9cLk5s/N+ujdcckub/dT6+l3qNTWdrc5+2hy287mDS++n+vbUl/nyoR6PpyNZll3++IP5z3vD71f+7NJ3v9X0e5d2v9O5/PEHn7/t5N8sZ/sBWPteLMbG4mtdw2+mevn9PwAAALAmxNw/FGYi/wMAAEBpxNwf/1V4Iv8DAABAacTcPxJmUpH8v/ktz82+eDlLzfz5IF6fdsNDxXKx4zoVPh+fX1C//MFvzPz4Ly73tu6hLMt+8tBvtF1+80NxuwrjYTuvvbX58sU3vNzT+o89srBcY3/9q+H+4+Pp9TBoV8GdyrLsqdu/mK9n/ENX8/n0Q8fy+b4rjz9WX+aFQ8Xn8fbPvrxY/vdD+ffIyeNNt3827Ifvhzn1zvb7I97um1dfv+XABxbWF29X2/aS/GE/8eHifuPfyfnSY8XycT8vtf1/+YUnv1lf/tHXtt/+y0Ptt//JcL/fCPN/XlUs3/gc1D+Pt/tc2P64vni7+7/+nbbbf+3zxfLn31YsdyzMuP6d4fPtb3tutnF/PVo73vS4srcXy8X1T333t/Pr4/3F+2/d/rGjV5v2R+vx8fQ/Ffcz2bJ8vDyuJ/rzlvXX76fx+Izrf/K3jjXt527rv/a+Z19Vv9/W9d/bstxwy+1b/2LTH3zui23XF7fnyJ+eb3o8R94bXsdh/U98OByP4fr/vfbFpvVGx97b/P4Tl//qpstNjyd6x4+K9V9746l8/sf4j3/vlltve8mV19T3XZY98/7i/rqt/9Qfnmva/q/duSt/PuL1saPfuv6lxPVf+MTE2XNzl2anG/Zq/rdz3lVsz/qxDRvr23t7eG9t/fzouYsfmbkwPjU+lWXj5f0Tetft62E+X4wry739rkfC83n3V57auOMfvxAv/+eHi8uvvrP4uvW6sNyXwuWbiudvvrbC9T+x9c789V17uvi8qcfeB1u2/+fBnhYMj7/1+4J4vJ9/xUfy/VC/Lv+6EV/XK9z+700X9/PtsF/nw19m3nbnwvoal49/G+Hq+4vX+4r3X3ibi8/rH4fn+93fL+4/bld8vN8L38d8Z3Pz+108Pr59eaj1/vO/4nElvJ9kV4rr41Jxf1994c62mxf/Dkl25a78899J93PXsh7mUuY+OTd5evbspUcnL87MXZyc++Snjp45d+nsxaP53/I8+tFut194f9qYvz9Nz+zfl01tyLLsXDa1Cm9YN2b76x/1tv3nHzkxfWBqx/TMyeOXTl585PzMhVMn5uZOzEzP7Th+8uTMJ7rdfnb68O49h/Ye2DNxanb68MFDh/Yempg9e66+GcVGdbF/6mMTZy8czW8yd3jfod0PPLBvauLMuemZwwempiYudbt9/rVpon7rX5+4MHP6+MXZMzMTc7Ofmjm8+9D+/Xu6/jXAM+dPzo1PXrh0dvLS3MyFyeKxjF/ML65/7et2e8pp7l+L72db1Yo/xJe959796e+z1n3jM0veVbFIyx8QfS78LZq/f+n5g718HnP/aJhJRfI/AAAAVEHM/evCTOR/AAAAKI2Y+9eHmcj/AAAAUBox94+FmVQk/+v/6//31v8vrtf/r1b///zHi17pWu//x/68/n813OT+/4rXr/+v/1++/n/v/fm1vv36//r/LDZo/f+Y+zdkWSXzPwAAAFRBzP0bw0zkfwAAACiNmPtvCTOR/wEAAKA0Yu6/NcykIvlf/7+n/v+eboWr8vf/nf9f/z9bm/3/+OTo/1fGsvv3H3i46VP9/0D/X/9f/1//X/+fFRtd8pqb1f+Puf+2MJOK5H8AAACogpj7XxJmIv8DAABAacTcf3uYifwPAAAApRFz/6Ywk4rkf/1/5//X/9f/L3X/f6Xn/2/YGP3/tcH5/zvT/+/iuvv/Y/r/a7H/P9rf7R/s/n/Xzdf/54YYtPP/x9z/0jCTiuR/AAAAqIKY+18WZiL/AwAAQGnE3P/yMBP5HwAAAEoj5v47wkwqkv/1//X/B6v//5X76nte/7+g/1+4qf3/juf/Lz7S/x8s+v+d6f934fz/1er/93n7B7v/3+/z/4++tfX2+v+0M2j9/5j7XxFmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDDOR/wEAAKA0Yu7fHGZSkfyv/6//P1j9f+f/1/9fS/3/gv7/YNH/70z/vwv9f/1//f/e+v9tvvnV/6edQev/x9x/V5hJRfI/AAAAVEHM/XeHmcj/AAAAUBox9/9UmIn8DwAAAKURc/+WMJOK5H/9f/1//f9q9f/vXaf/r/9fbvr/nen/d6H/r/+v/9/j+f8XW07/f323O6M0Bq3/H3P/q8JMKpL/AQAAoApi7n91mIn8DwAAAKURc/9rwkzkfwAAACiNmPvHw0wqkv/1/8vV//+Tv3riNZn+v/5/l/WXtP8fDwP9/4rT/+9M/78L/X/9f/3/Ven/Ux2D1v+PuX9rmElF8j8AAABUQcz928JM5H8AAAAojZj77wkzkf8BAACgNGLu3x5mUpH8r/9frv5/pP+v/99p/SXt/yf6/9Wm/99Gw4tU/78L/X/9/8r3/+N3v/r/9Meg9f9j7n9tmElF8j8AAABUQcz9O8JM5H8AAAAojZj7XxdmIv8DAABAacTcvzPMpCL5X/9f/1//X/9f/7/9+vX/1yb9/86W2/9fp/+v/6//X7H+v/P/0183v/9ffOcWP4+5//VhJhXJ/wAAAFAFMffvCjOR/wEAAKA04r/fLP7dq/wPAAAAZRRz/0SYSUXyv/6//n+V+v81/X/9f/3/0tP/78z5/7vQ/9f/1//X/6evbn7/v/nzmPvvCzOpSP4HAACAKoi5//4wE/kfAAAASiPm/skwE/kfAAAASiPm/qkwkzz/j96krVo9+v/6/1Xq/zv/v/6//n/56f93pv/fhf6//n/Z+v9Zpv/PTTVo/f+Y+3eHmfj9PwAAAJRGzP17wkzkfwAAACiNmPv3hpnI/wAAAFAaMffvCzOpSP7X/9f/1//X/9f/b79+/f+1Sf+/M/3/LvT/9f/L1v93/n9uskHr/8fc/0CYSUXyPwAAAFRBzP37w0zkfwAAACiNmPsPhJmE/N/u33UDAAAAa0vM/QfDTCry+3/9/5L0/3/z75rWrf+v/99p/f3p/2/Q/w9T/3+wLPTv8+O1LP3/1pfFddP/70L/X/9f/1//n74atP5/zP2Hwkwqkv8BAACgCmLuf0OYifwPAAAApRFz/0+Hmcj/AAAAUBox9/9MmElF8r/+f0n6/y30//X/O63f+f/72P+fybJM/3+gOP9/Z6Xq/w/p/+v/D9b26//r/7PYje//x4966//H3H84zKQi+R8AAACqIOb+nw0zkf8BAACgNGLuf2OYifwPAAAApRFz/5Ewk4rkf/1//X/9f/3/G9P/f2PWahD7//WDx/n/y0X/v7NS9f+d/1//f8C2X/9f/5/FBu38/zH3vynMpCL5HwAAAKog5v4Hw0zkfwAAACiNmPvfHGYi/wMAAEBpxNz/ljCTiuR//X/9f/1//X/n/2+/fv3/tUn/vzP9/y70//X/9f/1/+mrQev/x9z/1jCTiuR/AAAAqIKY+98WZiL/AwAAQGnE3P/2MBP5HwAAAEoj5v53hJlUJP/r/+v/6//r/+v/t19/r/3/7N/0/wdJhfv/o70spP/fhf6//r/+v/4/fTVo/f+Y+38uzKQi+R8AAACqIOb+h8JM5H8AAAAojZj73xlmIv8DAABAacTc/64wk4rkf/1//X/9f/1//f/263f+/7Wpwv3/nuj/d6H/r/+v/6//T18NWv8/5v53h5lUJP8DAABAFcTc//NhJvI/AAAAlEbM/e8JM5H/AQAAYHC1K2J3EHP/L4SZVCT/6//r/w9W/3/+cuPt9P/1/7N+9f/rN9L/rwT9/870/7to0/9fr/+v/6//r//PdRu0/n/M/e8NM6lI/gcAAIAqiLn/fWEm8j8AAACURsz97w8zkf8BAACgNGLufzjMpCL5X/+/kv3/9JAHr//v/P/6/87/r/+/Mvr/nen/d+H8/33qz9+q/6//r/9PbtD6/zH3PxJmUpH8DwAAAFUQc/8HwkzkfwAAACiNmPt/McxE/gcAAIDSiLn/g2EmFcn/+v+V7P8P8Pn/y9b/H2k6PqrU/x9reD7Tcan/r/+/CvT/O9P/70L/f22e/39sMLb/hvf/w9G8YYnb6/8ziAat/x9z/4fCTCqS/wEAAKAKYu7/pTAT+R8AAABKIyb+X276TP4HAACAMom5/1fCTCqS//X/9f/1/53/3/n/269f/39t0v/vTP+/i772/0f1/53/3/n/9f8rb9D6/zH3/2qYyZLB7/n/6uFhAgAAAAMk5v4Ph5lU5Pf/AAAAUAUx9x8NM5H/AQAAoDRi7j8WZlKR/K//39r/j2dU1f/X/9f/1/8flP5/3EL9/170r///ytuyTP9f/9/5//X/9f/1/1mJQev/x9x/PMykIvkfAAAAqiDm/l8LM5H/AQAAoDRi7j8RZiL/AwAAQGnE3D8dZlKR/H8T+/+jg9n/d/7/6+3//0T/X/8/0P9vz/n/V4fz/3em/9+F/r/+v/6//j99NWj9/5j7Z8JMKpL/AQAAoMTSj4Nj7j8ZZiL/AwAAQGnE3H8qzET+BwAAgNKIuf8jYSYVyf/O/6//7/z/N6P/P9K0vP5/Qf9f/78f9P870//vQv9f/1//X/+fvhq0/n/M/bNhJhXJ/wAAAFAFMfd/NMxE/gcAAIDSiLn/Y2Em8j8AAACURsz9p8NMKpL/O/X/T4zq/+v/l7//X8uyK87/r//fbv36/2uT/n9n+v9d6P/r/+v/6//TV4PW/4+5/0yYSUXyPwDA/7N3H0+WXFUex580areaWc+KNSuWsBJ/Alt2RLDGC28k4T0I740Q3nsPEt57b4VHeBBWENGEqs45XeZVZnVXVr3Mez+fzZnuUE+9RiVmfjTfuADQg9z9945b7H8AAABoRu7++8Qt9j8AAAA0I3f/feOWTva/9//1/733/6uNvP+/+6/X/2/T/+v/p7Cvv79i/V93UBR+YP9/pztfdQ/9v/5/mv7/TP1Y/z+pTX9+/b/+n/3m1v/n7r9f3NLJ/gcAAIAe5O6/f9xi/wMAAEAzcvc/IG6x/wEAAKAZufuvils62f9d9/9nL3yOpP/X/2/9RM/9/436f/3/snn/f5j+f4T3//X/+n/9P5OaW/+fu/+BcUsn+x8AAAB6kLv/QXGL/Q8AAADNyN3/4LjF/gcAAIBm5O5/SNzSyf7vuv/3/r/+Pyyj/z/t/f89vx/9v/5/Hf3/MP3/CP2//l//r/9nUnPr/3P3PzRu6WT/AwAAQA9y9z8sbrH/AQAAoBm5+x8et9j/AAAA0Izc/Y+IWzrZ//p//f+m+v/8p03/P7P3//X/+v+Fu3514d8T9P/76f9HjPT/q5X+f8ih+/n1v73lfP4D6P/1/+w3t/4/d/8j45a7rlanL/U3CQAAAMxK7v5HxS2d/Pk/AAAA9CB3/9Vxi/0PAAAAzcjdf03c0sn+1//r/73/r//X/6//+vr/ZfL+/7Cj9/93/L973bPf/t/7/8O8/z91/3/7d4b+n2WbW/+fu//auKWT/Q8AAAA9yN3/6LjF/gcAAIBm5O5/TNxi/wMAAEAzcvc/Nm7pZP/r/1vr//9n16/b0f9v1S76f/2//l//3zr9/zDv/4/Y+re5c/VD/b/+3/v/O/v/4dfR9f+sM7f+P3f/4+KWTvY/AAAA9CB3/+PjFvsfAAAAmpG7/wlxi/0PAAAAzcjd/8S4pZP9fzL9//ogX//v/X/9v/5f/6//n5r+f5j+f0Qr7/9f4nfNpvv5o9r052+w/8/g3/v/XLK59f+5+58Ut3Sy/wEAAKAHufufHLfY/wAAANCM3P1PiVvsfwAAAGhG7v6nxi2d7H/v/+v/l9H/51fQ/+v/j7//T/r/ZdL/D9P/j2il/79Em+7nl/75G+z/97z/P0z/zzpz6/9z9z8tbulk/wMAAEAPcvc/PW6x/wEAAKAZufufEbfY/wAAANCM3P3PjFs62f/6f/3/Mvp/7//r/73/r/8/HP3/MP3/CP2//l//r/9nUnPr/3P3Xxe3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/c+OW+x/AAAAaEbu/ufELZ3sf/2//l//r//X/6//+vr/ZdL/D9P/j9D/6//1//p/JjWj/n/Hrzq7em7c0sn+BwAAgB7k7n9e3GL/AwAAQDNy9z8/brH/AQAAoBm5+18Qt3Sy//X/s+n/t3K+tvr/c6vVSv+/6rT/P7fj72d9X+r/9f8nQP8/7OL7/1tu2P7O3ab/1/8P0f/r//X/7DWj/n/rx7n7Xxi3dLL/AQAAoAe5+18Ut9j/AAAA0Izc/S+OW+x/AAAAaEbu/pfELZ3sf/3/bPr/LW31/97/3/v9sYj+/ybv/+v/l03/P8z7/yP0//p//b/+n0nNrf/P3f/SuOn0qUv+LQIAAAAzk7v/ZXFLJ3/+DwAAAD3I3f/yuMX+BwAAgIW6bt/P5O5/RdzSyf7X/0/b/5/e8XP6f/3/3u+PRfT/E73/r//fT/9/MvT/w/T/I/T/+n/9v/6fSc2t/8/d/8q4pZP9DwAAAD3I3X993GL/AwAAQDNy978qbrH/AQAAoBm5+2+IWzrZ//p/7//r//X/+v/1X1//v0z6/2H6/xH6/+rn///caqX/P/H+/8yF/1H/Txsuov8/f/781cfe/+fuf3Xc0sn+BwAAgB7k7n9N3GL/AwAAQDNy9782brH/AQAAoBm5+18Xt3Sy//X/nfb/+a2+rP7/mtVK/6//1//r/4fp/4fp/0fo/73/7/1//T+Tmtv7/7n7Xx+3dLL/AQAAoAe5+98Qt9j/AAAA0Izc/W+MW+x/AAAAaEbu/jfFLZ3sf/1/p/2/9//1//r/k+7/b1vp/0/EIvr/cwd//bn3/9fOtv8/o/+fwKb7+cV9/rvdZdcP9f/6f/abW/+fu//NcUsn+x8AAAB6kLv/LXGL/Q8AAADNyN3/1rjF/gcAAIBm5O5/W9x0RSf7X/+v/9f/6//1/+u//gm//396tVrp/yewiP5/wNz7/2ne/9/7T/kF3v/X/y/58+v/9f/sN7f+P3f/2+OWTvY/AAAA9CB3/zviFvsfAAAAmpG7/51xi/0PAAAAzcjd/664pZP9r//X/+v/p+v/Lzvg+0H/H98Pm+r/r11E/+/9/4no/4fNo/8/mP5f/7/kz6//1/9zeJvq/3P3vztu6WT/AwAAQA9y978nbrH/AQAAoBm5+98bt9j/AAAA0Izc/e+LWzrZ//p//f/F9P/5OfX/bb3/f2Z2/f/ZXf/7Onn/X/8/Ef3/MP3/CP2//l//f53+nynN7f3/3P3vj1s62f8AAADQg9z9H4hb/9Gt/Q8AAADNyN3/wbjF/gcAAIBm5O7/UNzSyf7X/+v/vf+v/2/+/X/9f1f0/8P0/yP0/8fQz9/+qfX/C+r/vf/PpObW/+fu/3Dc0sn+BwAAgB7k7v9I3GL/AwAAQDNy9380brH/AQAAoBm5+2+MWzrZ//p//b/+X/+v/9/+e6j/b4P+f9jJ9P/n9P/6/+rnL4t/CvT/+v+xX0+b5tb/5+6/KW7pZP8DAABAD3L3fyxusf8BAACgGbn7Px632P8AAACwSFes+bnc/Z+IWzrZ//p//b/+X/+v/1//9fX/y7SR/j+/KfT/3v8P/fT/d9j1o6P28yf9+ff+3y/9v/6f6c2t/8/d/8m4pZP9DwAAAD3I3f+puMX+BwAAgGbk7v903GL/AwAAQDNy938mbulk/+v/l9H/53em/l//r//X/+v/h3n/f5j+f4T+f6Pv5y/98+v/9f/sN7f+P3f/Z+OWTvY/AAAAtO2yrf9MPnf/5+IW+x8AAACakbv/83GL/Q8AAADN2Nr9GZd1uP/1/8vo/73/r//X/+v/9f+Ho/8fpv8fof/X/+v/9f9Mam79/xe2ftXZ1Rfjlk72PwAAAPQgd/+X4hb7HwAAAGbp4P+qwMFy9385brH/AQAAoBm5+78St3Sy//X/+v9l9P/nz5+/Wv+v/9/9+7nQ/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7X/8+g/z+r//f+v/5/5f1//f9E9P/D9P8jWuz/zx7+t7/pfv6oNv359f/6f/abW/+fu/+bcUsn+x8AAAB6kLv/W3GL/Q8AAADNyN3/7bjF/gcAAIBm5O7/TtzSyf7X/59c/3/7v3a9vP9/brX+8+v/9f/6f/3/cdP/D9P/j2ix/78Im+7nl/759f/6f/Y7VP9/6sLPH3f/n7v/u3HL7uF36mJ+jwAAAMC85O7/XtzSyZ//AwAAQA9y938/brH/AQAAoBm5+38Qt3Sy//X/M3j/v8H+3/v/678/9P+z7v8v1/+3Qf8/TP8/Qv+v/9f/T9T/53ez/r93h+r/d/z/d8fd/+fu/2Hc0sn+BwAAgB7k7v9R3GL/AwAAQDNy9/84brH/AQAAoBm5+2+OW3bs/3Vtdyv0//p//b/+X/+//uvr/5dJ/z/ssP3/mdXR+v+k/9f/6/977f+9/8+2ufX/uft/Erf4838AAABYnFMH/Hzu/p/GLfY/AAAANCN3/8/iFvsfAAAAmpG7/+dxy62Xb+ojnSj9v/5f/6//1/+v//r6/2XS/w/z/v8I/f8U/fyV+v82+v/VSv/P0c2t/8/d/4u4xZ//AwAAQDNy9/8ybrH/AQAAoBm5+38Vt9j/AAAA0Izc/b+OWzrZ//p//f8R+/+tNFP/v03/v03/v57+/2To/4fp/0fo/73/r//3/j+Tmlv/n7v/lrilk/0PAAAAPcjd/5u4xf4HAACAZuTu/23cYv8DAABAM3L3/y5u6WT/b6z/j3+pt/v/K/d/Lv3/lgX0/97/1//r//X/s6L/H6b/H6H/1//r//X/TGpu/X/u/t/HLZ3sfwAAAOhB7v4/xC32PwAAADQjd/8f4xb7HwAAAJqRu/9PcUsn+9/7/0ft/7cDFf3/7s+v/99N/x/fD/p//f8J0P8P0/+vV3+j9P/6f/2//p9Jza3/z93/57ilk/0PAAAAPcjd/5e4xf4HAACAZuTuvzVusf8BAACgGbn7/xq3dLL/9f/e/9f/6//1/+u/vv5/mfT/wzbZ/9/9f8e/rPf/N97/50fQ/+v/9f9MYm79f+7+v8Utnex/AAAA6EHu/r/HLfY/AAAANCN3/z/iFvsfAAAAmpG7/59xSyf7f6T/P1N/of5/kP5/9+fX/6///tD/6//1/8dP/z/M+/8j9P/e/9f/6/+Z1Nz6/9z9/4pbOtn/AAAA0IPc/bfFLfY/AAAANCN3/7/jFvsfAAAAmpG7/z9xSyf73/v/S+r/r9T/6//1//p//f8I/f8w/f8I/b/+X/+v/2dSc+v/c/f/NwAA//+naUC1")
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
creat(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f00000004c0)='./bus/file0\x00', r1, &(0x7f0000000500)='./file0\x00', 0x0)

