last executing test programs:

3m27.125977314s ago: executing program 32 (id=1997):
r0 = socket$inet(0x2, 0x3, 0x100)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x3c)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @broadcast}, 0x10)

3m0.48135205s ago: executing program 33 (id=2418):
r0 = socket(0x10, 0x80002, 0x4)
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtaction={0x74, 0x13, 0x53b, 0x1, 0x25dfdbfb, {}, [{0x60, 0x1, [@m_mirred={0x30, 0x7, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_xt={0x2c, 0x1b, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4004084}, 0x8000)

2m56.62658789s ago: executing program 3 (id=2929):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)={0x18, r0, 0x1, 0x0, 0x0, {0x1e}, [@ETHTOOL_A_PAUSE_HEADER={0x4}]}, 0x18}}, 0x80)

2m56.568291781s ago: executing program 3 (id=2930):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x40, 0x10, 0x1, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x3}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)

2m56.568171761s ago: executing program 3 (id=2931):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

2m56.568027911s ago: executing program 3 (id=2932):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@test_dummy_encryption}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x460, &(0x7f00000008c0)="$eJzs3MtvVNUfAPDvve2UX38FWxFf4KOKRuKjpYDKwoUaTVxgYqILXU7aQpAChtZESBOLC1wZY+LeuPRfcKUbY1yZuNW9ISGGjeBqzJ25t/NgZvpgpoPM55MMfM99zDnfuffMnHvPTAMYWtPZP0nE7oj4PSIma8XmDaZr/924vjp/8/rqfBKVyrt/JdXt/r6+Ol9sWuw30ViIJA60qXf54qUz5aWlxQt5eXbl7EezyxcvvXD6bPnU4qnFc0eOHz92dO7ll4682JM8JyLNo7c++OrtE1805d+SR49Md1v5dKXS4+oGa09DnIwOsCFsyUhEZIerVO3/kzES9YM3GW9+tl74dEANBPqmUqlUJjqvXqsAd7Ekmsu6PAyL4oO+uP5tdx38at9GH4N37bXaBVCW9438UVszun7HoNRyfdtL0xHx/to/32SP6M99CACAJj9k45/ns9HO6nw29qiPP9J4oGG7e/K5oamIuDci9kbEfXEu9kXE/RHVbR+MiIe2WH/rJMmt45/06rYS26Rs/PdKPrfVPP4rRn8xNZKX9lTzLyUnTy8tHs5fk0NR2pWV57rU8eMbv33ZaV3j+C97ZPUXY8G8HVdHdzXvs1BeKd9Ozo2uXY7YP9ou/2R9JiCJiIcjYn+7J0g3ruP0s9890mndxvl30YN5psq3Ec/Ujv9atORfSLrPT87+L5YWD88WZ8Wtfvn1yjud6r+t/HsgO/7/b3v+r+c/lTTO1y5vvY4rf3ze8ZpmO+f/WnmlPJa8V43H8mWflFdWLsxFjCUnao1uXH6kvm9RLrbP8j90sH3/3xv1V+JARGQn8aMR8VhEPJ63/YmIeDIiDnbJ/+fXn/qwddn4pvPvryz/hS0d/3owFq1L2gcjZ376vqnSqXqY53+z+/E/Vo0O5Us28/63mXZt72wGAACA/540InZHks6sx2k6M1P7Dv++iHTp/PLKcyfPf3xuofYbgakopcWdrsmG+6Fz+WV9rXw5ImpfLSjWH420et/465Hxanlm/vzSwqCThyE30aH/Z/4cGXTrgL7zey0YXvo/DK+u/b+0c+0Adt4t/b9rn9/V17YAO6vN5//4INoB7Lx2439/7weGQ0v/N+0HQ8T9fxhe+j8ML/0fhtLyeGz8I/muQfFM29z9rg2idEc0o29BpHdEMwR9Cgb7vgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAr/wYAAP//HtbacA==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

2m56.437256093s ago: executing program 3 (id=2939):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000004000000000000008100d00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
nanosleep(&(0x7f0000000180), 0x0)