5.872125079s ago: executing program 3 (id=2425):
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008412, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x26e1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0xdf)
fallocate(r1, 0x3, 0x0, 0x404042bbe)
fallocate(r0, 0x3, 0x800000, 0x8000c62)

5.3233212s ago: executing program 1 (id=2433):
r0 = socket$tipc(0x1e, 0x5, 0x0)
ppoll(&(0x7f0000000580)=[{r0}], 0x1, &(0x7f00000022c0), 0x0, 0x0)

5.262711621s ago: executing program 1 (id=2435):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000800)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x541b, 0x0)

5.145456353s ago: executing program 1 (id=2437):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@null, 0x0, 'ip6gre0\x00'})

5.126632755s ago: executing program 2 (id=2438):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000001380)=ANY=[@ANYBLOB="850000002f000000350000000000ba00850000000500000095000000000000004cf12aa56c5e0cd90200f81f06a9cf64f5e0a141d524581835d8050864d20000000201000000fa22beb5cf918d4aec7520ea98165b61a3cf5fc6dd8442230e7953f91136aa1f7035175135230163cf09494997cbe5158a10861aaa1c8fee9ed0f9dce435554bc34e6bdea4217ce4a98af8ad0887c697acd962000000ff00e34f0a9c13ecee6156c599c7b293de001967bfb3fe241454a040803f668ce021879c820f9b80fe2338a89411b532b18ac1440000000000000000000000000000004daac70ad892dd079b9f63dde2433e41f4d71400000000000000000f0fbd15749c9a0c1e2a4049511e7ff5879e84b281d255e395a6f482ed7f2ba2938be9307c2cfee9a1bceb2b1501e5bce949355afa81b792c93ca734d05d8f4a21b16c5bd3d56a5f23431ddbe12276afe9f1efdbfba4061b6761edcb29bd9c617ca54b2062f6f4e1aec4adb05076021c71433c163dca68dc8b3966d89f3545b1fc7d24cf5f61ed50fa7379d0f697755b515a243da6b85778f2eb6ff2402e532e9d2be22da411b831a0e17281a833dabdca067a1cbce5458ee6bd105c581b21ba19bda17a4fcd7face7bcaea5123f6625116a1264d2546a6101bf089aa2f5eeabe7dc69cf283db0ee420543241a46a70221c5a1e6ac41b7702f2cacba94bf"], &(0x7f0000000140)='GPL\x00', 0x0, 0x27, &(0x7f00000004c0)=""/153}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0xfffffffffffffd85, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x739d}, 0x28)

4.962882022s ago: executing program 1 (id=2440):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd\x00')
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=<r3=>r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x48)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, 0x0)
futex(0x0, 0x6, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000300), &(0x7f00000003c0)='./file0\x00', 0x10020, &(0x7f0000000180)=ANY=[@ANYRESDEC=r3, @ANYRESDEC=r4, @ANYRES64=r5, @ANYRES16=r3], 0x1, 0x554b, &(0x7f00000075c0)="$eJzs3E1vG1UXAODjpGn69faNEAt2HalCSqTaqtMPwa5AKz5Eq6rAghU4tmu5tT1R7LqhKxYsEQsW/A8EEiuW/AYWrNkhFiB2SCDPHUNTQKLUidPkeaTxmbm+c+ZcK0p0ZiIHcGitZL/8VInTcTwiFiPiVESxXym3wpUUnouIMxGx8NBWKcf/GDgaESci4nQcm55eKd/69Nz47KUf3/j562+Xj5z8/Kvv5rJgYF94PiL6m2n/fj/FvJPinXK8Me4WsX9xXMb0Rv9ueZyneL+9UWS435jOaxTxQifNzzfvDSfxdq/RnMRO93YxvjlIFxyOO9M8xQl3GlvFcau9UcTuMC9i50Gqa/tB+n35YDhKeVplvg+K9DEaTWMab2+303o27xaxORiV4ylv3mpvT+K4jOXlopn3WkUdG0/ySe9vb3YH97azcXtr2M0H2aVa/YVa/XK1vpW32qP2xWqj37p8MVvt9CbTqqN2o3+lk+edXrvWzPtr2Wqn2azW69nq1fZGtzHI6vXahdr56qW1cu9c9uqNd7JeK1udxJe7g3ujbm+Y3c63snTGWrZeu/DiWna2nr11/WZ289a1a9dvvv3e1XdvvHT99VfKSX8pK1tdP7++Xq1P/t6tHaL1f1QWPV3/+ep6/QnXD0+k8njTl3erDoCnyC72/xErKaf+H3jU7vX/W7cidr//D/3/TDxV/e+j/X/qf2ufHe71w/w8Zv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDB8f3SF68VOyvp+GQ5/r9y6JnyuBIRCxHx299YjKM7ci6WeZb+Yf7SIzV8U4kiw+Qay+V2IiKulNuv/9/tTwEAAAAOri8/PPNJ6tbTy8q8C2IvpZs2C6fen1G+SkQsrfwwo2wLk5dnZ5Ss+Pk+EtszylbcwDo2o2TpltuRWWX7VxZ3hGMPhUoKC3taDgAAsCd2dgJ724UAAACwlz6edwHMRyWmjzKnz4KL/7z/84Hg8R1HAAAAwDwt/7fTKrOuAwAAANh3iv7f9/8BAADAwZa+/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535ylQbiOID/2lJB0UiMSxOPojs4hkdw6ZJwAC/BEfAKXoAz4M4jGDDtVCIvPPJI//Dey+eTtMOU9ssMgcXMJAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD06Ve5WfxYfvzeNmd/aKeb3gAAAADn7MrNon4xS/Vpc/1Nc+ldU88iIo+Ic2P3Il6cZBYR8SEiynvuL++04WdEnVB9xrg5XkXE5+b487bvbwEAAACer+1qPU+j9XSa3bpBDClN2uSvv3SUl0VEOfvdUVpe5b2/4oHlpTer3/covrVvVq2ewJp0FJam3EZdpT1I/Xc/ztpN/iuyVOSXn++s7wAAwICKk2LYUQgAAABD+lqdPt26FbRXXHd7Fv+WMo9LgeNUNMt7L09qAAAAwBOU3boBAAAAQO/q8X9f+/9N7f8HAAAAj0La/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA+7crNYrtaz9vm7A/tdNMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT+/GRDDUBRH78xk/n2r7H+xdUl1CVXOIfzkSXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANzI/4jHOme8GluSkeTZePd6Jvl01Ph21Pj1wVwfjnnhRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACws3PvvHFUUQCAz+7sbJwAYjHIhREiEgU0xNmEhHSIAmRR8BOQLGcTTDY8EhckikBu6JDrNAhKhJBApst/SJ1IaUKXwkWQqI3mZY8fEsvDM5v4+6Q798x4PPfcWdny2TteAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhl892dOMk2gyLulsfuPb61nPX39/SZO+sP5rOWxZ0mk34yvFLf6czVdmaaTwYAAICjIanq+4h4mG4sZn13kNf/aXVOVvN//1wRV/X83rq/6qvaP2u//frope2BBsU42UUvrYxHp/en0ju8WU635//2jF5+5/P3XpL8Bel+sPbiZprfz863d+++18/DY01kCwD8G6eqvgyqv4eyfthmYgAcGb1a4V3V/8mg3ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmrC5Fs9UcSci5ns7ceb+41vLB/V31h/MV+387dvr9Wtml0gj4tLKeHQ6ZhqczXS7fuPmlaXxeHSt+eDViGhr9HfK6V/5aN+X0n1HIg4pjZMt3fkjFnTLF3ta8jnkIPl/fqhb/KUEAMBTKS1bVtc/TDcWs2Od2YitH3bX/6/X4piw/n/08fl79bHq9f+wsRlOv4XVq58vXL9x882Vq0uXR5dHn751Zvj28OyFc+cuLOTvlRTbttMEAADgSbNV+Doi+mWr1//d2f3r/ydqcUxY/3/x3fCr+rCJ+v9AO4t+bWcCAABwtL1w8s8/Ogcc7/T78eXS6uq1YbHd3j9TbFtI9R87VrZ6/Z/Mtp0VAAAA0ITNtc6u9f+LtTgmXP9/9seXf65fM4mI4+X6/6nlz8YXm5vOVPsP/yEcvQm/ve05AgAA0KytPQ8yHC9bff0/zZ//726f2Y2IN14r4vJjACeq/5P3v/mpPlb9+f+zhzzPadedK+5H3s9F9ObazggAAICn2UzeBnn9/3u6sfjJLyc+7Hv+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBpfwUAAP//XclEuA==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000a40)=@abs={0x1, 0x0, 0x4e22}, 0x6e)

4.569925133s ago: executing program 2 (id=2446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xae}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.431776942s ago: executing program 2 (id=2447):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0x0, "f81d36c1"}, @main=@item_4={0x3, 0x0, 0x0, "e24ba565"}]}}, 0x0}, 0x0)

4.37055084s ago: executing program 3 (id=2449):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ptrace$setopts(0x4206, 0x0, 0xfffffffffffffffd, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getresgid(&(0x7f0000000040), &(0x7f0000000180)=<r1=>0x0, &(0x7f00000016c0))
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007d40)=[{{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000440)}, {0x0}], 0x2, &(0x7f0000000a00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58, 0x4048080}}, {{&(0x7f0000000a80)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000003480)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r0]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x108, 0x8000}}, {{&(0x7f00000035c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f0000007ac0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38, 0x20000080}}, {{&(0x7f0000007b40)=@abs, 0x6e, 0x0, 0x0, &(0x7f0000007c80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r1}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x78, 0x8800}}], 0x4, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)

4.369427445s ago: executing program 4 (id=2450):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet(0x2, 0x3, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[], 0x1c)

4.093976418s ago: executing program 4 (id=2451):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000180)={0xb}, 0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f00000004c0)={[{@noinit_itable}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
quotactl$Q_GETFMT(0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000480)='./file1\x00', 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x350)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10001}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095000000000000007ff2a576ee34bbea53c906fa049eb3fd7f43d6ac065ee7"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
write$9p(r0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000008208500000072000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

3.971347293s ago: executing program 1 (id=2452):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'dummy0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCB={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000b00)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r3, &(0x7f00000002c0)={0x14, &(0x7f0000000140)={0x40, 0x3, 0xd, {0xd, 0x5, "5c04b92d8ad199ca4d4d2e"}}, &(0x7f0000000200)={0x0, 0x3, 0x67, @string={0x67, 0x3, "b4a9a4c4d39e7e8f6b2f2d4facb9da629141d25988478236a003b88960eb8772c23c274f6c98071a5fa8a0289d81c7cc06a2bc0b7abb888a38c5bb1e808ad7afb530ef36de90afe04240b6ccaa3ca36ab06423a3d5fce8ced6ebd9a4693fadaa6db5de5695"}}, &(0x7f0000000180)={0x0, 0x22, 0xa, {[@local=@item_012={0x1, 0x2, 0x3, "b8"}, @global=@item_012={0x2, 0x1, 0xb, "d482"}, @global=@item_4={0x3, 0x1, 0x1, "0cec206e"}]}}, &(0x7f0000000280)={0x0, 0x21, 0x9, {0x9, 0x21, 0x2, 0x9, 0x1, {0x22, 0xe09}}}}, &(0x7f0000000580)={0x18, &(0x7f0000000300)={0x40, 0x16, 0xf4, "5175136ae042fc992a71da09da8b7db6ea2b46831abeaecbe8c5d8c0874cc9adb525b15ff7c054331c05168d4d5e7912791db91754aec092fa4be19ce1105e3b3815cb2036fcfef2aed4f24f4eeb48fc68d71fd2e74319c8332ff0cd902a430f2c1b279c6efcaac995bbabed54039c60c935de170d70c884f5f39ae28fabfd16a5109e09ea823b765aef6400f8ff3e38c98dc04e89fab6d8ca7f9db6ec5b2e2a27dfdc8ac44a119d04fe91def2586b487409e2072bf403012f539c02e428b1213bea2a9891e8f68ba454a08cf4b2ae568b905ba85f3f52d74326ebc33257fc99188534988006508d475fefb03cf66fdc05a8ca55"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0xe0}, &(0x7f0000000480)={0x20, 0x1, 0x82, "33aeebe3675c20bbd8ca9ecf848e9a71d2ff17267044cb1e1eeb6a3322b56783937012755a1c70661eb92b8ef49fa79b6056f17295c4c3eca634b333456502734a52189f568f33b316bc925cfb8709ec050ed7ede16979e971e9d0ccaba86bc73d8c900d12a45c94bdfd02608e24dfb8e9694d019904e60c81ad42d162a19609db3b"}, &(0x7f0000000540)={0x20, 0x3, 0x1, 0x99}})

2.971189251s ago: executing program 4 (id=2454):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo\x00')
fchdir(r0)
capset(0x0, &(0x7f0000000040))
creat(&(0x7f0000002080)='./file0\x00', 0x0)

2.88042788s ago: executing program 4 (id=2455):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a06fef8ffffff71a400fe000000007110bd00000000001d300200000000004704000001ed03040f030000000000001d440000000000006b0a04fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49"], 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000100), 0x20000000}, 0x20)

2.801812643s ago: executing program 4 (id=2456):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a10716, &(0x7f0000000580)={[{@prjquota}, {@mblk_io_submit}, {@grpjquota_path}, {@resuid}, {@prjquota}, {@usrjquota}, {@usrjquota}, {@inode_readahead_blks}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xff, 0x46d, &(0x7f0000001bc0)="$eJzs289vVEUcAPDve7sFBGUrIgqCVNGk8UdLCyoHE6PRxIMmJnrAY20LQRZqaE2ENFqNwaMh8W48mvgXePJk1JOJVzyaGBKixAT04pq3+17pLrullYXddD+fZGFm3+zMfPvevJ2d2Q1gYI1k/yQRd0fExYioNLLNBUYa/127sjj995XF6SRqtTf/SOrlrl5ZnK7litdty+scTSPST5O8kRhaWe382XMnp6rV2TN5fnzh1Hvj82fPPX3i1NTx2eOzpyePHDl8aOK5ZyefadPr3y6sN84svqt7Ppzbu/vVty+8Pn30wjs/fpP1d9e+xvEsjvXWeTMjWeB/Nv42rcce73ZjPfZv7XqcSbnXvWGtShFRzgfnxahEKa6fvEq88klPOwfcVtk9e3Pnw0s1YANLotc9AHqjeKPPPv8Wjzs09egLl19sfADK4r6WPxpHypE2Pho1L1x02UhEHF3658vsES3rELU26wYAALfqu2z+81S7+V8au1aU257vDQ1HxL0RsSMi7ouInRFxf0S97AMR8WCnhjpMokZa8jfOP9NL/zu4Ncjmf8/ne1vN87+0KDJcynP31OMfSo6dqM4ezP8mozG0OctPtKu8qOLlXz7v1P7K+V/2yNov5oJ5JZfKjQW6LcUzM1MLU92alF7+OGJPuV38yfJOQBIRuyNiz/qq3l4kTjzx9d5OhW4e/yq6sM9U+6qoZHEpWuIvJKvvT45vierswfHiqrjRTz+ff6NT+7cUfxdk539r8/XfUqLyV7Jyv3Z++cALa23j/K+fdfxMWV779b8su/43JW/V93Q35c99MLWwcGYiYlPyWj3f9Pzk9dcW+aJ8Fv/ogfbjf0f+miz+hyIiu4j3RcTDEbE/P3ePRMSjEXFglfh/eOmxdzsd64fzP9P2/rd8/Q83n//1J0onv/+2U/tru/8drqdG82fq97+b6Nyd4jbacjUDAADABpbWvxufpGPL6TQdG2t8h39nbE2rc/MLTx6be//0TOM79MMxlBYrXZUV66ETyVJeYyM/ma8VF8cP5evGX5TuqufHpueqMz2OHQbdtg7jP/N7qde9A247v9eCwdU6/tMe9QO487z/w+Ay/mFwGf8wuNqN/49a8vYCYCOqVXrdA6B3zP9hcBn/MLiMfxhIt/K7/tuVKK/y632JfklE2hfd6JvE/j4aTeUujO4e35gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD///Uk+Ss=")
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
open(&(0x7f00000000c0)='./bus\x00', 0x24142, 0x0)

2.72442901s ago: executing program 0 (id=2457):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
ftruncate(r0, 0xc17a)
fstat(r0, 0x0)

2.576420073s ago: executing program 0 (id=2458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xae}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.417392966s ago: executing program 0 (id=2459):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
removexattr(0x0, 0x0)

2.287248509s ago: executing program 0 (id=2460):
socket$inet(0x2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe2(&(0x7f0000000140), 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x111}}, 0x20)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0})
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

2.058615323s ago: executing program 0 (id=2461):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet(0x2, 0x3, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[], 0x1c)