2m56.280048895s ago: executing program 3 (id=2949):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000080)=0xfffffff7, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4e1c, 0x0, @local, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB="24000000000000002900000032000000ff010000000000000000000000000001", @ANYRES32=0x0, @ANYBLOB="0000000018000000000000002900000002"], 0x40, 0x7ffffff7}}], 0x1, 0x0)

2m56.252588106s ago: executing program 34 (id=2949):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000080)=0xfffffff7, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4e1c, 0x0, @local, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB="24000000000000002900000032000000ff010000000000000000000000000001", @ANYRES32=0x0, @ANYBLOB="0000000018000000000000002900000002"], 0x40, 0x7ffffff7}}], 0x1, 0x0)

2m47.786858958s ago: executing program 6 (id=3239):
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
unshare(0x22020600)
splice(r0, 0x0, r1, &(0x7f00000002c0), 0x4, 0x0)

2m47.747722519s ago: executing program 6 (id=3242):
syz_mount_image$ext4(&(0x7f00000006c0)='ext4\x00', &(0x7f0000000640)='./file2\x00', 0x3800010, &(0x7f0000000700), 0x3f, 0x540, &(0x7f0000000100)="$eJzs3d9rZFcdAPDvvclks7upk6pILViLrewW3ZlNY9sgovVFnwpqfV9jMhvCzmSWzKRuQrEp/Q9EUPDJJ18E/wBB+uAfIIWCvogPoqKIbhURqr3l3rlDt/MjCd3JTDf5fODunHN/fc+5Q86ce+/ZewM4tx6PiOcjYi4inoqIajk/Lacbeeawt95bd1/eyKcksuzFfySRlPP6+8rz8xFxubdJLEbEt74e8d1kOG5n/+DWerPZ2C3z9W7rdr2zf3Btu7W+1dhq7Kyurjy79tzaM2vXs9J91XO5n/jZ1778q89/7483/nb1+3mxvvSJqMRAPSapV/VKcSz68mO0exrBZmCurE9l1gUBAOBE8j7+RyPiM0X/vxpzRW9uwNwsSgYAAABMSvaVpfhfEpEBAAAAZ1YaEUuRpLVyLMBSpOlCeW3g43EpbbY73c/dbO/tbObLIpajkt7cbjaul2OFl6OS5PmVcoxtP//0QH41Ih6OiB9WLxb52ka7uTnjax8AAABwXlweOP//dzUt0scr/p9AetrlAwAAACZkeWwGAAAAOCuc8gMAAMDZN3j+73n/AAAAcKZ844UX8inrv/9686X9vVvtl65tNjq3aq29jdpGe/d2bavd3iqe2dc6bn/Ndvv2F2Jn70692+h06539gxut9t5O98b2+16BDQAAAEzRw59+/XdJRBx+8WIxhYf6AaP8edYFACbpPof66SrAA2x+1gUAZqYy6wIAM5ccs9zgHQAAePBd+eTw/f/++/9dG4CzzQ08ADh/3P+H86syOALwP7MqCTBt8+U1gI/0shfGrTf2/v9vThopyyLeqN47x/VFAACYrqViStJaeR6wFGlaq0U8FJEuRyW5ud1sXC/PD35brVzI8yvFlsmxY4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAAzrSI9K/J21E8y/9K9cmlwesDC8l/q/GXMvOTF390Z73b3V3J5/+zeJfXQkR0f1zOf3rs68MAAACASUsOxy7qnaeXnytTLRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA58Bbd1/e6E/TjPv3r0bE8qj487FYfC5GJSIu/SuJ+Xu2SyJibgLxD1+NiEdGxU/inSx7JcpSjIp/8ZTjLxeHZnT8NCIuTyA+nGev5+3P86P+/tJ4vPgc/fc3X073a3z7l5aRH4nqmPbnoaG9tUbGePTNX9R7qcpw/FcjHp0f3f70299kTPwnhvb2dpZlw/G/8+2Dg3H1z34acWXk70/yvlj1but2vbN/cG27tb7V2GrsrK6uPLv23Noza9frN7ebjfLfkTF+8KlfvjMufl7/SyPi/+H3vfb3qPo/OXKPw79K/3/zzt2P9ZJDX0Ae/+oTI39/F2NM/LSM8tkynS+/0k8f9tL3euznbzx2VP03xxz/477/q+N2OuCpb772pxOuCgBMQWf/4NZ6s9nYPSKxeIJ1jkjk/Yj72Px0EpVo7P56cebF+ACJ7JXeN/dhKc8HTeS91ffm9Gv1ISjYPYlsKrEuFP35k261MNnoAy3Aa2W7sN48SeuxcFrNEgAAcAre6/3PuiQAAAAAAAAAAAAAAAAAAABwfk3jUWqDMQ9nU1UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCO9GwAA///rlNhr")
socket(0x10, 0x3, 0x0)
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