2.000766546s ago: executing program 2 (id=2462):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
read$FUSE(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=@base={0x0, 0x4, 0x2, 0xc, 0x0, 0x1}, 0x48)
signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x400, &(0x7f0000000080)=ANY=[@ANYBLOB='nodots,allow_utime=000000000034,usefree,check=strict,dots,\x00'/70], 0x1, 0x1e9, &(0x7f00000002c0)="$eJzs2k1rVFcYB/Bz05SkCXkppS3Jpoe2i3ZzabIsXSSUBEoHFM0IKkhuyESHGWfC3FnMiItZu/IjuBaX7gTJF8h3cOEuCNFVVl7R0bwRFyrJCPn9NvOHPwPn4cDhWdydf+7frm3k6UbWDkNJEoYWQi/sJWE6DIUPeuHP3/9+ee/y1Wv/L5ZKS5diXF5cmZuPMU7+8vT63Ue/brXHrzyefDIStqdv7OzOP9/+aXtm5/XKrWoeq3lsNNsxi2vNZjtbq1fiejWvpTFerFeyvBKrjbzSOtJv1Jubm92YNdYnxjZblTyPWaMba5VubDdju9WN2c2s2ohpmsaJscCXKD/cK4qwW3y7Goqi+O5BGN8KE8/CVEi+j8kPC8mPq8nPvWRmtyimBn1UToX7P98OPeqjIbzodcqdcv+33y//V1r6K74zffCvV51O+Zv9fq7fx6P9SBh738+f2I+GP37r92+7fy+UjvWzYf30xwcAOHfSuO/E/S5NP9b306H98Nj+Nhxmh89sDD5T3r1Ty+r1SksQBGE/DPpl4iwcXPqgTwIAAAAAAAAAAMCnOIvPCQc9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HV7EwAA///n0Xgk")
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x2c, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c0002"], 0x64}}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc534, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.735013226s ago: executing program 3 (id=2463):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x0, 0x6210, &(0x7f000000a4c0)="$eJzs3U1vHVf9B/DfffRD/22tLqr+K4TcBx5KaRInJQQKtF3Agk0XqFuUyHWriBRQElBaWcSVNyxY8QpASCwRYolY8AK6YMuOFSsi2Uigrhg09jnx+Obe2sb2nWufz0dyZn5z5vqe8ffOfcjM3BMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHz3O99b6UTE9Z+mBUsR/xe9iG7EQl0vR8TC8lJevx8Rz8ROczwdEYO5iPr2O/88GfFqRHz8RMTW9vpqvfjyIfvx7d//9Tfff+ytv/xucPHff7g7eb17937xrz/eP84WAwAAQHmqqqo66WP+s+nzfbftTgEAU5Ff/6skLz/39S///tafZqk/arVarVZPoW6qxrvfLCJio3mb+j2Dw/EAcMZsxCdtd4EWyb9o/Yh4rO1OADOt03YHOBVb2+urnZRvp/l6sLzbns8F2Zf/Rufh9R2TpgcZPcdkWo+vzejFUxP6szClPsySnH93NP/ru+3DtN5p5z8tk/If7l76VJycf280/xHnJ//u2PxLlfPvHyn/nvwBAAAAAGCG5f//X2r5+O/c8TflUD7t+O/ylPoAAAAAAAAAACftuOP/PXSi4//1Xpu0nvH/AAAA4Ojqz+q1Xz2xt2zSd7HVy9/uRDw+sj5QmHSxzGLb/QAAAAAAAAAAAACAkvR3z+F9uxMxiIjHFxerqqp/mkbrozru7c+60rcfijPYm237SR4AAHZ9/MTItfydiPmIeDt9199gcXGxquYXFqvFamEuv58dzs1XC43PtXlaL5sbHuK9cX9Y1b9svnG7poM+Lx/UPvr76vsaVr1DdOyEDNJfc0JzS2EDQLL7arTlFemcqaonJ735gH3s/+fQUiy1/bhi9rX9MAUAAABOX1VVVSd9nfez6Zh/t+1OAQBTkV//R48LHKvuTmiPOJnfr1ar1ee47s9Yf9Tnq26qxrvfLCJio3mb+j2D4fgB4IzZiE/a7gItkn/R+hHxTNudAGZap+0OcCq2ttdXOynfTvP1II3vns8F2Zf/Rmfndvn246YHGT3HZFqPr83oxVMT+vP0lPowS3L+3dH8r++2D9N6p53/tEzKf7hzyVx5cv690fxHnJ/8u2PzL1XOv3+k/HvyBwAAAACAGZb//3+p6OO/rmAAAAAAAAAA4Gzb2l5fzde95uP/nxmznus/z6ecf+eo+S+kefmfaTn/7kj+XxxZr9eYf/Dm3v7/z+311d/e/cf/5+lh85/LM530yOqkR0Qn3VOnn6bH2bpHbQ56w/qeBp1ur59Oc6oG78bNuBVrcWnfut3099hrX9nXXvd0sK/98r72/iPtV/a1D9L3DlQLuf1CrMaP4la8s9Net80dsP3zB7RXB7Tn/Hue/4uU8+83fur8F1N7Z2Rae/BR95H9vjkddz9v3Pzszy+d/uYcaDN6D7etqd6+51voz87f5LFh/OTO2u0L927cvXt7JdJk39LLkSYnLOc/2PmZ23v+f2G3PT/vN/fXBx8Nj5z/rNiM/sT8X2jM19v70pT71oac/zD95PzfSe3j9/+znP/k/f/lFvoDAAAAAAAAAAAAAAAAn6aqqp1LRN+IiKvp+p+2rs0EAKYrv/5XSV6uVhddx9Js9UetVqtPqG6qxnu9WUTEn5u3qd8z/GzcLwMAZtl/IuJvbXeC1si/YPn7/urpi213BpiqOx98+IMbt26t3b7Tdk8AAAAAAAAAgP9VHv9zuTH+84sRsTSy3r7xX9+M5eOO/9nPMw8HGD3hgb4n2OwOe93GcOPPxc743Bcmjf/9fDw6/nceE7fX3I4JBge0Dw9onzugfX7s0r20xl7o0ZDzf64x3nmd/7Mjw6+XMP7r6Jj3Jcj5P994PNf5f2FkvWb+1a9nLv+Nw664Gd19+V+8+/6PL9754MNXbr5/472199Z+eGVl5dKVq1evXbt28d2bt9Yu7f57Or2eATn/PPa180DLkvPPmcu/LDn/z6Va/mXJ+X8+1fIvS84/v9+Tf1ly/vmzj/zLkvN/KdXyL0vO/0upln9ZtrbX5+r8X061/MuS9/8vp1r+Zcn5v5Jq+Zcl538h1fIvS87/YqoPkb+vhz9Hcv75CJf9vyw5/5VUy78sOf/LqZZ/WXL+V1It/7Lk/F9NtfzLkvP/SqrlX5ac/9VUy78sOf+vplr+Zcn5X0u1/MuS8/9aquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/zdTLf+y5Py/lWr5lyXn/3qq5V+Wve//N2PGjJk80/YzEwAAAAAAAAAAAAAwahqnE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBfduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkeuu7wB+Zi/22kmIgRCc1MDaMcY4m+z6El9oXUy4NkApkFDoBdv1rs2Cb3jtEiiSTQMlEkZFFRXpQ1tAqI1UVVgVD7RKaR6qXp6a9oG+VLSVkBpVIQqoSG1Fs9Wc8///d2Z2dmbWO17PnvP5SMlvd+bMnDNnzszud9ffPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Gjrm2c+X8uyrP5f/r9NWXZr/eMN45vyy95ws7cQAAAAWKn/y///wu3pgiM93Khhmb999T98a35+fj774PDvjn55fj5dMZ5lo+uzLL8uuvbvH6o1LhM8lo3Vhho+H+qy+uEu1490uX60y/Xruly/vsv1Y12uX7QDFtlQ/Dwmv7Pt+Yebil2a3ZGN5tdtb3Orx2rrh4biz3Jytfw286Mns9nsdDaTTTUtXyxby5d/amt9Xe/I4rqGGta1pX6E/PDTJ+I21MI+3t60roX7jH7wpmz8Rz/89Ik/uvjcXe1m193QdH/Fdu7cVt/Oz4ZLim2tZevTPonbOdSwnVvaPCfDTdtZy29X/7h1O1/ocTuHFzZzVbU+52PZUP7xM/l+Gmn8sV7aT1vCZf99T5ZlVxY2u3WZRevKhrKNTZcMLTw/Y8URWb+P+qH0smxkWcfp1h6O0/qc3t58nLa+JuLzvzXcbmSJbWh8mn7wmXWLnvflHqdR/VEv9VppPQb7/VoZlGMwHhfP5A/68bbH4Pbw+D+9Y+ljsO2x0+YYTI+74Rjc1u0YHFo3nG9zehJq+W0WjsHdTcsP52uq5fPZHZ2PwcmLZ85Pzn3yU/fNnjl+aubUzNm9u3dP7d2//+DBg5MnZ0/PTBX/v869Pfg2ZkPpNbAt7Lv4Gnhdy7KNh+r81/r3Ohzr8Drc1LJsv1+HI60PrrY6L8jFx3Tx2ni4vtPHrg5lS7zG8udn18pfh+lxN7wORxpeh22/prR5HY708DqsL3N+V2/fs4w0/NduG27U14JNDcdg6/cjrcdgv78fGZRjcCwcF/+ya+mvBVvC9j4+sdzvR4YXHYPp4Yb3nvol6fv9sYP5aHdc3l2/4pZ12aW5mQv3P3r84sULu7MwVsXLG46V1uN1Y8NjyhYdr0PLPl6PzL768bvbXL4p7Kux++r/G1vyuaovs+/+zs9V/tWt/f5sunRPFkafrfb+bPfVvL4/U5bssD/ry3x2cuXfi6dc2vD+O7rE+2/M/S8W60t39djw6Ejx+h1Oe2e06f24+akayd+7avm6X5js7f14NPy32u/Hd3R4P97csmy/349HWx9cfD+udftpx8q0Pp9j4Tg5PdX5/bi+zOY9yz0mRzq+H98TZi3s/9eHpJByUcOxs9Rxm9Y1MjIaHtdIXEPzcbq3afnRkM3q63pyz/UdpzvvKe5rOD26Bat1nI63LNvv4zS9Xy11nNa6/fTt+rQ+n2PhuLhjb+fjtL7M0/tW/t65IX7Y8N65rtsxODq8rr7No+kgLN7v5zfEY/D+7ER2LjudTefXrsuPp1q+rokHejsG14X/Vvu9cnOHY3Bny7L9PgbT17Gljr3ayOIH3wetz+dYOC6eeKDzMVhf5i0H+vu9685wSVqm4XvX1p+vLfUzr7tbdtON/JlXfTv/+kDnn83Wlzl9cLk5s/N+ujdcckub/dT6+l3qNTWdrc5+2hy287mDS++n+vbUl/nyoR6PpyNZll3++IP5z3vD71f+7NJ3v9X0e5d2v9O5/PEHn7/t5N8sZ/sBWPteLMbG4mtdw2+mevn9PwAAALAmxNw/FGYi/wMAAEBpxNwf/1V4Iv8DAABAacTcPxJmUpH8v/ktz82+eDlLzfz5IF6fdsNDxXKx4zoVPh+fX1C//MFvzPz4Ly73tu6hLMt+8tBvtF1+80NxuwrjYTuvvbX58sU3vNzT+o89srBcY3/9q+H+4+Pp9TBoV8GdyrLsqdu/mK9n/ENX8/n0Q8fy+b4rjz9WX+aFQ8Xn8fbPvrxY/vdD+ffIyeNNt3827Ifvhzn1zvb7I97um1dfv+XABxbWF29X2/aS/GE/8eHifuPfyfnSY8XycT8vtf1/+YUnv1lf/tHXtt/+y0Ptt//JcL/fCPN/XlUs3/gc1D+Pt/tc2P64vni7+7/+nbbbf+3zxfLn31YsdyzMuP6d4fPtb3tutnF/PVo73vS4srcXy8X1T333t/Pr4/3F+2/d/rGjV5v2R+vx8fQ/Ffcz2bJ8vDyuJ/rzlvXX76fx+Izrf/K3jjXt527rv/a+Z19Vv9/W9d/bstxwy+1b/2LTH3zui23XF7fnyJ+eb3o8R94bXsdh/U98OByP4fr/vfbFpvVGx97b/P4Tl//qpstNjyd6x4+K9V9746l8/sf4j3/vlltve8mV19T3XZY98/7i/rqt/9Qfnmva/q/duSt/PuL1saPfuv6lxPVf+MTE2XNzl2anG/Zq/rdz3lVsz/qxDRvr23t7eG9t/fzouYsfmbkwPjU+lWXj5f0Tetft62E+X4wry739rkfC83n3V57auOMfvxAv/+eHi8uvvrP4uvW6sNyXwuWbiudvvrbC9T+x9c789V17uvi8qcfeB1u2/+fBnhYMj7/1+4J4vJ9/xUfy/VC/Lv+6EV/XK9z+700X9/PtsF/nw19m3nbnwvoal49/G+Hq+4vX+4r3X3ibi8/rH4fn+93fL+4/bld8vN8L38d8Z3Pz+108Pr59eaj1/vO/4nElvJ9kV4rr41Jxf1994c62mxf/Dkl25a78899J93PXsh7mUuY+OTd5evbspUcnL87MXZyc++Snjp45d+nsxaP53/I8+tFut194f9qYvz9Nz+zfl01tyLLsXDa1Cm9YN2b76x/1tv3nHzkxfWBqx/TMyeOXTl585PzMhVMn5uZOzEzP7Th+8uTMJ7rdfnb68O49h/Ye2DNxanb68MFDh/Yempg9e66+GcVGdbF/6mMTZy8czW8yd3jfod0PPLBvauLMuemZwwempiYudbt9/rVpon7rX5+4MHP6+MXZMzMTc7Ofmjm8+9D+/Xu6/jXAM+dPzo1PXrh0dvLS3MyFyeKxjF/ML65/7et2e8pp7l+L72db1Yo/xJe959796e+z1n3jM0veVbFIyx8QfS78LZq/f+n5g718HnP/aJhJRfI/AAAAVEHM/evCTOR/AAAAKI2Y+9eHmcj/AAAAUBox94+FmVQk/+v/6//31v8vrtf/r1b///zHi17pWu//x/68/n813OT+/4rXr/+v/1++/n/v/fm1vv36//r/LDZo/f+Y+zdkWSXzPwAAAFRBzP0bw0zkfwAAACiNmPtvCTOR/wEAAKA0Yu6/NcykIvlf/7+n/v+eboWr8vf/nf9f/z9bm/3/+OTo/1fGsvv3H3i46VP9/0D/X/9f/1//X/+fFRtd8pqb1f+Puf+2MJOK5H8AAACogpj7XxJmIv8DAABAacTcf3uYifwPAAAApRFz/6Ywk4rkf/1/5//X/9f/L3X/f6Xn/2/YGP3/tcH5/zvT/+/iuvv/Y/r/a7H/P9rf7R/s/n/Xzdf/54YYtPP/x9z/0jCTiuR/AAAAqIKY+18WZiL/AwAAQGnE3P/yMBP5HwAAAEoj5v47wkwqkv/1//X/B6v//5X76nte/7+g/1+4qf3/juf/Lz7S/x8s+v+d6f934fz/1er/93n7B7v/3+/z/4++tfX2+v+0M2j9/5j7XxFmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDDOR/wEAAKA0Yu7fHGZSkfyv/6//P1j9f+f/1/9fS/3/gv7/YNH/70z/vwv9f/1//f/e+v9tvvnV/6edQev/x9x/V5hJRfI/AAAAVEHM/XeHmcj/AAAAUBox9/9UmIn8DwAAAKURc/+WMJOK5H/9f/1//f9q9f/vXaf/r/9fbvr/nen/d6H/r/+v/9/j+f8XW07/f323O6M0Bq3/H3P/q8JMKpL/AQAAoApi7n91mIn8DwAAAKURc/9rwkzkfwAAACiNmPvHw0wqkv/1/8vV//+Tv3riNZn+v/5/l/WXtP8fDwP9/4rT/+9M/78L/X/9f/3/Ven/Ux2D1v+PuX9rmElF8j8AAABUQcz928JM5H8AAAAojZj77wkzkf8BAACgNGLu3x5mUpH8r/9frv5/pP+v/99p/SXt/yf6/9Wm/99Gw4tU/78L/X/9/8r3/+N3v/r/9Meg9f9j7n9tmElF8j8AAABUQcz9O8JM5H8AAAAojZj7XxdmIv8DAABAacTcvzPMpCL5X/9f/1//X/9f/7/9+vX/1yb9/86W2/9fp/+v/6//X7H+v/P/0183v/9ffOcWP4+5//VhJhXJ/wAAAFAFMffvCjOR/wEAAKA04r/fLP7dq/wPAAAAZRRz/0SYSUXyv/6//n+V+v81/X/9f/3/0tP/78z5/7vQ/9f/1//X/6evbn7/v/nzmPvvCzOpSP4HAACAKoi5//4wE/kfAAAASiPm/skwE/kfAAAASiPm/qkwkzz/j96krVo9+v/6/1Xq/zv/v/6//n/56f93pv/fhf6//n/Z+v9Zpv/PTTVo/f+Y+3eHmfj9PwAAAJRGzP17wkzkfwAAACiNmPv3hpnI/wAAAFAaMffvCzOpSP7X/9f/1//X/9f/b79+/f+1Sf+/M/3/LvT/9f/L1v93/n9uskHr/8fc/0CYSUXyPwAAAFRBzP37w0zkfwAAACiNmPsPhJmE/N/u33UDAAAAa0vM/QfDTCry+3/9/5L0/3/z75rWrf+v/99p/f3p/2/Q/w9T/3+wLPTv8+O1LP3/1pfFddP/70L/X/9f/1//n74atP5/zP2Hwkwqkv8BAACgCmLuf0OYifwPAAAApRFz/0+Hmcj/AAAAUBox9/9MmElF8r/+f0n6/y30//X/O63f+f/72P+fybJM/3+gOP9/Z6Xq/w/p/+v/D9b26//r/7PYje//x4966//H3H84zKQi+R8AAACqIOb+nw0zkf8BAACgNGLuf2OYifwPAAAApRFz/5Ewk4rkf/1//X/9f/3/G9P/f2PWahD7//WDx/n/y0X/v7NS9f+d/1//f8C2X/9f/5/FBu38/zH3vynMpCL5HwAAAKog5v4Hw0zkfwAAACiNmPvfHGYi/wMAAEBpxNz/ljCTiuR//X/9f/1//X/n/2+/fv3/tUn/vzP9/y70//X/9f/1/+mrQev/x9z/1jCTiuR/AAAAqIKY+98WZiL/AwAAQGnE3P/2MBP5HwAAAEoj5v53hJlUJP/r/+v/6//r/+v/t19/r/3/7N/0/wdJhfv/o70spP/fhf6//r/+v/4/fTVo/f+Y+38uzKQi+R8AAACqIOb+h8JM5H8AAAAojZj73xlmIv8DAABAacTc/64wk4rkf/1//X/9f/1//f/263f+/7Wpwv3/nuj/d6H/r/+v/6//T18NWv8/5v53h5lUJP8DAABAFcTc//NhJvI/AAAAlEbM/e8JM5H/AQAAYHC1K2J3EHP/L4SZVCT/6//r/w9W/3/+cuPt9P/1/7N+9f/rN9L/rwT9/870/7to0/9fr/+v/6//r//PdRu0/n/M/e8NM6lI/gcAAIAqiLn/fWEm8j8AAACURsz97w8zkf8BAACgNGLufzjMpCL5X/+/kv3/9JAHr//v/P/6/87/r/+/Mvr/nen/d+H8/33qz9+q/6//r/9PbtD6/zH3PxJmUpH8DwAAAFUQc/8HwkzkfwAAACiNmPt/McxE/gcAAIDSiLn/g2EmFcn/+v+V7P8P8Pn/y9b/H2k6PqrU/x9reD7Tcan/r/+/CvT/O9P/70L/f22e/39sMLb/hvf/w9G8YYnb6/8ziAat/x9z/4fCTCqS/wEAAKAKYu7/pTAT+R8AAABKIyb+X276TP4HAACAMom5/1fCTCqS//X/9f/1/53/3/n/269f/39t0v/vTP+/i772/0f1/53/3/n/9f8rb9D6/zH3/2qYyZLB7/n/6uFhAgAAAAMk5v4Ph5lU5Pf/AAAAUAUx9x8NM5H/AQAAoDRi7j8WZlKR/K//39r/j2dU1f/X/9f/1/8flP5/3EL9/170r///ytuyTP9f/9/5//X/9f/1/1mJQev/x9x/PMykIvkfAAAAqiDm/l8LM5H/AQAAoDRi7j8RZiL/AwAAQGnE3D8dZlKR/H8T+/+jg9n/d/7/6+3//0T/X/8/0P9vz/n/V4fz/3em/9+F/r/+v/6//j99NWj9/5j7Z8JMKpL/AQAAoMTSj4Nj7j8ZZiL/AwAAQGnE3H8qzET+BwAAgNKIuf8jYSYVyf/O/6//7/z/N6P/P9K0vP5/Qf9f/78f9P870//vQv9f/1//X/+fvhq0/n/M/bNhJhXJ/wAAAFAFMfd/NMxE/gcAAIDSiLn/Y2Em8j8AAACURsz9p8NMKpL/O/X/T4zq/+v/l7//X8uyK87/r//fbv36/2uT/n9n+v9d6P/r/+v/6//TV4PW/4+5/0yYSUXyPwDA/7N3H0+WXFUex580areaWc+KNSuWsBJ/Alt2RLDGC28k4T0I740Q3nsPEt57b4VHeBBWENGEqs45XeZVZnVXVr3Mez+fzZnuUE+9RiVmfjTfuADQg9z9945b7H8AAABoRu7++8Qt9j8AAAA0I3f/feOWTva/9//1/733/6uNvP+/+6/X/2/T/+v/p7Cvv79i/V93UBR+YP9/pztfdQ/9v/5/mv7/TP1Y/z+pTX9+/b/+n/3m1v/n7r9f3NLJ/gcAAIAe5O6/f9xi/wMAAEAzcvc/IG6x/wEAAKAZufuvils62f9d9/9nL3yOpP/X/2/9RM/9/436f/3/snn/f5j+f4T3//X/+n/9P5OaW/+fu/+BcUsn+x8AAAB6kLv/QXGL/Q8AAADNyN3/4LjF/gcAAIBm5O5/SNzSyf7vuv/3/r/+Pyyj/z/t/f89vx/9v/5/Hf3/MP3/CP2//l//r/9nUnPr/3P3PzRu6WT/AwAAQA9y9z8sbrH/AQAAoBm5+x8et9j/AAAA0Izc/Y+IWzrZ//p//f+m+v/8p03/P7P3//X/+v+Fu3514d8T9P/76f9HjPT/q5X+f8ih+/n1v73lfP4D6P/1/+w3t/4/d/8j45a7rlanL/U3CQAAAMxK7v5HxS2d/Pk/AAAA9CB3/9Vxi/0PAAAAzcjdf03c0sn+1//r/73/r//X/6//+vr/ZfL+/7Cj9/93/L973bPf/t/7/8O8/z91/3/7d4b+n2WbW/+fu//auKWT/Q8AAAA9yN3/6LjF/gcAAIBm5O5/TNxi/wMAAEAzcvc/Nm7pZP/r/1vr//9n16/b0f9v1S76f/2//l//3zr9/zDv/4/Y+re5c/VD/b/+3/v/O/v/4dfR9f+sM7f+P3f/4+KWTvY/AAAA9CB3/+PjFvsfAAAAmpG7/wlxi/0PAAAAzcjd/8S4pZP9fzL9//ogX//v/X/9v/5f/6//n5r+f5j+f0Qr7/9f4nfNpvv5o9r052+w/8/g3/v/XLK59f+5+58Ut3Sy/wEAAKAHufufHLfY/wAAANCM3P1PiVvsfwAAAGhG7v6nxi2d7H/v/+v/l9H/51fQ/+v/j7//T/r/ZdL/D9P/j2il/79Em+7nl/75G+z/97z/P0z/zzpz6/9z9z8tbulk/wMAAEAPcvc/PW6x/wEAAKAZufufEbfY/wAAANCM3P3PjFs62f/6f/3/Mvp/7//r/73/r/8/HP3/MP3/CP2//l//r/9nUnPr/3P3Xxe3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/c+OW+x/AAAAaEbu/ufELZ3sf/2//l//r//X/6//+vr/ZdL/D9P/j9D/6//1//p/JjWj/n/Hrzq7em7c0sn+BwAAgB7k7n9e3GL/AwAAQDNy9z8/brH/AQAAoBm5+18Qt3Sy//X/s+n/t3K+tvr/c6vVSv+/6rT/P7fj72d9X+r/9f8nQP8/7OL7/1tu2P7O3ab/1/8P0f/r//X/7DWj/n/rx7n7Xxi3dLL/AQAAoAe5+18Ut9j/AAAA0Izc/S+OW+x/AAAAaEbu/pfELZ3sf/3/bPr/LW31/97/3/v9sYj+/ybv/+v/l03/P8z7/yP0//p//b/+n0nNrf/P3f/SuOn0qUv+LQIAAAAzk7v/ZXFLJ3/+DwAAAD3I3f/yuMX+BwAAgIW6bt/P5O5/RdzSyf7X/0/b/5/e8XP6f/3/3u+PRfT/E73/r//fT/9/MvT/w/T/I/T/+n/9v/6fSc2t/8/d/8q4pZP9DwAAAD3I3X993GL/AwAAQDNy978qbrH/AQAAoBm5+2+IWzrZ//p/7//r//X/+v/1X1//v0z6/2H6/xH6/+rn///caqX/P/H+/8yF/1H/Txsuov8/f/781cfe/+fuf3Xc0sn+BwAAgB7k7n9N3GL/AwAAQDNy9782brH/AQAAoBm5+18Xt3Sy//X/nfb/+a2+rP7/mtVK/6//1//r/4fp/4fp/0fo/73/7/1//T+Tmtv7/7n7Xx+3dLL/AQAAoAe5+98Qt9j/AAAA0Izc/W+MW+x/AAAAaEbu/jfFLZ3sf/1/p/2/9//1//r/k+7/b1vp/0/EIvr/cwd//bn3/9fOtv8/o/+fwKb7+cV9/rvdZdcP9f/6f/abW/+fu//NcUsn+x8AAAB6kLv/LXGL/Q8AAADNyN3/1rjF/gcAAIBm5O5/W9x0RSf7X/+v/9f/6//1/+u//gm//396tVrp/yewiP5/wNz7/2ne/9/7T/kF3v/X/y/58+v/9f/sN7f+P3f/2+OWTvY/AAAA9CB3/zviFvsfAAAAmpG7/51xi/0PAAAAzcjd/664pZP9r//X/+v/p+v/Lzvg+0H/H98Pm+r/r11E/+/9/4no/4fNo/8/mP5f/7/kz6//1/9zeJvq/3P3vztu6WT/AwAAQA9y978nbrH/AQAAoBm5+98bt9j/AAAA0Izc/e+LWzrZ//p//f/F9P/5OfX/bb3/f2Z2/f/ZXf/7Onn/X/8/Ef3/MP3/CP2//l//f53+nynN7f3/3P3vj1s62f8AAADQg9z9H4hb/9Gt/Q8AAADNyN3/wbjF/gcAAIBm5O7/UNzSyf7X/+v/vf+v/2/+/X/9f1f0/8P0/yP0/8fQz9/+qfX/C+r/vf/PpObW/+fu/3Dc0sn+BwAAgB7k7v9I3GL/AwAAQDNy9380brH/AQAAoBm5+2+MWzrZ//p//b/+X/+v/9/+e6j/b4P+f9jJ9P/n9P/6/+rnL4t/CvT/+v+xX0+b5tb/5+6/KW7pZP8DAABAD3L3fyxusf8BAACgGbn7Px632P8AAACwSFes+bnc/Z+IWzrZ//p//b/+X/+v/1//9fX/y7SR/j+/KfT/3v8P/fT/d9j1o6P28yf9+ff+3y/9v/6f6c2t/8/d/8m4pZP9DwAAAD3I3f+puMX+BwAAgGbk7v903GL/AwAAQDNy938mbulk/+v/l9H/53em/l//r//X/+v/h3n/f5j+f4T+f6Pv5y/98+v/9f/sN7f+P3f/Z+OWTvY/AAAAtO2yrf9MPnf/5+IW+x8AAACakbv/83GL/Q8AAADN2Nr9GZd1uP/1/8vo/73/r//X/+v/9f+Ho/8fpv8fof/X/+v/9f9Mam79/xe2ftXZ1Rfjlk72PwAAAPQgd/+X4hb7HwAAAGbp4P+qwMFy9385brH/AQAAoBm5+78St3Sy//X/+v9l9P/nz5+/Wv+v/9/9+7nQ/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7X/8+g/z+r//f+v/5/5f1//f9E9P/D9P8jWuz/zx7+t7/pfv6oNv359f/6f/abW/+fu/+bcUsn+x8AAAB6kLv/W3GL/Q8AAADNyN3/7bjF/gcAAIBm5O7/TtzSyf7X/59c/3/7v3a9vP9/brX+8+v/9f/6f/3/cdP/D9P/j2ix/78Im+7nl/759f/6f/Y7VP9/6sLPH3f/n7v/u3HL7uF36mJ+jwAAAMC85O7/XtzSyZ//AwAAQA9y938/brH/AQAAoBm5+38Qt3Sy//X/M3j/v8H+3/v/678/9P+z7v8v1/+3Qf8/TP8/Qv+v/9f/T9T/53ez/r93h+r/d/z/d8fd/+fu/2Hc0sn+BwAAgB7k7v9R3GL/AwAAQDNy9/84brH/AQAAoBm5+2+OW3bs/3Vtdyv0//p//b/+X/+//uvr/5dJ/z/ssP3/mdXR+v+k/9f/6/977f+9/8+2ufX/uft/Erf4838AAABYnFMH/Hzu/p/GLfY/AAAANCN3/8/iFvsfAAAAmpG7/+dxy62Xb+ojnSj9v/5f/6//1/+v//r6/2XS/w/z/v8I/f8U/fyV+v82+v/VSv/P0c2t/8/d/4u4xZ//AwAAQDNy9/8ybrH/AQAAoBm5+38Vt9j/AAAA0Izc/b+OWzrZ//p//f8R+/+tNFP/v03/v03/v57+/2To/4fp/0fo/73/r//3/j+Tmlv/n7v/lrilk/0PAAAAPcjd/5u4xf4HAACAZuTu/23cYv8DAABAM3L3/y5u6WT/b6z/j3+pt/v/K/d/Lv3/lgX0/97/1//r//X/s6L/H6b/H6H/1//r//X/TGpu/X/u/t/HLZ3sfwAAAOhB7v4/xC32PwAAADQjd/8f4xb7HwAAAJqRu/9PcUsn+9/7/0ft/7cDFf3/7s+v/99N/x/fD/p//f8J0P8P0/+vV3+j9P/6f/2//p9Jza3/z93/57ilk/0PAAAAPcjd/5e4xf4HAACAZuTuvzVusf8BAACgGbn7/xq3dLL/9f/e/9f/6//1/+u/vv5/mfT/wzbZ/9/9f8e/rPf/N97/50fQ/+v/9f9MYm79f+7+v8Utnex/AAAA6EHu/r/HLfY/AAAANCN3/z/iFvsfAAAAmpG7/59xSyf7f6T/P1N/of5/kP5/9+fX/6///tD/6//1/8dP/z/M+/8j9P/e/9f/6/+Z1Nz6/9z9/4pbOtn/AAAA0IPc/bfFLfY/AAAANCN3/7/jFvsfAAAAmpG7/z9xSyf73/v/S+r/r9T/6//1//p//f8I/f8w/f8I/b/+X/+v/2dSc+v/c/f/NwAA//+naUC1")
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
creat(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./bus/file0\x00', 0x0)
renameat2(r0, &(0x7f00000004c0)='./bus/file0\x00', 0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x0)

1.734449779s ago: executing program 4 (id=2464):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0x0, "f81d36c1"}, @main=@item_4={0x3, 0x0, 0x0, "e24ba565"}]}}, 0x0}, 0x0)

1.357368488s ago: executing program 0 (id=2465):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capget(&(0x7f00000001c0)={0x20080522}, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0, 0x0, 0x7})
quotactl$Q_GETINFO(0xffffffff80000500, 0x0, 0xee00, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x0, 0x80, 0x5, 0xff, {{0xd, 0x4, 0x0, 0x0, 0x34, 0x68, 0x0, 0x4, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, {[@rr={0x7, 0x7, 0x7c, [@remote]}, @noop, @timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @rr={0x7, 0xb, 0xcc, [@remote, @remote]}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x4d)
r5 = socket$igmp6(0xa, 0x3, 0x2)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4000004, 0x32, 0xffffffffffffffff, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_buf(r6, 0x29, 0xd2, &(0x7f0000000740)="83082bc6037368c0a604a71cbd3946ca52e358bbd4e5a9f12bc6133921d423dbbce3fe", 0x23)
ioctl$sock_proto_private(r5, 0x89e1, &(0x7f0000000000))
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000000500), 0x0)

0s ago: executing program 1 (id=2466):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a06fef8ffffff71a400fe000000007110bd00000000001d300200000000004704000001ed03040f030000000000001d440000000000006b0a04fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49"], 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000100), 0x20000000}, 0x20)

kernel console output (not intermixed with test programs):