2m47.478926513s ago: executing program 6 (id=3248):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xfeffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, &(0x7f0000003340)="e045", 0x0, 0x4, 0x0, 0x9}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f05407b1fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40)

2m47.478495363s ago: executing program 6 (id=3250):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

2m47.425628524s ago: executing program 6 (id=3251):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="696e6c696e655f64656e74727900016865636b706f696e743d64697361626c652c696e6c696e655f646174612c6e6f636865636b706f696e745f6d657267652c6d6f64653d6c66732c252be76e0a8848022769ce6db839b26b6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303031312c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6572726f72733d72656d6f756e742d726f2c6e6f657874656e745f63616368652c686561702c616c6c6f635f6d6f64653d7265fc2413a788f8817d011fa9de16d2e9ccd0cf7bfdf2eccfdf64bada5a48e38c545bc45a4cf0233d64b6b88ad72cbd055493d674d3b8562bfa8cee7acd180fa03e80ac49c4131ec06b1f277a8e0de9598a22bce43f8fff00"], 0x1, 0x5508, &(0x7f0000002480)="$eJzs3EtvG1UUAODjpOmbEiEW7DpShZRItVWnD8GuQCseolVUYMEKHNux3NqeKHackBULlogF/wSBxIolv4EFa3aIBYgdEshzJ9DwkEBxYtJ8nzQ+c6+vz5xrVZXOTOQATqzF7OcfK3EpzkXEfERcjCjOK+VRuJ3CcxGRRcTcY0elnP994nREnI+IS5PkKWelfOvTq+MrN39446evvjlz6sJnX347u10Ds/Z8RPQ30vl2P8W8k+LDcr4x7haxf2NcxvRG/1E5zlPcbq8VGbYbe+saRbzeSevzja3hJK73Gs1J7HTXi/mNQbrgcNzZy1N84GFjsxi32mtF7A7zInZ2U107u+n/tt3hKOVplfk+KNLHaLQX03x7p532s/GoiM3BqJxPefNWe2cSx2UsLxfNvNcq6lg7yDf9//Zmd7C1k43bm8NuPshu1uov1Oq3qvXNvNUetW9UG/3WrRvZUqc3WVYdtRv925087/TatWbeX86WOs1mtV7Plu6017qNQVav167XrlVvLpdnV7NX77+T9VrZ0iS+3B1sjbq9Ybaeb2bpE8vZSu36i8vZlXr21r3VbPXB3bv3Vt9+786791+69/or5aK/lJUtrVxbWanWr1VX6ssnaP8flUVPcf9wIJVZFwBw/PzX/v+y/h+YgsPr/zcfRBx+/x/6/6k4Vv3vSe//D2H/cCD6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+u7hc9fK04W0/hCOf9UOfVMOa5ExFxE/Po35uP0vpzzZZ6Ff1i/8Kcavq