ice loop2): using sha256 (sha256-avx2) checksum algorithm
[  630.023325][T12821] BTRFS info (device loop2): using free-space-tree
[  630.039209][T12813] XFS (loop1): Ending clean mount
[  630.074656][T12813] XFS (loop1): Quotacheck needed: Please wait.
[  630.163002][T12813] XFS (loop1): Quotacheck: Done.
[  630.292010][T11736] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  630.378311][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  630.388959][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  630.397306][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  630.406554][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  630.422621][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  630.430893][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  630.617726][ T7945] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  630.903043][ T5366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  630.944505][ T5366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  630.981960][ T5366] bond0 (unregistering): Released all slaves
[  631.269166][T12867] netlink: 'syz.1.1807': attribute type 10 has an invalid length.
[  631.298635][T12867] bridge0: port 3(team0) entered disabled state
[  631.305224][T12867] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.312492][T12867] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.333444][T12865] loop2: detected capacity change from 0 to 32768
[  631.397408][T12865] syz.2.1806: attempt to access beyond end of device
[  631.397408][T12865] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  631.869921][ T4498] Bluetooth: hci7: command tx timeout
[  632.091053][T12865] lbmIODone: I/O error in JFS log
[  632.096169][T12865] *** Log Format Error ! ***
[  632.136320][T12865] lmLogInit: exit(-22)
[  632.143253][T12865] lmLogOpen: exit(-22)
[  632.193882][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.200675][T12881] loop0: detected capacity change from 0 to 1024
[  632.206306][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.215544][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.223030][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.230467][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.237878][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.245631][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.254132][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.262315][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.269871][T12881] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[  632.278201][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.289161][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.301362][T12801] bridge0: port 1(bridge_slave_0) entered blocking state
[  632.301802][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.308638][T12801] bridge0: port 1(bridge_slave_0) entered disabled state
[  632.322086][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.339912][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.347322][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.349309][T12801] bridge_slave_0: entered allmulticast mode
[  632.369456][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.378489][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.379930][T12801] bridge_slave_0: entered promiscuous mode
[  632.395339][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.400426][ T5153] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  632.403187][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.413051][T12801] bridge0: port 2(bridge_slave_1) entered blocking state
[  632.427141][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.439924][T12801] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.446313][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.447187][T12801] bridge_slave_1: entered allmulticast mode
[  632.458592][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.472897][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.485767][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.486967][T12801] bridge_slave_1: entered promiscuous mode
[  632.498923][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.507381][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.515050][ T4498] Bluetooth: hci0: command tx timeout
[  632.539899][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.547392][T11343] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  632.576127][T11343] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  632.733409][ T5366] hsr_slave_0: left promiscuous mode
[  632.739420][ T5366] hsr_slave_1: left promiscuous mode
[  632.741734][ T5153] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  632.754977][ T5153] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  632.764461][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  632.766316][ T5153] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  632.775050][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  632.792302][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  632.808185][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  632.988592][ T5153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.009572][ T5366] veth1_macvtap: left promiscuous mode
[  633.029057][ T5366] veth0_macvtap: left promiscuous mode
[  633.035394][ T5366] veth1_vlan: left promiscuous mode
[  633.465179][ T5366] veth0_vlan: left promiscuous mode
[  633.574168][T11343] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  633.695197][ T5097] usb 2-1: USB disconnect, device number 25
[  633.720240][T12892] loop2: detected capacity change from 0 to 512
[  633.767633][T12892] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.780497][T12892] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  633.801350][T11343] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  633.818957][T11343] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  633.964242][   T54] Bluetooth: hci7: command tx timeout
[  634.041909][T11343] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  634.051770][T11343] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  634.061036][T11343] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.141691][T11343] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -12
[  634.619792][ T4498] Bluetooth: hci0: command tx timeout
[  634.814251][T11343] usb 1-1: USB disconnect, device number 20
[  634.844464][ T5366] smc: removing net device batadv_slave_1 with user defined pnetid SYZ2
[  634.947783][T12313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.024224][ T5366] team0 (unregistering): Port device team_slave_1 removed
[  635.071804][ T5366] team0 (unregistering): Port device team_slave_0 removed
[  635.197771][T12906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  635.218066][T12906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  636.080282][ T4498] Bluetooth: hci7: command tx timeout
[  636.315985][T12801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.518713][T12862] chnl_net:caif_netlink_parms(): no params data found
[  636.610780][T12801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.679881][ T4498] Bluetooth: hci0: command tx timeout
[  636.776600][T12801] team0: Port device team_slave_0 added
[  636.795973][T12801] team0: Port device team_slave_1 added
[  636.809100][T12921] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1821'.
[  636.923678][T12925] netlink: 'syz.1.1823': attribute type 10 has an invalid length.
[  636.960499][T12801] batman_adv: batadv0: Adding interface: batadv_slave_0
[  636.967464][T12801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  637.055858][T12801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  637.092167][T12801] batman_adv: batadv0: Adding interface: batadv_slave_1
[  637.095778][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  637.109595][T12801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  637.121888][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  637.144589][T12801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  637.148260][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  637.165004][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  637.176474][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  637.184034][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  637.214293][T12933] netlink: 'syz.0.1826': attribute type 7 has an invalid length.
[  637.222700][T12933] netlink: 'syz.0.1826': attribute type 6 has an invalid length.
[  637.260842][T12862] bridge0: port 1(bridge_slave_0) entered blocking state
[  637.277326][T12862] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.285272][T12862] bridge_slave_0: entered allmulticast mode
[  637.301069][T12862] bridge_slave_0: entered promiscuous mode
[  637.374937][T12801] hsr_slave_0: entered promiscuous mode
[  637.391155][T12801] hsr_slave_1: entered promiscuous mode
[  637.409861][T12801] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  637.417528][T12801] Cannot create hsr debugfs directory
[  637.431191][T12862] bridge0: port 2(bridge_slave_1) entered blocking state
[  637.452305][T12862] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.470024][T12862] bridge_slave_1: entered allmulticast mode
[  637.477379][T12862] bridge_slave_1: entered promiscuous mode
[  637.603323][T12862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  637.611774][T12944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  637.652160][T12862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  637.673866][T12944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  637.734768][ T5366] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.792175][T12942] loop0: detected capacity change from 0 to 32768
[  637.819138][T12942] syz.0.1828: attempt to access beyond end of device
[  637.819138][T12942] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  637.825384][T12862] team0: Port device team_slave_0 added
[  637.832598][T12942] lbmIODone: I/O error in JFS log
[  637.843381][T12942] *** Log Format Error ! ***
[  637.848486][T12942] lmLogInit: exit(-22)
[  637.852396][T12862] team0: Port device team_slave_1 added
[  637.857159][T12942] lmLogOpen: exit(-22)
[  637.924134][ T5366] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.048142][T12862] batman_adv: batadv0: Adding interface: batadv_slave_0
[  638.061027][T12862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.088920][T12862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  638.111585][ T5366] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.141484][T12862] batman_adv: batadv0: Adding interface: batadv_slave_1
[  638.148877][T12862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.176162][T12862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  638.216458][ T5366] team0: Port device netdevsim0 removed
[  638.226858][ T5366] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.322520][T12862] hsr_slave_0: entered promiscuous mode
[  638.334946][T12862] hsr_slave_1: entered promiscuous mode
[  638.342541][T12862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  638.355845][T12862] Cannot create hsr debugfs directory
[  638.555231][T12934] chnl_net:caif_netlink_parms(): no params data found
[  638.636307][ T5366] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.742576][ T5366] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.758759][   T54] Bluetooth: hci0: command tx timeout
[  638.777821][T12934] bridge0: port 1(bridge_slave_0) entered blocking state
[  638.790318][T12934] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.804858][T12934] bridge_slave_0: entered allmulticast mode
[  638.812870][T12934] bridge_slave_0: entered promiscuous mode
[  638.823482][T12934] bridge0: port 2(bridge_slave_1) entered blocking state
[  638.830812][T12934] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.838064][T12934] bridge_slave_1: entered allmulticast mode
[  638.848075][T12934] bridge_slave_1: entered promiscuous mode
[  638.875586][ T5366] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.983776][ T5366] bond0: (slave netdevsim0): Releasing backup interface
[  638.995179][ T5366] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  639.008622][T12961] netlink: 'syz.1.1833': attribute type 10 has an invalid length.
[  639.022885][T12934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  639.035496][T12934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  639.158212][T12801] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  639.229947][   T54] Bluetooth: hci3: command tx timeout
[  639.350689][T12934] team0: Port device team_slave_0 added
[  639.401940][T12934] team0: Port device team_slave_1 added
[  639.408035][T12801] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  639.441958][T12801] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  639.678318][T12801] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  640.286243][T12934] batman_adv: batadv0: Adding interface: batadv_slave_0
[  640.306350][T12934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  640.369913][T12934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  640.434495][T12934] batman_adv: batadv0: Adding interface: batadv_slave_1
[  640.451623][T12934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  640.479091][T12934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  640.507740][ T5366] bridge_slave_1: left allmulticast mode
[  640.520425][ T5366] bridge_slave_1: left promiscuous mode
[  640.526304][ T5366] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.548460][ T5366] bridge_slave_0: left allmulticast mode
[  640.554598][ T5366] bridge_slave_0: left promiscuous mode
[  640.562348][ T5366] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.613726][ T5366] team0: left allmulticast mode
[  640.618614][ T5366] team_slave_0: left allmulticast mode
[  640.634442][ T5366] team_slave_1: left allmulticast mode
[  640.640828][ T5366] bridge0: port 3(team0) entered disabled state
[  640.659610][ T5366] bridge_slave_1: left allmulticast mode
[  640.673925][ T5366] bridge_slave_1: left promiscuous mode
[  640.690196][ T5366] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.719419][ T5366] bridge_slave_0: left allmulticast mode
[  640.728548][ T5366] bridge_slave_0: left promiscuous mode
[  640.745743][ T5366] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.020708][T12972] loop1: detected capacity change from 0 to 32768
[  641.056179][T12972] syz.1.1837: attempt to access beyond end of device
[  641.056179][T12972] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  641.069151][T12972] lbmIODone: I/O error in JFS log
[  641.079549][T12972] *** Log Format Error ! ***
[  641.084718][T12972] lmLogInit: exit(-22)
[  641.088825][T12972] lmLogOpen: exit(-22)
[  641.311831][   T54] Bluetooth: hci3: command tx timeout
[  641.346315][T12981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  641.360898][T12981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  641.425277][ T5366] dvmrp0 (unregistering): left allmulticast mode
[  641.673254][ T5366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  641.684570][ T5366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  641.696844][ T5366] bond0 (unregistering): Released all slaves
[  641.823717][ T5366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  641.834671][ T5366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  641.845253][ T5366] bond0 (unregistering): Released all slaves
[  641.983279][T12934] hsr_slave_0: entered promiscuous mode
[  641.990228][T12934] hsr_slave_1: entered promiscuous mode
[  641.996629][T12934] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  642.004458][T12934] Cannot create hsr debugfs directory
[  642.143188][T12986] loop1: detected capacity change from 0 to 512
[  642.176279][T12986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  642.188979][T12986] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  642.255266][ T7945] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  642.335087][T12991] netlink: 'syz.1.1841': attribute type 1 has an invalid length.
[  642.513330][T12998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1842'.
[  642.582344][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1843'.
[  642.658680][ T5366] hsr_slave_0: left promiscuous mode
[  642.668246][ T5366] hsr_slave_1: left promiscuous mode
[  642.680507][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  642.687911][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.697199][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  642.704881][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.723981][ T5366] hsr_slave_0: left promiscuous mode
[  642.743848][ T5366] hsr_slave_1: left promiscuous mode
[  642.762216][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  642.770136][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.781372][ T5366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  642.788781][ T5366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.837054][ T5366] veth0_macvtap: left promiscuous mode
[  642.843095][ T5366] veth1_vlan: left promiscuous mode
[  642.848423][ T5366] veth0_vlan: left promiscuous mode
[  642.855205][ T5366] veth0_macvtap: left promiscuous mode
[  642.860999][ T5366] veth1_vlan: left promiscuous mode
[  642.866406][ T5366] veth0_vlan: left promiscuous mode
[  643.147615][T13008] loop0: detected capacity change from 0 to 32768
[  643.171634][T13008] syz.0.1846: attempt to access beyond end of device
[  643.171634][T13008] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  643.192945][T13008] lbmIODone: I/O error in JFS log
[  643.203479][T13008] *** Log Format Error ! ***
[  643.208486][T13008] lmLogInit: exit(-22)
[  643.219853][T13008] lmLogOpen: exit(-22)
[  643.391597][   T54] Bluetooth: hci3: command tx timeout
[  643.657218][ T5366] team0 (unregistering): Port device team_slave_1 removed
[  643.697849][ T5366] team0 (unregistering): Port device team_slave_0 removed
[  644.527348][ T5366] team_slave_1 (unregistering): left promiscuous mode
[  644.539523][ T5366] team0 (unregistering): Port device team_slave_1 removed
[  644.581203][ T5366] team_slave_0 (unregistering): left promiscuous mode
[  644.592070][ T5366] team0 (unregistering): Port device team_slave_0 removed
[  645.022710][T13006] netlink: 'syz.1.1845': attribute type 25 has an invalid length.
[  645.039724][T13006] netlink: 'syz.1.1845': attribute type 7 has an invalid length.
[  645.050050][T13009] netlink: 'syz.1.1845': attribute type 23 has an invalid length.
[  645.058057][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1845'.
[  645.067543][T13009] bridge0: entered promiscuous mode
[  645.097987][T12801] 8021q: adding VLAN 0 to HW filter on device bond0
[  645.136738][T12862] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  645.155451][T12862] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  645.198874][T12862] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  645.240958][T12801] 8021q: adding VLAN 0 to HW filter on device team0
[  645.247819][T12862] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  645.312895][T13021] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  645.349076][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.349268][T13018] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  645.356233][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.411117][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.418233][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  645.469889][   T54] Bluetooth: hci3: command tx timeout
[  645.628249][T12862] 8021q: adding VLAN 0 to HW filter on device bond0
[  645.697729][T12862] 8021q: adding VLAN 0 to HW filter on device team0
[  645.744672][ T5155] bridge0: port 1(bridge_slave_0) entered blocking state
[  645.751861][ T5155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  645.838998][ T2533] bridge0: port 2(bridge_slave_1) entered blocking state
[  645.846196][ T2533] bridge0: port 2(bridge_slave_1) entered forwarding state
[  645.937132][T12934] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  645.966743][T12934] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  646.005260][T12934] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  646.023400][T12934] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  646.064252][T12801] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.151108][ T5366] IPVS: stop unused estimator thread 0...
[  646.363933][T12934] 8021q: adding VLAN 0 to HW filter on device bond0
[  646.437833][T12934] 8021q: adding VLAN 0 to HW filter on device team0
[  646.465648][T12862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.501649][ T2533] bridge0: port 1(bridge_slave_0) entered blocking state
[  646.508775][ T2533] bridge0: port 1(bridge_slave_0) entered forwarding state
[  646.549444][ T2533] bridge0: port 2(bridge_slave_1) entered blocking state
[  646.556638][ T2533] bridge0: port 2(bridge_slave_1) entered forwarding state
[  646.761128][T12862] veth0_vlan: entered promiscuous mode
[  646.822057][T12862] veth1_vlan: entered promiscuous mode
[  646.890835][T12801] veth0_vlan: entered promiscuous mode
[  646.933888][T12801] veth1_vlan: entered promiscuous mode
[  646.949382][T13034] loop1: detected capacity change from 0 to 32768
[  646.968878][T12862] veth0_macvtap: entered promiscuous mode
[  647.001200][T12862] veth1_macvtap: entered promiscuous mode
[  647.103521][T12801] veth0_macvtap: entered promiscuous mode
[  647.121665][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.153076][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.182653][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.200071][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.228318][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.259786][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.269616][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.299317][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.310818][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.324911][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.342512][T12862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  647.353979][T12801] veth1_macvtap: entered promiscuous mode
[  647.427804][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.442146][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.456309][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.467114][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.479861][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.490638][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.500555][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.515373][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.525595][T12862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.536242][T12862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.681327][T12862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  647.695751][T12862] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.704927][T12862] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  647.715313][T12862] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  647.724506][T12862] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  647.742168][T12934] 8021q: adding VLAN 0 to HW filter on device batadv0
[  647.754660][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.765643][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.776346][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.787063][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.809813][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.829191][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.856894][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  648.046745][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.057113][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  648.073285][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.083318][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  648.094096][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.105187][T12801] batman_adv: batadv0: Interface activated: batadv_slave_0
[  648.119226][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.129964][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.142631][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.154026][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.164303][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.174817][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.184660][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.195140][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.205046][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.215526][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.225705][T12801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.236173][T12801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.247177][T12801] batman_adv: batadv0: Interface activated: batadv_slave_1
[  648.322259][T12801] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  648.340581][T12801] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  648.349423][T12801] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  648.368101][T12801] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  648.502427][ T5366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.513077][ T5366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.572129][T12934] veth0_vlan: entered promiscuous mode
[  648.633115][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.642756][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.655273][T12934] veth1_vlan: entered promiscuous mode
[  648.665802][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.669730][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.730732][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.750708][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.822505][T12934] veth0_macvtap: entered promiscuous mode
[  648.842846][T12934] veth1_macvtap: entered promiscuous mode
[  648.917041][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  648.938671][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.959767][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  648.979961][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.999782][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.022503][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.054524][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.080263][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.109796][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.134150][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.159833][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.189821][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.209720][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  649.227113][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.263741][T12934] batman_adv: batadv0: Interface activated: batadv_slave_0
[  649.295082][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.326593][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.346813][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.367679][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.388863][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.428791][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.448991][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.472961][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.491277][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.522254][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.542141][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.581047][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.612964][T12934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  649.643785][T12934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  649.665106][T12934] batman_adv: batadv0: Interface activated: batadv_slave_1
[  649.684769][T13064] loop4: detected capacity change from 0 to 32768
[  649.707810][T12934] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  649.709845][T13064] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1793 (13064)
[  649.747258][T12934] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  649.772535][T13064] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  649.774805][T12934] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  649.789745][T13064] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  649.819749][T13064] BTRFS info (device loop4): using free-space-tree
[  649.829841][T12934] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  649.947660][   T30] audit: type=1326 audit(1721457717.279:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13078 comm="syz.1.1860" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f98f75b59 code=0x0
[  650.053545][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.070055][T12801] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  650.097913][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.202146][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.226466][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.891402][   T54] Bluetooth: hci1: Unknown advertising packet type: 0x14
[  650.891435][   T54] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  650.963191][T13098] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1866'.
[  651.322328][T13090] loop2: detected capacity change from 0 to 32768
[  651.620895][T13094] loop4: detected capacity change from 0 to 32768
[  651.638471][T13094] jfs: Unrecognized mount option "gi¤=0x0000000000000000" or missing value
[  651.926921][T13094] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1864'.
[  651.942023][T13094] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1864'.
[  652.228635][T13124] loop2: detected capacity change from 0 to 128
[  652.238252][T13124] EXT4-fs (loop2): Test dummy encryption mode enabled
[  652.267080][T13124] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  652.299276][T13124] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  652.305518][T13128] loop1: detected capacity change from 0 to 1024
[  652.340796][T13128] EXT4-fs: Ignoring removed nobh option
[  652.393737][T13128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  652.582559][   T30] audit: type=1326 audit(1721457719.909:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13135 comm="syz.4.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f262ef75b59 code=0x7ffc0000
[  652.710671][   T30] audit: type=1326 audit(1721457719.909:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13135 comm="syz.4.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f262ef75b59 code=0x7ffc0000
[  652.749085][   T30] audit: type=1326 audit(1721457719.909:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13135 comm="syz.4.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f262ef75b59 code=0x7ffc0000
[  653.390231][ T7945] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.901082][ T5153] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  654.089907][ T5153] usb 4-1: Using ep0 maxpacket: 16
[  654.156358][ T5153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  654.319412][ T5153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  654.444734][ T5153] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  654.489814][ T5153] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.544602][ T5153] usb 4-1: config 0 descriptor??
[  654.784328][T13147] loop3: detected capacity change from 0 to 128
[  654.806651][T13147] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  654.839093][T13147] FAT-fs (loop3): bogus number of directory entries (203)
[  654.855967][T13147] FAT-fs (loop3): Can't find a valid FAT filesystem
[  654.878811][ T5153] usbhid 4-1:0.0: can't add hid device: -71
[  654.895438][ T5153] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  654.938009][ T5153] usb 4-1: USB disconnect, device number 13
[  655.416046][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.433016][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.441573][   T30] audit: type=1326 audit(1721457722.769:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13173 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f98f75b59 code=0x7ffc0000
[  655.475040][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.490026][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.502918][   T30] audit: type=1326 audit(1721457722.769:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13173 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f1f98f75b59 code=0x7ffc0000
[  655.528304][    C1] eth0: bad gso: type: 1, size: 1408
[  655.534891][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.552319][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.570022][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.582492][   T30] audit: type=1326 audit(1721457722.769:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13173 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f98f75b59 code=0x7ffc0000
[  655.594648][T13176] loop3: detected capacity change from 0 to 1024
[  655.607727][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.623601][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.637228][T13178] bridge_slave_1: left allmulticast mode
[  655.642901][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.642935][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.642961][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.642985][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643009][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643033][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643056][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643080][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643104][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643127][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643151][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643175][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643199][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643224][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643247][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.643272][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.660335][T13176] EXT4-fs: Ignoring removed nobh option
[  655.670653][T13178] bridge_slave_1: left promiscuous mode
[  655.771672][   T30] audit: type=1326 audit(1721457722.789:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13173 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f98f75b59 code=0x7ffc0000
[  655.787712][T12934] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  655.817337][T13176] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  655.820181][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.853219][T13178] bridge0: port 2(bridge_slave_1) entered disabled state
[  655.860930][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  655.944363][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.141878][ T4498] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  656.154422][ T4498] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  656.162660][ T4498] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  656.174329][ T4498] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  656.178703][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.183742][ T4498] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  656.189307][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.203458][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.210972][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.212068][ T4498] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  656.218947][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.232897][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.249531][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.292842][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.374828][T13190] syz.2.1899[13190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  656.375540][T13190] syz.2.1899[13190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  656.443196][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.831058][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.884598][ T5153] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  656.937252][ T5153] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  656.939225][  T927] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  656.968420][T12862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.150972][  T927] usb 2-1: Using ep0 maxpacket: 32
[  657.190262][  T927] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  657.197106][T13185] chnl_net:caif_netlink_parms(): no params data found
[  657.199337][  T927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.259032][T13203] ptrace attach of "./syz-executor exec"[12862] was attempted by "./syz-executor exec"[13203]
[  657.276457][  T927] usb 2-1: Product: syz
[  657.298623][  T927] usb 2-1: Manufacturer: syz
[  657.303657][  T927] usb 2-1: SerialNumber: syz
[  657.315606][  T927] usb 2-1: config 0 descriptor??
[  657.414029][T13185] bridge0: port 1(bridge_slave_0) entered blocking state
[  657.430028][T13185] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.437303][T13185] bridge_slave_0: entered allmulticast mode
[  657.446504][T13185] bridge_slave_0: entered promiscuous mode
[  657.456214][T13185] bridge0: port 2(bridge_slave_1) entered blocking state
[  657.469845][T13185] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.487700][T13185] bridge_slave_1: entered allmulticast mode
[  657.496518][T13185] bridge_slave_1: entered promiscuous mode
[  657.545195][T13185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.555391][ T5153] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  657.563977][ T2533] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  657.571719][ T5188] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  657.590791][T13185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  657.638230][T13185] team0: Port device team_slave_0 added
[  657.651502][T13185] team0: Port device team_slave_1 added
[  657.694058][T13185] batman_adv: batadv0: Adding interface: batadv_slave_0
[  657.701320][T13185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  657.728064][T13185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  657.753557][ T5188] usb 4-1: device descriptor read/64, error -71
[  657.762291][T13185] batman_adv: batadv0: Adding interface: batadv_slave_1
[  657.769281][T13185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  657.789900][ T5153] usb 5-1: Using ep0 maxpacket: 8
[  657.799835][T13185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  657.810180][ T2533] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  657.834686][ T5153] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  657.846534][ T2533] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  657.870810][ T5153] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  657.880241][ T2533] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.899823][ T5153] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  657.906171][T13185] hsr_slave_0: entered promiscuous mode
[  657.908094][ T5153] usb 5-1: SerialNumber: syz
[  657.919739][ T2533] usb 3-1: Product: syz
[  657.920238][T13185] hsr_slave_1: entered promiscuous mode
[  657.923902][ T2533] usb 3-1: Manufacturer: syz
[  657.923923][ T2533] usb 3-1: SerialNumber: syz
[  657.931119][ T5153] usb 5-1: config 0 descriptor??
[  657.947704][ T5153] usb 5-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  657.957917][ T5153] uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized!
[  657.967004][T13185] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  657.967563][ T5153] usb 5-1: Failed to create links for entity 255
[  657.985589][T13185] Cannot create hsr debugfs directory
[  657.986204][ T5153] usb 5-1: Failed to register entities (-22).
[  658.023322][  T927] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[  658.049742][ T5188] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  658.199919][ T5188] usb 4-1: device descriptor read/64, error -71
[  658.230935][ T5153] usb 2-1: USB disconnect, device number 26
[  658.270930][   T54] Bluetooth: hci6: command tx timeout
[  658.322530][ T5188] usb usb4-port1: attempt power cycle
[  658.458825][T13185] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.583508][T13185] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.707824][T13185] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.759816][ T5188] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  658.796418][ T5188] usb 4-1: device descriptor read/8, error -71
[  658.834249][T13185] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.938311][ T2533] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  658.946136][ T2533] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  658.956895][ T2533] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  659.134735][T13185] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  659.172308][T13185] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  659.205508][T13185] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  659.240439][T13185] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  659.297618][ T5188] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  659.305979][ T2533] cdc_ncm 3-1:1.0: setting tx_max = 184
[  659.319018][ T2533] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  659.341794][ T2533] usb 3-1: USB disconnect, device number 14
[  659.349089][ T2533] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  659.360326][ T5188] usb 4-1: device descriptor read/8, error -71
[  659.475197][T13215] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device sda1 blocksize: 4096
[  659.489848][T13215] grow_buffers: requested out-of-range block 144115188075855872 for device sda1
[  659.499412][T13215] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[  659.620624][ T5188] usb usb4-port1: unable to enumerate USB device
[  659.632107][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  660.127751][T13185] 8021q: adding VLAN 0 to HW filter on device bond0
[  660.203260][T13185] 8021q: adding VLAN 0 to HW filter on device team0
[  660.244806][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.252004][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  660.329830][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.336965][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  660.370155][ T5115] Bluetooth: hci6: command tx timeout
[  661.082495][ T5188] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  661.294253][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.309763][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.317193][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.331518][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.338938][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.346372][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.353909][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.361493][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.380227][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.387646][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.401731][ T5188] usb 3-1: config 0 has no interfaces?
[  661.430163][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.437568][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.455383][ T5188] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice=98.00
[  661.460585][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.479848][ T5188] usb 3-1: New USB device strings: Mfr=18, Product=255, SerialNumber=255
[  661.508648][ T5188] usb 3-1: Product: syz
[  661.518316][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.519168][ T5188] usb 3-1: Manufacturer: syz
[  661.545168][T13185] 8021q: adding VLAN 0 to HW filter on device batadv0
[  661.552966][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.563781][ T5188] usb 3-1: SerialNumber: syz
[  661.577386][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.580647][ T5188] usb 3-1: config 0 descriptor??
[  661.606709][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.607288][T13234] loop1: detected capacity change from 0 to 512
[  661.637242][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.664126][T13234] EXT4-fs: Ignoring removed nomblk_io_submit option
[  661.666601][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.691197][T13234] EXT4-fs (loop1): Test dummy encryption mode enabled
[  661.701842][T13185] veth0_vlan: entered promiscuous mode
[  661.718475][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.746932][T13234] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #17: comm syz.1.1912: iget: bogus i_mode (0)
[  661.749894][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.766834][T13185] veth1_vlan: entered promiscuous mode
[  661.781824][T13234] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1912: couldn't read orphan inode 17 (err -117)
[  661.820320][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.831811][T13234] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  661.849306][ T5153] usb 3-1: USB disconnect, device number 15
[  661.871566][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.878950][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.901867][T13185] veth0_macvtap: entered promiscuous mode
[  661.921821][T13185] veth1_macvtap: entered promiscuous mode
[  661.929964][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.937386][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.977613][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  661.987735][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.008780][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  662.008809][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  662.008834][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  662.008858][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  662.008882][ T5097] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  662.012138][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012155][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012171][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012184][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012198][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012209][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012223][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012236][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012249][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012262][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012276][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.012289][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.012462][ T5097] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  662.013686][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.013702][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  662.013717][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.020044][T13185] batman_adv: batadv0: Interface activated: batadv_slave_0
[  662.034361][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034381][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034401][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034416][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034429][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034444][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034456][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034470][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034483][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034497][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034510][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034524][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034536][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034550][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.034563][T13185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  662.034578][T13185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  662.035986][T13185] batman_adv: batadv0: Interface activated: batadv_slave_1
[  662.055528][T13185] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  662.055558][T13185] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  662.055582][T13185] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  662.055606][T13185] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  662.225038][ T5366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  662.225058][ T5366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  662.277699][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  662.277719][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  662.440202][ T5115] Bluetooth: hci6: command tx timeout
[  662.648742][T13248] bridge_slave_1: left allmulticast mode
[  662.648765][T13248] bridge_slave_1: left promiscuous mode
[  662.648964][T13248] bridge0: port 2(bridge_slave_1) entered disabled state
[  663.049745][T11416] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  663.230151][T11416] usb 3-1: Using ep0 maxpacket: 32
[  663.242909][T11416] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  663.242939][T11416] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.242967][T11416] usb 3-1: Product: syz
[  663.242984][T11416] usb 3-1: Manufacturer: syz
[  663.243001][T11416] usb 3-1: SerialNumber: syz
[  663.245367][T11416] usb 3-1: config 0 descriptor??
[  663.890277][T11416] rtl8150 3-1:0.0: eth1: rtl8150 is detected
[  664.046977][T13238] tty tty27: ldisc open failed (-12), clearing slot 26
[  664.060466][T13240] tty tty27: ldisc open failed (-12), clearing slot 26
[  664.098209][T11416] usb 3-1: USB disconnect, device number 16
[  664.114463][ T7945] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.509854][ T5115] Bluetooth: hci6: command tx timeout
[  665.131083][ T5188] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  665.770014][ T5188] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  665.787350][ T5188] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  665.796479][ T5188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.805536][ T5188] usb 1-1: Product: syz
[  665.809980][ T5188] usb 1-1: Manufacturer: syz
[  665.814597][ T5188] usb 1-1: SerialNumber: syz
[  665.888164][T13276] loop3: detected capacity change from 0 to 1024
[  665.908253][T13276] EXT4-fs: Ignoring removed nobh option
[  665.957179][T13276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  666.241120][ T5097] usb 5-1: USB disconnect, device number 19
[  667.202653][T13305] loop4: detected capacity change from 0 to 128
[  667.247081][T13305] EXT4-fs (loop4): Test dummy encryption mode enabled
[  667.277521][T13305] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  667.299976][T13305] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  667.570033][ T5188] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  667.577273][ T5188] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  667.589762][ T5188] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  667.854806][ T5188] cdc_ncm 1-1:1.0: setting tx_max = 184
[  668.446837][ T5188] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  668.466396][ T5188] usb 1-1: USB disconnect, device number 21
[  668.473340][ T5188] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  668.969902][ T5153] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  669.379718][ T5153] usb 3-1: Using ep0 maxpacket: 8
[  669.387268][ T5153] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  669.413126][ T5153] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  669.437845][ T5153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  669.446433][ T5153] usb 3-1: SerialNumber: syz
[  669.811190][ T5153] usb 3-1: config 0 descriptor??
[  670.106767][T13340] overlayfs: missing 'lowerdir'
[  670.128532][ T5153] usb 3-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  670.136681][ T5153] uvcvideo 3-1:0.0: Entity type for entity Output 255 was not initialized!
[  670.145528][ T5153] usb 3-1: Failed to create links for entity 255
[  670.152042][ T5153] usb 3-1: Failed to register entities (-22).
[  670.521849][T13333] loop0: detected capacity change from 0 to 32768
[  670.542436][T12862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.015502][T13353] loop3: detected capacity change from 0 to 512
[  671.045887][T13353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  671.090914][T13353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  671.159882][T13353] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  671.611585][T12801] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  671.656175][T13367] loop1: detected capacity change from 0 to 1024
[  671.664937][T13367] hfsplus: part requires an argument
[  671.670785][T13367] hfsplus: unable to parse mount options
[  671.731563][T13368] loop0: detected capacity change from 0 to 4096
[  671.760750][T13368] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  671.808658][T12862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.840535][ T5153] usb 3-1: USB disconnect, device number 17
[  671.894536][T13370] loop4: detected capacity change from 0 to 4096
[  671.924380][T13373] netlink: 'syz.2.1952': attribute type 10 has an invalid length.
[  671.962093][   T30] audit: type=1804 audit(1721457739.299:946): pid=13368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1949" name="/newroot/7/file1/file1" dev="loop0" ino=33 res=1 errno=0
[  672.039915][T13373] team0: Failed to send options change via netlink (err -105)
[  672.053175][T13377] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  672.067706][T13373] team0: Port device netdevsim0 added
[  672.283411][  T927] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  672.374412][T13376] netlink: 'syz.2.1952': attribute type 10 has an invalid length.
[  672.440120][T13376] team0: Failed to send options change via netlink (err -105)
[  672.468132][T13376] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  672.488578][T13376] team0: Port device netdevsim0 removed
[  672.509866][ T4498] Bluetooth: hci4: command 0x0405 tx timeout
[  672.521549][T13376] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  673.587031][T13412] loop2: detected capacity change from 0 to 4096
[  673.659378][T13412] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  674.443977][T13386] loop1: detected capacity change from 0 to 32768
[  674.467377][T13424] loop0: detected capacity change from 0 to 1024
[  674.476201][T13424] hfsplus: part requires an argument
[  674.481629][T13424] hfsplus: unable to parse mount options
[  674.816749][   T30] audit: type=1326 audit(1721457742.149:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13429 comm="syz.0.1969" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7145d75b59 code=0x0
[  674.853193][T13433] loop3: detected capacity change from 0 to 256
[  674.870329][T13433] exfat: Deprecated parameter 'utf8'
[  674.875677][T13433] exfat: Deprecated parameter 'utf8'
[  674.900981][T13433] exfat: Deprecated parameter 'utf8'
[  674.908787][T13433] exfat: Deprecated parameter 'utf8'
[  675.323179][T13433] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[  677.236814][T13463] loop1: detected capacity change from 0 to 1024
[  677.250996][T13463] hfsplus: part requires an argument
[  677.256460][T13463] hfsplus: unable to parse mount options
[  677.858313][T13469] loop3: detected capacity change from 0 to 4096
[  677.886061][T13469] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  678.814827][T13457] loop2: detected capacity change from 0 to 32768
[  678.851525][T13484] netlink: 'syz.0.1987': attribute type 10 has an invalid length.
[  678.873555][T13457] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  678.928751][T13484] team0: Port device netdevsim0 added
[  679.075213][T13506] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  679.104825][T13499] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  679.152694][T13457] XFS (loop2): Ending clean mount
[  679.184849][T13457] XFS (loop2): Quotacheck needed: Please wait.
[  679.243546][T13457] XFS (loop2): Quotacheck: Done.
[  679.394268][T12934] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  679.500364][T13511] loop1: detected capacity change from 0 to 1024
[  679.507610][T13511] hfsplus: part requires an argument
[  679.512950][T13511] hfsplus: unable to parse mount options
[  679.691187][T13516] loop4: detected capacity change from 0 to 4096
[  679.704533][T13516] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  680.020127][   T25] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  680.308832][   T25] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  680.338715][   T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  680.361571][   T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  680.383061][   T25] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  680.402091][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.424599][T13521] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  680.453713][   T25] hub 4-1:1.0: bad descriptor, ignoring hub
[  680.469056][   T25] hub 4-1:1.0: probe with driver hub failed with error -5
[  680.488316][   T25] cdc_wdm 4-1:1.0: skipping garbage
[  680.517684][   T25] cdc_wdm 4-1:1.0: skipping garbage
[  680.546639][   T25] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  680.569376][   T25] cdc_wdm 4-1:1.0: Unknown control protocol
[  680.624439][T13546] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  680.652625][T13542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  681.026284][T13531] loop4: detected capacity change from 0 to 40427
[  681.361602][T13531] F2FS-fs (loop4): Found nat_bits in checkpoint
[  681.740159][T11416] usb 4-1: USB disconnect, device number 18
[  681.760034][T13531] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  681.873113][T13538] loop1: detected capacity change from 0 to 32768
[  681.894657][T13538] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  681.925400][   T30] audit: type=1800 audit(1721457749.259:948): pid=13531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2002" name="bus" dev="loop4" ino=10 res=0 errno=0
[  682.023463][T13531] syz.4.2002: attempt to access beyond end of device
[  682.023463][T13531] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  682.045581][T13531] syz.4.2002: attempt to access beyond end of device
[  682.045581][T13531] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  682.085667][T13538] XFS (loop1): Ending clean mount
[  682.109035][T13538] XFS (loop1): Quotacheck needed: Please wait.
[  682.180244][T13538] XFS (loop1): Quotacheck: Done.
[  682.335127][T13579] Process accounting resumed
[  682.374437][T13577] loop2: detected capacity change from 0 to 1024
[  682.377146][ T1093] kworker/u8:6: attempt to access beyond end of device
[  682.377146][ T1093] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  682.381831][T13577] hfsplus: part requires an argument
[  682.400561][T13577] hfsplus: unable to parse mount options
[  682.408342][ T1093] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  682.439818][ T7945] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  682.658171][T13586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  683.559861][T13586] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  683.972992][T13609] Bluetooth: MGMT ver 1.23
[  684.081592][T13617] Process accounting resumed
[  685.065248][T13647] pimreg: entered allmulticast mode
[  685.099763][ T5097] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  685.551698][ T5097] usb 2-1: Using ep0 maxpacket: 8
[  686.087967][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  687.941506][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  688.009194][ T5097] usb 2-1: device descriptor read/all, error -71
[  688.337451][T13660] loop1: detected capacity change from 0 to 4096
[  688.358122][T13660] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  688.453257][   T30] audit: type=1804 audit(1721457755.789:949): pid=13660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2042" name="/newroot/328/file1/file1" dev="loop1" ino=33 res=1 errno=0
[  688.718017][T13684] loop3: detected capacity change from 0 to 2048
[  688.754428][T13686] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  688.888268][T13684] syz.3.2053 (13684) used greatest stack depth: 18160 bytes left
[  689.748584][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2057'.
[  689.854463][T13708] loop2: detected capacity change from 0 to 4096
[  689.888808][T13708] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  690.035991][   T30] audit: type=1804 audit(1721457757.369:950): pid=13708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2060" name="/newroot/36/file1/file1" dev="loop2" ino=33 res=1 errno=0
[  690.385240][T13727] loop2: detected capacity change from 0 to 2048
[  690.419361][T13732] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  691.434176][T13754] loop4: detected capacity change from 0 to 4096
[  691.469952][T13754] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  691.616189][T13760] loop3: detected capacity change from 0 to 2048