5EkWFyjTPlcT4ibpfHL08f9rcAAAAAT64vPrz8SerW08virAviKKWbNnMX359SvkpELCx+P6Vsc5OXZ6eUrPj3fSp2ppStuIF1dkrJ0i23U9PK9q/M7wtnHwuVFOaOtBwAAOBI7O8EjrYLAQAA4Ch9POsCmI1K7D3K3HsWXPzl/R8PBM/tGwEAAADHUGXWBQAAAACHruj//f4fAAAAPNnS7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793CYORHEAfjZ4Yf9p0Wrv28reoIwtYY97jCggTVBADqSFNEAN5JYSIojwOAQiDpE8tpXo+yRnMpb58QbBYWakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv31Xpxe/X7um3Obt9OntEAAAAAl2yr9aL+Z5b6X5v735tbP5t+ERFlRFyau4/i01nmqMmpXp6/OX2+elXDXUSdcHiPSXN9iYg/zfX4o+tPAQAAAD6uzXI1T7P19Gc2dEH0KS3alN/+ZsorIqKaPWRKKw95vzKF1d/vcfzPlFYvYE0zhaUlt3GutDepf+7HVbvpSVOkprz4smOR2cYOAAD0aHTW9DsLAQAAoE//hi6AYRTxvJV53AqcpKbZ3vt81gMAAADeoWLoAgAAAIDO1fP/ns7/2zv/DwAAAIaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqvdgsV/O2Obt9O3lGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MT+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MztZWxTXKHiKi4EEvdrutrb2JByV48E8QQrqtsVt/tDnYUsRcvEnOvYgeRQQl3vo/5JxALvGWwx4ieFZmdiY7+QGuv2Y2yecDb953h2He981CyHfeSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS6O1JnGSHzjiOi3Obew+Xsn7rUJ95vLY9n7UsjupM+mR4sfoh6jaXCAAAAGdHUtb3IYSddH0h6+NOXv+n5TVZzf/t0+O4rOcP1/1lX9b+Wfvl593n9wfqjMfJbnpzeTi4dDSV1v83y9n2zF9e0cqffP7uJcm/kPi91edGaf48o683Nt5p5+G5OrIFAP6Ji2VfBOXvQ1nfbzIxAM6MVqXwLuv/pNNsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1GK2GJ8s4CiHMtyZxZmvv4dJx/eO17fmyXXv0aC18Oblndos0hHBzeTi4VOtsZtu9+w9uLw6Hg7v1By+FEJoa/a1i+rc/mOLiEBp5PoL/KIiLL3tW8jkZQYM/lAAAOJXSomV1/U66vpCdi+ZC+OO7g/X/q5U4TFn/7354bbM6VrX+79c2w9nXW7nzae/e/QevL99ZvDW4Nfj4jcv9N/tXrl+9er2XvyvpeWMCAADAv9MuWrX+j+eOrv9fqMRhyvr/s2/6X1THStT/x5os+jWdCQAAwNn27Mu//xYdcz5qt8Pniysrd/vj4/7ny+NjA6n+beeKVq3/k7mmswIAAADqMFqNDqz/36jEYcr1/6e+f+HH6j2TEML5Yv3/4tInwxv1TWem1fHnxE3PEQAAgGadL1p1/T/N9//H+1se4hDCa6+M4+LfAE5V/yfvfvVDdazq/v8r9U1xJsXd8fPI+24IrW7TGQEAAHCaPVG0rNj/NV1f+OinC++37f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNufAQAA//9hGz6T")
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0)