[  691.662701][   T30] audit: type=1804 audit(1721457758.999:951): pid=13754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2076" name="/newroot/45/file1/file1" dev="loop4" ino=33 res=1 errno=0
[  691.744010][T13765] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  693.182972][T13797] loop4: detected capacity change from 0 to 1024
[  693.246996][T13797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  693.301438][T13807] loop0: detected capacity change from 0 to 2048
[  693.342025][T13811] netlink: 'syz.2.2099': attribute type 10 has an invalid length.
[  693.397063][T13814] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  693.472487][T12801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  693.936738][   T30] audit: type=1326 audit(1721457761.269:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13838 comm="syz.0.2112" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7145d75b59 code=0x0
[  693.996611][T13841] loop1: detected capacity change from 0 to 2048
[  694.018568][T13842] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  694.410339][T13851] loop1: detected capacity change from 0 to 1024
[  694.426919][T13851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.537861][ T7945] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.859311][T13873] loop3: detected capacity change from 0 to 2048
[  694.867224][T13875] loop1: detected capacity change from 0 to 1024
[  694.885684][T13875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.897736][T13879] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  694.936199][ T7945] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.415385][ T5115] Bluetooth: hci7: command 0x0406 tx timeout
[  696.213631][T13895] netlink: 'syz.0.2136': attribute type 4 has an invalid length.
[  696.300862][    C1] eth0: bad gso: type: 1, size: 1408
[  696.329486][T13899] netlink: 'syz.0.2136': attribute type 4 has an invalid length.
[  696.735914][T13910] loop4: detected capacity change from 0 to 2048
[  696.803071][T13914] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  698.570480][T13933] overlayfs: failed to resolve './file2': -2
[  698.619523][T13933] Process accounting resumed
[  699.365945][T13947] can0: slcan on ptm0.
[  699.382303][T13945] loop1: detected capacity change from 0 to 2048
[  699.473797][    C1] eth0: bad gso: type: 1, size: 1408
[  699.493025][T13954] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  699.600358][T13946] can0 (unregistered): slcan off ptm0.
[  699.809817][  T927] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  700.001747][  T927] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  700.026451][  T927] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  700.073378][  T927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  700.159989][  T927] usb 4-1: Product: syz
[  700.164387][  T927] usb 4-1: Manufacturer: syz
[  700.169142][  T927] usb 4-1: SerialNumber: syz
[  703.230630][ T4498] Bluetooth: hci5: command 0x0409 tx timeout
[  703.268138][  T927] cdc_ncm 4-1:1.0: bind() failure
[  703.287914][  T927] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  703.310486][  T927] cdc_ncm 4-1:1.1: bind() failure
[  703.319224][  T927] usb 4-1: USB disconnect, device number 19
[  703.401951][T13996] loop2: detected capacity change from 0 to 2048
[  703.552534][T14003] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  703.763232][T13999] loop3: detected capacity change from 0 to 40427
[  705.304997][ T5188] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  705.640522][T14030] loop2: detected capacity change from 0 to 512
[  705.703834][T14029] loop3: detected capacity change from 0 to 128
[  705.714166][T14030] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  705.714336][T14029] EXT4-fs (loop3): Test dummy encryption mode enabled
[  705.741043][T14030] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent
[  705.755817][T14029] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  705.775072][ T5188] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  705.799204][T14029] ext4 filesystem being mounted at /58/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  705.826132][ T5188] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  705.850133][ T5188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.858166][ T5188] usb 1-1: Product: syz
[  706.080418][ T5188] usb 1-1: Manufacturer: syz
[  706.085208][ T5188] usb 1-1: SerialNumber: syz
[  706.121366][T14040] loop4: detected capacity change from 0 to 2048
[  706.225686][T14044] overlayfs: failed to resolve './file0': -2
[  706.512826][T14046] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  706.692508][T12862] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  706.892816][ T1032] Bluetooth: hci8: Frame reassembly failed (-84)
[  707.442873][T14030] loop2: detected capacity change from 0 to 40427
[  707.476644][T14030] F2FS-fs (loop2): Unrecognized mount option "nodisgroundBgc=sync" or missing value
[  707.710224][ T5188] cdc_ncm 1-1:1.0: failed to get mac address
[  707.718184][ T5188] cdc_ncm 1-1:1.0: bind() failure
[  707.743408][ T5188] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  707.760252][ T5188] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  707.779892][ T5188] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  707.819951][ T5188] usb 1-1: USB disconnect, device number 22
[  708.910076][ T4498] Bluetooth: hci8: command 0x1003 tx timeout
[  708.915923][   T54] Bluetooth: hci8: Opcode 0x1003 failed: -110
[  709.816816][T14070] loop4: detected capacity change from 0 to 512
[  709.868893][T14070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  709.882074][T14070] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  709.947104][T14081] loop3: detected capacity change from 0 to 512
[  710.027407][T14081] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  710.052371][T14081] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent
[  710.978649][T12801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  711.020809][T11416] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  711.281218][T11416] usb 3-1: Using ep0 maxpacket: 8
[  711.324700][T11416] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  711.526303][T11416] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  711.629997][T11416] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  711.679650][T11416] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.730834][T11416] usb 3-1: config 0 descriptor??
[  711.864894][T14100] loop1: detected capacity change from 0 to 512
[  711.898134][T14079] loop0: detected capacity change from 0 to 40427
[  711.929990][T14100] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  711.968094][T14100] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent
[  712.155494][T11416] logitech 0003:046D:C20E.0008: rdesc size test failed for formula gp
[  712.198332][T11416] logitech 0003:046D:C20E.0008: item fetching failed at offset 8/11
[  712.216635][T11416] logitech 0003:046D:C20E.0008: parse failed
[  712.224956][T11416] logitech 0003:046D:C20E.0008: probe with driver logitech failed with error -22
[  712.310823][T14081] loop3: detected capacity change from 0 to 40427
[  712.342734][T14081] F2FS-fs (loop3): Unrecognized mount option "nodisgroundBgc=sync" or missing value
[  712.395555][T11416] usb 3-1: USB disconnect, device number 18
[  712.837108][T14100] loop1: detected capacity change from 0 to 40427
[  712.847419][T14100] F2FS-fs (loop1): Unrecognized mount option "nodisgroundBgc=sync" or missing value
[  713.164695][T14116] loop2: detected capacity change from 0 to 1024
[  713.242951][T14116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.433304][T12934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.963811][T14138] vlan2: entered promiscuous mode
[  714.988297][T14138] batadv0: entered promiscuous mode
[  715.009455][T14112] loop4: detected capacity change from 0 to 32768
[  715.020336][T14138] vlan2: entered allmulticast mode
[  715.058235][T14138] batadv0: entered allmulticast mode
[  715.104825][T14138] batadv0: left allmulticast mode
[  715.132313][T14138] batadv0: left promiscuous mode
[  715.161127][T14112] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  715.232713][T14112] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  715.335618][T14112] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  715.367714][ T5097] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  715.390092][ T5097] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  715.615510][ T5097] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 225ms
[  715.659315][ T5097] gfs2: fsid=syz:syz.0: jid=0: Done
[  715.676302][T14112] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  715.730726][ T4498] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  715.746764][ T4498] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  715.759732][ T4498] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  715.819827][ T4498] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  715.840223][ T4498] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  715.854924][ T4498] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  716.075904][T14150] loop1: detected capacity change from 0 to 32768
[  716.200324][T14150] syz.1.2225: attempt to access beyond end of device
[  716.200324][T14150] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  716.218319][T14160] loop3: detected capacity change from 0 to 512
[  716.238726][T14150] lbmIODone: I/O error in JFS log
[  716.247083][T14160] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  716.247873][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.258329][T14150] *** Log Format Error ! ***
[  716.272992][T14160] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent
[  716.285537][T14150] lmLogInit: exit(-22)
[  716.305001][T14150] lmLogOpen: exit(-22)
[  716.522817][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.668545][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.830834][   T12] bond0: (slave netdevsim0): Releasing backup interface
[  716.886073][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.412180][T14160] loop3: detected capacity change from 0 to 40427
[  717.435323][T14153] chnl_net:caif_netlink_parms(): no params data found
[  717.440028][T14160] F2FS-fs (loop3): Unrecognized mount option "nodisgroundBgc=sync" or missing value
[  717.782748][   T12] bridge_slave_0: left allmulticast mode
[  717.788526][   T12] bridge_slave_0: left promiscuous mode
[  717.829918][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  717.949831][   T54] Bluetooth: hci3: command tx timeout
[  718.603830][T14191] loop1: detected capacity change from 0 to 32768
[  718.659466][T14191] syz.1.2239: attempt to access beyond end of device
[  718.659466][T14191] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  718.672971][   T54] Bluetooth: hci7: command 0x0406 tx timeout
[  718.734352][T14191] lbmIODone: I/O error in JFS log
[  718.739426][T14191] *** Log Format Error ! ***
[  718.770281][T14191] lmLogInit: exit(-22)
[  718.790837][T14191] lmLogOpen: exit(-22)
[  718.800606][T14184] loop0: detected capacity change from 0 to 32768
[  718.829146][T14184] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  718.845748][T14198] capability: warning: `syz.3.2240' uses deprecated v2 capabilities in a way that may be insecure
[  718.861030][T14184] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  718.889084][T14184] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  718.952189][ T5154] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  718.970756][ T5154] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  719.089807][ T5154] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms
[  719.099870][ T5154] gfs2: fsid=syz:syz.0: jid=0: Done
[  719.114185][T14184] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  719.256889][T14206] loop3: detected capacity change from 0 to 4096
[  719.306705][T14206] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  719.368617][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  719.403315][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  719.423931][   T12] bond0 (unregistering): Released all slaves
[  719.449932][   T30] audit: type=1804 audit(1721457786.779:953): pid=14206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2244" name="/newroot/71/file1/file1" dev="loop3" ino=30 res=1 errno=0
[  719.796996][T14153] bridge0: port 1(bridge_slave_0) entered blocking state
[  719.818002][T14153] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.830090][T14153] bridge_slave_0: entered allmulticast mode
[  719.837466][T14153] bridge_slave_0: entered promiscuous mode
[  719.856102][T14153] bridge0: port 2(bridge_slave_1) entered blocking state
[  719.917822][T14153] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.926588][T14153] bridge_slave_1: entered allmulticast mode
[  719.934429][T14153] bridge_slave_1: entered promiscuous mode
[  720.031617][   T54] Bluetooth: hci3: command tx timeout
[  720.103078][T14153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  720.140306][   T12] hsr_slave_0: left promiscuous mode
[  720.168149][   T12] hsr_slave_1: left promiscuous mode
[  720.190986][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  720.217479][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  720.236986][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  720.253691][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  720.314194][   T12] veth1_macvtap: left promiscuous mode
[  720.329712][   T12] veth0_macvtap: left promiscuous mode
[  720.339729][ T5154] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  720.348612][   T12] veth1_vlan: left promiscuous mode
[  720.359921][   T12] veth0_vlan: left promiscuous mode
[  720.477700][T14225] loop0: detected capacity change from 0 to 32768
[  720.508551][T14225] syz.0.2250: attempt to access beyond end of device
[  720.508551][T14225] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  720.543320][T14225] lbmIODone: I/O error in JFS log
[  720.548639][T14225] *** Log Format Error ! ***
[  720.554053][ T5154] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  720.565667][T14225] lmLogInit: exit(-22)
[  720.586094][ T5154] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  720.596176][T14225] lmLogOpen: exit(-22)
[  720.626817][ T5154] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  720.648613][ T5154] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  720.660888][   T12] pimreg (unregistering): left allmulticast mode
[  720.670556][ T5154] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.709420][T14229] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  720.722780][ T5154] hub 2-1:1.0: bad descriptor, ignoring hub
[  720.728927][ T5154] hub 2-1:1.0: probe with driver hub failed with error -5
[  720.737826][ T5154] cdc_wdm 2-1:1.0: skipping garbage
[  720.757551][ T5154] cdc_wdm 2-1:1.0: skipping garbage
[  720.773685][ T5154] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  720.790130][ T5154] cdc_wdm 2-1:1.0: Unknown control protocol
[  721.083010][ T5153] usb 2-1: USB disconnect, device number 29
[  721.337627][   T12] team0 (unregistering): Port device team_slave_1 removed
[  721.398734][   T12] team0 (unregistering): Port device team_slave_0 removed
[  721.461723][ T5153] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  721.667365][ T5153] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  721.677764][ T5153] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  721.703419][ T5153] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  721.735807][ T5153] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  721.759830][ T5153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.809276][T14229] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  721.820866][ T5153] hub 2-1:1.0: bad descriptor, ignoring hub
[  721.849571][ T5153] hub 2-1:1.0: probe with driver hub failed with error -5
[  721.858315][ T5153] cdc_wdm 2-1:1.0: skipping garbage
[  721.888910][ T5153] cdc_wdm 2-1:1.0: skipping garbage
[  721.896643][ T5153] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  721.912332][ T5153] cdc_wdm 2-1:1.0: Unknown control protocol
[  722.116687][   T54] Bluetooth: hci3: command tx timeout
[  722.724294][T14153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  722.757259][T14229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  722.790092][T14229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  722.911375][T14153] team0: Port device team_slave_0 added
[  722.922515][T14153] team0: Port device team_slave_1 added
[  723.122323][ T5097] usb 2-1: USB disconnect, device number 30
[  723.407725][T14153] batman_adv: batadv0: Adding interface: batadv_slave_0
[  723.498687][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  723.649081][T14153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  723.674009][T14153] batman_adv: batadv0: Adding interface: batadv_slave_1
[  723.742519][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  723.785235][T14153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  723.951418][T14153] hsr_slave_0: entered promiscuous mode
[  724.011372][T14153] hsr_slave_1: entered promiscuous mode
[  724.040159][T14153] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  724.073974][T14153] Cannot create hsr debugfs directory
[  724.192133][ T4498] Bluetooth: hci3: command tx timeout
[  724.428479][   T12] team0: left allmulticast mode
[  724.517961][   T12] team_slave_0: left allmulticast mode
[  724.620221][   T12] team_slave_1: left allmulticast mode
[  724.715410][   T12] bridge0: port 3(team0) entered disabled state
[  725.515544][   T12] bridge_slave_1: left allmulticast mode
[  725.557299][   T12] bridge_slave_1: left promiscuous mode
[  725.576967][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.641268][   T12] bridge_slave_0: left allmulticast mode
[  725.660010][   T12] bridge_slave_0: left promiscuous mode
[  725.689851][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  726.079770][ T5097] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  726.103981][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  726.115923][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  726.126696][   T12] bond0 (unregistering): Released all slaves
[  726.281229][T14314] loop4: detected capacity change from 0 to 512
[  726.298752][ T5097] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 64, changing to 10
[  726.319877][ T5097] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  726.346540][ T5097] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  726.359535][ T5097] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  726.380261][ T5097] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.415479][T14314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  726.449202][T14314] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  726.452738][ T5097] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -12
[  727.249325][   T25] usb 2-1: USB disconnect, device number 31
[  727.385999][T12801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.056389][   T12] hsr_slave_0: left promiscuous mode
[  728.092339][   T12] hsr_slave_1: left promiscuous mode
[  728.105465][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  728.128223][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  728.167176][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  728.191352][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  728.285149][   T12] veth1_macvtap: left promiscuous mode
[  728.291628][   T12] veth0_macvtap: left promiscuous mode
[  728.297329][   T12] veth1_vlan: left promiscuous mode
[  728.304805][T14346] overlayfs: failed to resolve './file2': -2
[  728.309839][   T12] veth0_vlan: left promiscuous mode
[  728.322325][T14346] Process accounting resumed
[  729.954354][T14373] overlayfs: failed to resolve './file2': -2
[  729.961219][   T12] team_slave_1 (unregistering): left promiscuous mode
[  729.984115][   T12] team0 (unregistering): Port device team_slave_1 removed
[  729.985824][T14373] Process accounting resumed
[  730.057802][   T12] team_slave_0 (unregistering): left promiscuous mode
[  730.067820][   T12] team0 (unregistering): Port device team_slave_0 removed
[  731.642567][T14399] loop4: detected capacity change from 0 to 164
[  731.642887][T14153] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  731.685241][T14398] loop1: detected capacity change from 0 to 2048
[  731.692218][T11343] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  731.700612][T14153] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  731.731864][T14153] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  731.741508][T14398] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  731.756350][T14398] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  731.806315][T14153] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  731.863227][   T30] audit: type=1800 audit(1721457799.209:954): pid=14398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2319" name="\" dev="loop1" ino=1318 res=0 errno=0
[  731.895179][T11343] usb 1-1: Using ep0 maxpacket: 16
[  731.924050][T11343] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  731.937629][   T12] IPVS: stop unused estimator thread 0...
[  731.944281][T11343] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.979573][T11343] usb 1-1: Product: syz
[  731.983839][T11343] usb 1-1: Manufacturer: syz
[  731.988460][T11343] usb 1-1: SerialNumber: syz
[  732.032018][T11343] r8152-cfgselector 1-1: Unknown version 0x0000
[  732.048389][T11343] r8152-cfgselector 1-1: config 0 descriptor??
[  732.155144][T14153] 8021q: adding VLAN 0 to HW filter on device bond0
[  732.205550][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.269352][T14153] 8021q: adding VLAN 0 to HW filter on device team0
[  732.310596][T11343] r8152-cfgselector 1-1: Needed 1 retries to read version
[  732.329972][T11343] r8152-cfgselector 1-1: Unknown version 0x6810
[  732.346869][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.361833][T11343] r8152-cfgselector 1-1: bad CDC descriptors
[  732.386870][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  732.394037][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  732.473357][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  732.480643][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  732.534948][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.623446][ T5155] r8152-cfgselector 1-1: USB disconnect, device number 23
[  732.685285][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.747452][   T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  732.761997][   T54] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  732.779205][   T54] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  732.791522][   T54] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  732.818146][   T54] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  732.825648][   T54] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  732.856638][T14416] pim6reg1: entered promiscuous mode
[  732.875972][T14416] pim6reg1: entered allmulticast mode
[  733.063346][   T12] bridge_slave_1: left allmulticast mode
[  733.069023][   T12] bridge_slave_1: left promiscuous mode
[  733.086569][T14427] loop3: detected capacity change from 0 to 2048
[  733.086816][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.107477][T14430] Process accounting resumed
[  733.124137][   T12] bridge_slave_0: left allmulticast mode
[  733.125975][T14427] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  733.134456][   T12] bridge_slave_0: left promiscuous mode
[  733.162824][T14427] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  733.178158][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  733.232683][   T30] audit: type=1800 audit(1721457800.569:955): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2331" name="\" dev="loop3" ino=1318 res=0 errno=0
[  733.758128][T14436] loop1: detected capacity change from 0 to 32768
[  733.797601][T14436] syz.1.2336: attempt to access beyond end of device
[  733.797601][T14436] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  733.819006][T14436] lbmIODone: I/O error in JFS log
[  733.824098][T14436] *** Log Format Error ! ***
[  733.829113][T14436] lmLogInit: exit(-22)
[  733.833298][T14436] lmLogOpen: exit(-22)
[  733.909559][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  733.927296][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  733.952415][   T12] bond0 (unregistering): Released all slaves
[  734.042617][T14448] Driver unsupported XDP return value 0 on prog  (id 219) dev N/A, expect packet loss!
[  734.104407][T14450] Process accounting resumed
[  734.177301][T14153] 8021q: adding VLAN 0 to HW filter on device batadv0
[  734.326770][T14460] loop1: detected capacity change from 0 to 2048
[  734.348554][T14460] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  734.386076][T14460] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  734.498432][   T30] audit: type=1800 audit(1721457801.829:956): pid=14460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2345" name="\" dev="loop1" ino=1318 res=0 errno=0
[  734.797679][T14418] chnl_net:caif_netlink_parms(): no params data found
[  734.912456][ T4498] Bluetooth: hci7: command tx timeout
[  735.346473][   T12] hsr_slave_0: left promiscuous mode
[  735.404542][   T12] hsr_slave_1: left promiscuous mode
[  735.429998][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  735.457827][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  735.490557][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  735.497969][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  735.618824][T14477] Process accounting resumed
[  735.654742][   T12] veth1_macvtap: left promiscuous mode
[  735.670526][   T12] veth0_macvtap: left promiscuous mode
[  735.676541][   T12] veth1_vlan: left promiscuous mode
[  735.689933][   T12] veth0_vlan: left promiscuous mode
[  735.985258][T14467] loop0: detected capacity change from 0 to 32768
[  736.019100][T14467] syz.0.2348: attempt to access beyond end of device
[  736.019100][T14467] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  736.061910][T14467] lbmIODone: I/O error in JFS log
[  736.070483][T14467] *** Log Format Error ! ***
[  736.075560][T14467] lmLogInit: exit(-22)
[  736.081852][T14467] lmLogOpen: exit(-22)
[  736.641999][T14487] loop1: detected capacity change from 0 to 32768
[  736.650095][T14487] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2357 (14487)
[  736.834241][T14487] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  736.923101][T14487] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  736.994227][ T4498] Bluetooth: hci7: command tx timeout
[  737.012963][T14487] BTRFS info (device loop1): using free-space-tree
[  737.273022][   T12] team0 (unregistering): Port device team_slave_1 removed
[  737.395511][   T12] team0 (unregistering): Port device team_slave_0 removed
[  737.501740][T14487] fuse: Bad value for 'fd'
[  737.523032][T14513] Process accounting resumed
[  737.745828][T14487] fs-verity: sha512 using implementation "sha512-avx2"
[  737.777643][T14487] BTRFS info (device loop1): setting compat-ro feature flag for VERITY (0x4)
[  737.903629][ T7945] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  738.246966][T14519] loop0: detected capacity change from 0 to 32768
[  738.408477][T14153] veth0_vlan: entered promiscuous mode
[  738.456328][T14153] veth1_vlan: entered promiscuous mode
[  738.796850][T14418] bridge0: port 1(bridge_slave_0) entered blocking state
[  738.841970][T14418] bridge0: port 1(bridge_slave_0) entered disabled state
[  738.963562][T14418] bridge_slave_0: entered allmulticast mode
[  739.074865][T14418] bridge_slave_0: entered promiscuous mode
[  739.100628][ T4498] Bluetooth: hci7: command tx timeout
[  739.326765][T14418] bridge0: port 2(bridge_slave_1) entered blocking state
[  739.451883][T14418] bridge0: port 2(bridge_slave_1) entered disabled state
[  739.459097][T14418] bridge_slave_1: entered allmulticast mode
[  739.518177][T14418] bridge_slave_1: entered promiscuous mode
[  739.592025][T14153] veth0_macvtap: entered promiscuous mode
[  739.638798][T14532] loop3: detected capacity change from 0 to 2048
[  739.680228][T14153] veth1_macvtap: entered promiscuous mode
[  739.693669][T14418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  739.700382][T14532] EXT4-fs error (device loop3): __ext4_fill_super:5435: inode #2: comm syz.3.2368: casefold flag without casefold feature
[  739.707906][T14418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  739.757614][T14532] EXT4-fs (loop3): get root inode failed
[  739.767631][T14532] EXT4-fs (loop3): mount failed
[  739.917441][T14418] team0: Port device team_slave_0 added
[  739.961880][T14418] team0: Port device team_slave_1 added
[  739.980094][T14529] loop0: detected capacity change from 0 to 32768
[  740.025216][T14529] syz.0.2366: attempt to access beyond end of device
[  740.025216][T14529] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  740.041261][T14418] batman_adv: batadv0: Adding interface: batadv_slave_0
[  740.049758][T14529] lbmIODone: I/O error in JFS log
[  740.054806][T14529] *** Log Format Error ! ***
[  740.059741][T14418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  740.090033][T14529] lmLogInit: exit(-22)
[  740.094156][T14529] lmLogOpen: exit(-22)
[  740.160044][T14418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  740.182517][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.207296][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.228189][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.248944][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.270001][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.289654][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.309679][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.347694][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.380049][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.409878][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.430069][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  740.449905][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.471417][T14153] batman_adv: batadv0: Interface activated: batadv_slave_0
[  740.479296][T14418] batman_adv: batadv0: Adding interface: batadv_slave_1
[  740.497430][T14418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  740.549655][T14418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  740.615294][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.641213][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.657129][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.693749][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.714216][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.735069][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.755097][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.786076][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.808549][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.838418][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.877343][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  740.899049][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  740.931296][T14153] batman_adv: batadv0: Interface activated: batadv_slave_1
[  741.061827][T14153] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  741.084973][T14153] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  741.111803][T14153] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  741.138355][T14153] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  741.149834][ T4498] Bluetooth: hci7: command tx timeout
[  741.169323][T14418] hsr_slave_0: entered promiscuous mode
[  741.210073][T14418] hsr_slave_1: entered promiscuous mode
[  741.253623][T14418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  741.276380][T14418] Cannot create hsr debugfs directory
[  741.762463][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  741.782375][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  741.911024][ T5366] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  741.926205][ T5366] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  742.229165][T14542] loop1: detected capacity change from 0 to 512
[  742.285391][T14542] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  742.333710][T14418] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  742.338268][T14542] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent
[  742.340613][ T5097] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  742.365649][T14418] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  742.395883][T14418] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  742.416326][T14418] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  742.560166][ T5097] usb 3-1: Using ep0 maxpacket: 8
[  742.587728][ T5097] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.615503][T14418] 8021q: adding VLAN 0 to HW filter on device bond0
[  742.623213][ T5097] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  742.644011][ T5097] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  742.656883][ T5097] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.690473][ T5097] usb 3-1: config 0 descriptor??
[  742.700248][T14418] 8021q: adding VLAN 0 to HW filter on device team0
[  742.720642][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.727826][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  742.768220][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.775493][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  742.850020][  T927] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  743.041274][  T927] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  743.091992][  T927] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  743.109719][  T927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  743.126872][ T5097] logitech 0003:046D:C20E.0009: rdesc size test failed for formula gp
[  743.151666][ T5097] logitech 0003:046D:C20E.0009: item fetching failed at offset 8/11
[  743.173821][ T5097] logitech 0003:046D:C20E.0009: parse failed
[  743.182536][T14418] 8021q: adding VLAN 0 to HW filter on device batadv0
[  743.189852][ T5097] logitech 0003:046D:C20E.0009: probe with driver logitech failed with error -22
[  743.247629][T14535] loop0: detected capacity change from 0 to 131072
[  743.275639][T14535] F2FS-fs (loop0): invalid crc value
[  743.306515][T14535] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  743.360185][ T5097] usb 3-1: USB disconnect, device number 19
[  743.661504][T14556] loop1: detected capacity change from 0 to 32768
[  743.678536][  T927] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  743.691893][  T927] usb 4-1: No valid video chain found.
[  743.738723][  T927] usb 4-1: USB disconnect, device number 20
[  743.751078][T14418] veth0_vlan: entered promiscuous mode
[  743.761662][T14556] syz.1.2377: attempt to access beyond end of device
[  743.761662][T14556] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  743.771100][T14418] veth1_vlan: entered promiscuous mode
[  743.793082][T14556] lbmIODone: I/O error in JFS log
[  743.798145][T14556] *** Log Format Error ! ***
[  743.818534][T14556] lmLogInit: exit(-22)
[  743.826899][T14556] lmLogOpen: exit(-22)
[  743.846342][T14418] veth0_macvtap: entered promiscuous mode
[  743.861842][T14418] veth1_macvtap: entered promiscuous mode
[  743.923674][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  743.950671][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  743.971811][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.012580][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.030442][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.051915][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.069650][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.096805][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.125491][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.149938][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.165599][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.181354][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.197692][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.218938][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.250730][T14418] batman_adv: batadv0: Interface activated: batadv_slave_0
[  744.295583][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.317250][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.331032][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.348375][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.444901][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.477771][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.503061][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.518513][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.530758][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.541732][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.560754][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.574621][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.587122][T14418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  744.604274][T14418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.623962][T14418] batman_adv: batadv0: Interface activated: batadv_slave_1
[  744.643042][T14418] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  744.655074][T14418] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  744.663988][T14418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  744.674040][T14418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  744.895325][T12651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  744.914976][T12651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  744.967686][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  745.009135][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  745.111299][    C1] eth0: bad gso: type: 1, size: 1408
[  745.794061][T14617] loop1: detected capacity change from 0 to 32768
[  746.099695][ T5097] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  746.289798][ T5097] usb 1-1: Using ep0 maxpacket: 16
[  746.306463][ T5097] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  746.325271][ T5097] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.334434][ T5097] usb 1-1: Product: syz
[  746.338639][ T5097] usb 1-1: Manufacturer: syz
[  746.343321][ T5097] usb 1-1: SerialNumber: syz
[  746.353314][ T5097] r8152-cfgselector 1-1: Unknown version 0x0000
[  746.392854][ T5097] r8152-cfgselector 1-1: config 0 descriptor??
[  746.649218][ T5097] r8152-cfgselector 1-1: Needed 1 retries to read version
[  746.668090][ T5097] r8152-cfgselector 1-1: Unknown version 0x6810
[  746.681716][ T5097] r8152-cfgselector 1-1: bad CDC descriptors
[  746.863581][ T5188] r8152-cfgselector 1-1: USB disconnect, device number 24
[  747.138112][T14675] loop2: detected capacity change from 0 to 32768
[  747.234414][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  747.241570][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  747.358651][T14677] loop3: detected capacity change from 0 to 40427
[  747.369757][T14677] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  747.387725][T14677] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  747.463194][T14677] F2FS-fs (loop3): Found nat_bits in checkpoint
[  747.537824][T14714] pim6reg1: entered promiscuous mode
[  747.553326][T14714] pim6reg1: entered allmulticast mode
[  747.665978][T14677] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  747.689883][T14677] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  747.824841][   T30] audit: type=1804 audit(1721457815.159:957): pid=14677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2425" name="/newroot/116/bus/file1" dev="loop3" ino=10 res=1 errno=0
[  748.249690][ T5188] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  748.325111][T14741] loop4: detected capacity change from 0 to 512
[  748.350101][T14741] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  748.378162][T14741] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent
[  748.569921][T14731] loop0: detected capacity change from 0 to 32768
[  748.624068][ T5188] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  748.635670][ T5188] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  748.665043][ T5188] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  748.689368][ T5188] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.814045][ T5188] usb 3-1: config 0 descriptor??
[  749.390446][T11343] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  749.421590][ T5188] arvo 0003:1E7D:30D4.000A: unknown main item tag 0x0
[  749.469072][ T5188] arvo 0003:1E7D:30D4.000A: item fetching failed at offset 5/7
[  749.487751][ T5188] arvo 0003:1E7D:30D4.000A: parse failed
[  749.499838][ T5188] arvo 0003:1E7D:30D4.000A: probe with driver arvo failed with error -22
[  749.582663][T14755] loop4: detected capacity change from 0 to 512
[  749.597447][T14755] EXT4-fs: Ignoring removed mblk_io_submit option
[  749.646927][ T5188] usb 3-1: USB disconnect, device number 20
[  749.689241][T14755] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #12: comm syz.4.2456: corrupted in-inode xattr: invalid ea_ino
[  749.731287][T14755] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2456: couldn't read orphan inode 12 (err -117)
[  749.789027][T14755] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  749.802624][T11343] usb 2-1: Using ep0 maxpacket: 16
[  749.815514][T11343] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  749.825653][T11343] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.834547][T11343] usb 2-1: Product: syz
[  749.838840][T11343] usb 2-1: Manufacturer: syz
[  749.846770][T11343] usb 2-1: SerialNumber: syz
[  749.867996][T11343] r8152-cfgselector 2-1: Unknown version 0x0000
[  749.878354][T11343] r8152-cfgselector 2-1: config 0 descriptor??
[  750.156614][T14771] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.2456: Directory hole found for htree leaf block 0
[  750.171057][T14771] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.2456: Directory hole found for htree leaf block 0
[  750.186409][T14771] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.2456: Directory hole found for htree leaf block 0
[  750.201696][T14771] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.2456: Directory hole found for htree leaf block 0
[  750.552292][T11343] r8152-cfgselector 2-1: Needed 1 retries to read version
[  750.583572][T14418] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  750.611932][T11343] r8152-cfgselector 2-1: Unknown version 0x6810
[  750.619281][T11343] r8152-cfgselector 2-1: bad CDC descriptors
[  750.714254][T14783] loop2: detected capacity change from 0 to 128
[  750.763747][T14783] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2462'.
[  750.773000][T14783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2462'.
[  750.938126][ T5155] r8152-cfgselector 2-1: USB disconnect, device number 32
[  751.269761][ T5154] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  751.379771][ T5153] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  751.727644][ T5154] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  751.754651][ T5154] usb 3-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  751.785188][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.914773][ T5153] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  752.080604][ T5154] usb 3-1: config 0 descriptor??
[  752.123495][ T5153] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  752.350889][   T31] INFO: task syz.4.1592:12227 blocked for more than 143 seconds.
[  752.414499][ T5154] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  752.422271][ T5153] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  752.426060][   T31]       Not tainted 6.10.0-next-20240719-syzkaller #0
[  752.433181][ T5153] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.448281][ T5153] usb 5-1: config 0 descriptor??
[  752.453549][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  752.479746][   T31] task:syz.4.1592      state:D stack:21120 pid:12227 tgid:12221 ppid:8189   flags:0x00004000
[  752.511848][T14780] loop3: detected capacity change from 0 to 32768
[  752.530954][   T31] Call Trace:
[  752.534286][   T31]  <TASK>
[  752.537275][   T31]  __schedule+0x1800/0x4a60
[  752.549056][   T31]  ? __pfx___schedule+0x10/0x10
[  752.562532][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  752.568647][   T31]  ? __pfx_lock_release+0x10/0x10
[  752.573864][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  752.579182][   T31]  ? schedule+0x90/0x320
[  752.583589][   T31]  schedule+0x14b/0x320
[  752.587828][   T31]  rpc_wait_bit_killable+0x1b/0x160
[  752.594624][   T31]  __wait_on_bit+0xb0/0x2f0
[  752.599320][   T31]  ? __pfx_rpc_wait_bit_killable+0x10/0x10
[  752.618517][   T31]  out_of_line_wait_on_bit+0x1d5/0x260
[  752.625364][   T31]  ? __pfx_rpc_wait_bit_killable+0x10/0x10
[  752.647335][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  752.653524][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  752.659093][   T31]  ? do_raw_spin_unlock+0x13c/0x8b0
[  752.664451][   T31]  __rpc_execute+0x723/0x1460
[  752.669276][   T31]  ? __pfx___rpc_execute+0x10/0x10
[  752.680255][   T31]  ? do_raw_spin_lock+0x14f/0x370
[  752.685369][   T31]  ? rpc_make_runnable+0xb5/0x1c0
[  752.690900][   T31]  rpc_execute+0x1ec/0x3f0
[  752.695604][   T31]  rpc_run_task+0x562/0x6c0
[  752.700262][   T31]  rpc_call_sync+0x197/0x2e0
[  752.704995][   T31]  ? __pfx_rpc_call_sync+0x10/0x10
[  752.711802][   T31]  rpcb_register+0x36b/0x670
[  752.716557][   T31]  ? __pfx_rpcb_register+0x10/0x10
[  752.721815][   T31]  ? __pfx_rpcb_create_local+0x10/0x10
[  752.727420][   T31]  svc_unregister+0x208/0x730
[  752.733418][   T31]  svc_bind+0x1bb/0x1e0
[  752.737692][   T31]  nfsd_create_serv+0x3f0/0x760
[  752.742680][   T31]  ? __mutex_lock+0x9a5/0xd70
[  752.747426][   T31]  ? __pfx_nfsd_create_serv+0x10/0x10
[  752.755866][   T31]  ? __mutex_lock+0x527/0xd70
[  752.760767][   T31]  ? nfsd_nl_listener_set_doit+0x12d/0x1a90
[  752.766762][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  752.771918][   T31]  ? __asan_memset+0x23/0x50
[  752.776592][   T31]  ? netlink_unicast+0x7f6/0x990
[  752.781745][   T31]  ? __sock_sendmsg+0x221/0x270
[  752.786648][   T31]  ? __sys_sendmsg+0x2b0/0x3a0
[  752.791524][   T31]  nfsd_nl_listener_set_doit+0x135/0x1a90
[  752.805784][   T31]  ? __pfx___nla_validate_parse+0x10/0x10
[  752.814321][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  752.820777][   T31]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  752.827133][   T31]  ? __nla_parse+0x40/0x60
[  752.831795][   T31]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  752.838308][   T31]  genl_rcv_msg+0xb14/0xec0
[  752.844088][   T31]  ? mark_lock+0x9a/0x360
[  752.848543][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  752.853701][   T31]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  752.862102][   T31]  ? __pfx_lock_acquire+0x10/0x10
[  752.867208][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  752.873529][   T31]  ? __pfx___might_resched+0x10/0x10
[  752.878878][   T31]  netlink_rcv_skb+0x1e3/0x430
[  752.883836][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  752.888908][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  752.894360][   T31]  ? __netlink_deliver_tap+0x77e/0x7c0
[  752.904215][ T5153] arvo 0003:1E7D:30D4.000B: unknown main item tag 0x0
[  752.911145][   T31]  genl_rcv+0x28/0x40
[  752.917760][ T5153] arvo 0003:1E7D:30D4.000B: item fetching failed at offset 5/7
[  752.927373][   T31]  netlink_unicast+0x7f6/0x990
[  752.936752][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  752.942848][ T5153] arvo 0003:1E7D:30D4.000B: parse failed
[  752.957166][   T31]  ? __virt_addr_valid+0x183/0x530
[  752.962510][ T5153] arvo 0003:1E7D:30D4.000B: probe with driver arvo failed with error -22
[  752.973135][   T31]  ? __check_object_size+0x49c/0x900
[  752.978452][   T31]  ? bpf_lsm_netlink_send+0x9/0x10
[  752.990749][   T31]  netlink_sendmsg+0x8e4/0xcb0
[  752.995663][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.003937][   T31]  ? __sanitizer_cov_trace_pc+0x46/0x70
[  753.009518][   T31]  ? __import_iovec+0x536/0x820
[  753.024050][   T31]  ? aa_sock_msg_perm+0x91/0x160
[  753.029090][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  753.034520][   T31]  ? security_socket_sendmsg+0x87/0xb0
[  753.047841][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.053259][   T31]  __sock_sendmsg+0x221/0x270
[  753.057970][   T31]  ____sys_sendmsg+0x525/0x7d0
[  753.063035][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  753.069319][   T31]  __sys_sendmsg+0x2b0/0x3a0
[  753.074012][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  753.079209][   T31]  ? __schedule+0x1808/0x4a60
[  753.085893][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  753.092375][   T31]  ? do_syscall_64+0x100/0x230
[  753.097174][   T31]  ? do_syscall_64+0xb6/0x230
[  753.106216][ T5153] usb 5-1: USB disconnect, device number 20
[  753.115300][   T31]  do_syscall_64+0xf3/0x230
[  753.126813][   T31]  ? clear_bhb_loop+0x35/0x90
[  753.131672][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.137655][   T31] RIP: 0033:0x7f5a78b75b59
[  753.142153][   T31] RSP: 002b:00007f5a798cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  753.150744][   T31] RAX: ffffffffffffffda RBX: 00007f5a78d06110 RCX: 00007f5a78b75b59
[  753.158736][   T31] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000008
[  753.166844][   T31] RBP: 00007f5a78be4e5d R08: 0000000000000000 R09: 0000000000000000
[  753.175741][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.188032][   T31] R13: 000000000000006e R14: 00007f5a78d06110 R15: 00007ffc335034d8
[  753.197560][   T31]  </TASK>
[  753.200955][   T31] 
[  753.200955][   T31] Showing all locks held in the system:
[  753.208936][   T31] 2 locks held by kworker/u8:0/11:
[  753.215033][   T31] 1 lock held by rcu_exp_gp_kthr/19:
[  753.223594][   T31] 1 lock held by khungtaskd/31:
[  753.228544][   T31]  #0: ffffffff8e337a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  753.239927][   T31] 3 locks held by kworker/u8:4/61:
[  753.245159][   T31] 3 locks held by kworker/u9:1/4498:
[  753.250659][   T31]  #0: ffff8880560ad948 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  753.264454][   T31]  #1: ffffc9000d517d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  753.285070][   T31]  #2: ffff88805ed9cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  753.299495][   T31] 2 locks held by getty/4850:
[  753.312873][   T31]  #0: ffff88802a6240a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  753.333379][   T31]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  753.343727][   T31] 3 locks held by kworker/1:4/5153:
[  753.348935][   T31]  #0: ffff88801ced9548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  753.360342][   T31]  #1: ffffc900042cfd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  753.375519][   T31]  #2: ffff888023914190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  753.384572][   T31] 2 locks held by kworker/1:6/5155:
[  753.390207][   T31]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  753.401487][   T31]  #1: ffffc900042efd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  753.412160][   T31] 2 locks held by kworker/0:0/11343:
[  753.417472][   T31]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  753.429086][   T31]  #1: ffffc9000e487d00 ((work_completion)(&clnt->cl_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  753.444008][   T31] 4 locks held by syz.0.1497/11780:
[  753.449208][   T31]  #0: ffff8880636b8d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[  753.459752][   T31]  #1: ffff8880636b8078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[  753.469473][   T31]  #2: ffffffff8f776468 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[  753.480027][   T31]  #3: ffffffff8e33ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  753.491146][   T31] 2 locks held by syz.4.1592/12227:
[  753.496349][   T31]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  753.504609][   T31]  #1: ffffffff8e60bd68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  753.514860][   T31] 2 locks held by syz.0.1853/13031:
[  753.520203][   T31]  #0: ffffffff8f670390 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  753.562387][ T5153] usb 3-1: USB disconnect, device number 21
[  753.571948][   T31]  #1: ffffffff8e60bd68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  753.582265][   T31] 1 lock held by syz.0.2467/14791:
[  753.587377][   T31]  #0: ffff88807dee0208 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  753.597764][   T31] 
[  753.606375][   T31] =============================================
[  753.606375][   T31] 
[  753.617898][   T31] NMI backtrace for cpu 1
[  753.622261][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.10.0-next-20240719-syzkaller #0
[  753.631909][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  753.641989][   T31] Call Trace:
[  753.645284][   T31]  <TASK>
[  753.648249][   T31]  dump_stack_lvl+0x241/0x360
[  753.652920][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  753.658142][   T31]  ? __pfx__printk+0x10/0x10
[  753.662730][   T31]  ? __pfx_vprintk_emit+0x10/0x10
[  753.667763][   T31]  nmi_cpu_backtrace+0x49c/0x4d0
[  753.672754][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  753.678232][   T31]  ? _printk+0xd5/0x120
[  753.682405][   T31]  ? __pfx__printk+0x10/0x10
[  753.686999][   T31]  ? __wake_up_klogd+0x109/0x140
[  753.691955][   T31]  ? __pfx__printk+0x10/0x10
[  753.696587][   T31]  ? __rcu_read_unlock+0xa1/0x110
[  753.701648][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  753.707672][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  753.713655][   T31]  watchdog+0xff4/0x1040
[  753.717896][   T31]  ? watchdog+0x1ea/0x1040
[  753.722314][   T31]  ? __pfx_watchdog+0x10/0x10
[  753.726986][   T31]  kthread+0x2f0/0x390
[  753.731051][   T31]  ? __pfx_watchdog+0x10/0x10
[  753.735725][   T31]  ? __pfx_kthread+0x10/0x10
[  753.740319][   T31]  ret_from_fork+0x4b/0x80
[  753.744755][   T31]  ? __pfx_kthread+0x10/0x10
[  753.749337][   T31]  ret_from_fork_asm+0x1a/0x30
[  753.754113][   T31]  </TASK>
[  753.758221][   T31] Sending NMI from CPU 1 to CPUs 0:
[  753.764126][    C0] NMI backtrace for cpu 0
[  753.764138][    C0] CPU: 0 UID: 0 PID: 61 Comm: kworker/u8:4 Not tainted 6.10.0-next-20240719-syzkaller #0
[  753.764156][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  753.764166][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  753.764189][    C0] RIP: 0010:unwind_next_frame+0x4e6/0x2a00
[  753.764215][    C0] Code: 48 89 5c 24 28 49 89 dd 4c 8b 74 24 38 4c 89 e0 4c 29 e8 48 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe 49 8d 5c 45 00 <48> 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84
[  753.764229][    C0] RSP: 0018:ffffc900015cf2a0 EFLAGS: 00000246
[  753.764242][    C0] RAX: 0000000000000000 RBX: ffffffff8fc016ac RCX: 0000000000000000
[  753.764253][    C0] RDX: ffff888017f1bc00 RSI: 000000000000d081 RDI: 000000000000d082
[  753.764264][    C0] RBP: 0000000000004139 R08: ffffffff81410a2e R09: 0000000000000000
[  753.764274][    C0] R10: ffffc900015cf3e0 R11: fffff520002b9e88 R12: ffffffff8fc016ac
[  753.764287][    C0] R13: ffffffff8fc016ac R14: ffffffff814139cb R15: ffffffff8fc016ac
[  753.764299][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  753.764312][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  753.764323][    C0] CR2: 00007f7145ed1178 CR3: 000000007a2be000 CR4: 00000000003506f0
[  753.764337][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  753.764346][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  753.764357][    C0] Call Trace:
[  753.764362][    C0]  <NMI>
[  753.764369][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  753.764387][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  753.764411][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  753.764429][    C0]  ? nmi_handle+0x2a/0x5a0
[  753.764452][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  753.764472][    C0]  ? nmi_handle+0x14f/0x5a0
[  753.764487][    C0]  ? nmi_handle+0x2a/0x5a0
[  753.764502][    C0]  ? unwind_next_frame+0x4e6/0x2a00
[  753.764525][    C0]  ? default_do_nmi+0x63/0x160
[  753.764544][    C0]  ? exc_nmi+0x123/0x1f0
[  753.764562][    C0]  ? end_repeat_nmi+0xf/0x53
[  753.764581][    C0]  ? __unwind_start+0x2bb/0x7c0
[  753.764612][    C0]  ? unwind_next_frame+0x2de/0x2a00
[  753.764636][    C0]  ? unwind_next_frame+0x4e6/0x2a00
[  753.764660][    C0]  ? unwind_next_frame+0x4e6/0x2a00
[  753.764685][    C0]  ? unwind_next_frame+0x4e6/0x2a00
[  753.764708][    C0]  </NMI>
[  753.764713][    C0]  <TASK>
[  753.764721][    C0]  ? __unwind_start+0x2bb/0x7c0
[  753.764745][    C0]  ? get_stack_info_noinstr+0x1a/0x130
[  753.764763][    C0]  ? __unwind_start+0x2bc/0x7c0
[  753.764786][    C0]  ? get_stack_info+0x102/0x180
[  753.764809][    C0]  __unwind_start+0x641/0x7c0
[  753.764834][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  753.764858][    C0]  arch_stack_walk+0x103/0x1b0
[  753.764877][    C0]  ? __unwind_start+0x2bc/0x7c0
[  753.764902][    C0]  stack_trace_save+0x118/0x1d0
[  753.764925][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  753.764948][    C0]  ? mark_lock+0x9a/0x360
[  753.764975][    C0]  kasan_save_track+0x3f/0x80
[  753.765025][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  753.765046][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x1b1e/0x2d70
[  753.765067][    C0]  kasan_save_free_info+0x40/0x50
[  753.765087][    C0]  poison_slab_object+0xe0/0x150
[  753.765104][    C0]  __kasan_slab_free+0x37/0x60
[  753.765118][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x1b1e/0x2d70
[  753.765138][    C0]  kfree+0x149/0x360
[  753.765158][    C0]  ieee80211_ibss_rx_queued_mgmt+0x1b1e/0x2d70
[  753.765187][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70
[  753.765208][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  753.765234][    C0]  ? mark_lock+0x9a/0x360
[  753.765258][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  753.765281][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  753.765304][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  753.765331][    C0]  ieee80211_iface_work+0x8a5/0xf20
[  753.765359][    C0]  cfg80211_wiphy_work+0x2db/0x490
[  753.765380][    C0]  ? process_scheduled_works+0x945/0x1830
[  753.765399][    C0]  process_scheduled_works+0xa2c/0x1830
[  753.765434][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  753.765459][    C0]  ? assign_work+0x364/0x3d0
[  753.765481][    C0]  worker_thread+0x86d/0xd40
[  753.765506][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  753.765528][    C0]  ? __kthread_parkme+0x169/0x1d0
[  753.765551][    C0]  ? __pfx_worker_thread+0x10/0x10
[  753.765571][    C0]  kthread+0x2f0/0x390
[  753.765588][    C0]  ? __pfx_worker_thread+0x10/0x10
[  753.765608][    C0]  ? __pfx_kthread+0x10/0x10
[  753.765623][    C0]  ret_from_fork+0x4b/0x80
[  753.765643][    C0]  ? __pfx_kthread+0x10/0x10
[  753.765657][    C0]  ret_from_fork_asm+0x1a/0x30
[  753.765686][    C0]  </TASK>
[  754.227827][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  754.234789][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.10.0-next-20240719-syzkaller #0
[  754.244418][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  754.254514][   T31] Call Trace:
[  754.257787][   T31]  <TASK>
[  754.260714][   T31]  dump_stack_lvl+0x241/0x360
[  754.265388][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  754.270587][   T31]  ? __pfx__printk+0x10/0x10
[  754.275183][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  754.281172][   T31]  ? vscnprintf+0x5d/0x90
[  754.285503][   T31]  panic+0x349/0x870
[  754.289400][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  754.295561][   T31]  ? __pfx_panic+0x10/0x10
[  754.299981][   T31]  ? tick_nohz_tick_stopped+0x82/0xb0
[  754.305351][   T31]  ? __irq_work_queue_local+0x137/0x410
[  754.310899][   T31]  ? preempt_schedule_thunk+0x1a/0x30
[  754.316267][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  754.322418][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  754.328572][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  754.334742][   T31]  watchdog+0x1033/0x1040
[  754.339065][   T31]  ? watchdog+0x1ea/0x1040
[  754.343478][   T31]  ? __pfx_watchdog+0x10/0x10
[  754.348150][   T31]  kthread+0x2f0/0x390
[  754.352218][   T31]  ? __pfx_watchdog+0x10/0x10
[  754.356888][   T31]  ? __pfx_kthread+0x10/0x10
[  754.361476][   T31]  ret_from_fork+0x4b/0x80
[  754.365891][   T31]  ? __pfx_kthread+0x10/0x10
[  754.370473][   T31]  ret_from_fork_asm+0x1a/0x30
[  754.375249][   T31]  </TASK>
[  754.378590][   T31] Kernel Offset: disabled
[  754.382911][   T31] Rebooting in 86400 seconds..