2m47.133545088s ago: executing program 6 (id=3264):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
preadv(r0, &(0x7f0000001480)=[{&(0x7f0000000140)=""/102, 0x66}], 0x1, 0x0, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000080)='8', 0x20000081}], 0x300)

2m47.072890999s ago: executing program 35 (id=3264):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
preadv(r0, &(0x7f0000001480)=[{&(0x7f0000000140)=""/102, 0x66}], 0x1, 0x0, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000080)='8', 0x20000081}], 0x300)

1m35.221777332s ago: executing program 5 (id=5480):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0xa})

1m35.206320243s ago: executing program 5 (id=5481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000080850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
times(0x0)

1m35.180825693s ago: executing program 5 (id=5482):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@setlink={0x30, 0x13, 0xbaa23f3d13f2d1f5, 0x3, 0x1, {0x0, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x10, 0x1a, 0x0, 0x1, [@AF_BRIDGE={0x4}, @AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

1m35.152937114s ago: executing program 5 (id=5484):
r0 = socket(0x10, 0x2, 0x0)
capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000240))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})

1m35.139131374s ago: executing program 5 (id=5485):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m35.064307395s ago: executing program 5 (id=5487):
unshare(0x62040200)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/igmp6\x00')
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000a80)=""/196, 0xc4}], 0x1, 0x7fff, 0x0)

1m18.625524012s ago: executing program 36 (id=5487):
unshare(0x62040200)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/igmp6\x00')
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000a80)=""/196, 0xc4}], 0x1, 0x7fff, 0x0)

1m4.311955876s ago: executing program 4 (id=6049):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000003800)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x3, 0x5381, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x8000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf7e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x90000, 0x0, 0x3, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0xfffffffffffffff5, 0x0, 0x0, 0x0, {0x7, 0x1, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x2}}}}]}]}, 0x88c}}, 0x0)

1m4.292268526s ago: executing program 4 (id=6050):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230040)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)

1m4.196488877s ago: executing program 4 (id=6052):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0xff, &(0x7f0000000340)=<r1=>0x0)
r2 = eventfd2(0x3, 0x0)
io_submit(r1, 0x1, &(0x7f00000008c0)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x4, r0, &(0x7f0000000600), 0x0, 0x6, 0x0, 0x3, r2}])

1m4.078524759s ago: executing program 4 (id=6053):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000005bc0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdir(&(0x7f0000000280)='./file0\x00', 0x100)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@uuid_off}], [], 0x2c})

1m3.622376426s ago: executing program 4 (id=6060):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f00000004c0)='./file0\x00', 0x80000000)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

1m2.287985987s ago: executing program 4 (id=6086):
r0 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in, @in=@local, 0x0, 0x8, 0x0, 0x0, 0xa, 0x50, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x3}, 0x0, 0x0, 0x1, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x38}, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x58, 0x0)

1m2.182892389s ago: executing program 37 (id=6086):
r0 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in, @in=@local, 0x0, 0x8, 0x0, 0x0, 0xa, 0x50, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x3}, 0x0, 0x0, 0x1, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x38}, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}}], 0x58, 0x0)

54.781792164s ago: executing program 9 (id=6230):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

53.722585311s ago: executing program 9 (id=6241):
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)

53.696548671s ago: executing program 9 (id=6233):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setresuid(0x0, 0xee01, 0x0)
pidfd_send_signal(r1, 0x2, 0x0, 0x0)

53.646786112s ago: executing program 9 (id=6236):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000005bc0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdir(&(0x7f0000000280)='./file0\x00', 0x100)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@uuid_off}], [], 0x2c})

53.14291779s ago: executing program 9 (id=6248):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000012c0)={0x2, {{0x2, 0x0, @multicast2}}, 0x0, 0xa, [{{0x2, 0x0, @broadcast}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @empty}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}, {{0x2, 0x0, @loopback}}]}, 0x590)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)

51.956163549s ago: executing program 9 (id=6269):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000100)="240000001e005f0014f9f407faac47000a000000040000000000080008000100000000ff", 0x24)

51.928789989s ago: executing program 38 (id=6269):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000100)="240000001e005f0014f9f407faac47000a000000040000000000080008000100000000ff", 0x24)

4.747962707s ago: executing program 8 (id=7552):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000180)='./file0\x00', &(0x7f0000005780)='./file2\x00', &(0x7f00000057c0), 0x2000000, &(0x7f0000005800)={[{@readahead={'readahead', 0x3d, 0x544}}]})

4.707548717s ago: executing program 8 (id=7554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
rt_sigsuspend(0x0, 0x0)

4.685923737s ago: executing program 8 (id=7555):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$FUSE_STATX(r0, &(0x7f00000032c0)={0x130, 0xfffffffffffffff5, 0x0, {0x0, 0x80000001, 0x0, '\x00', {0x200, 0x7, 0x7, 0x8, 0x0, 0x0, 0x8000, '\x00', 0x7fff, 0x0, 0x9, 0x100000000, {0x2, 0x1}, {0x0, 0x80}, {0x71a, 0x6}, {0x9, 0x4}, 0x7fff, 0x9, 0x6, 0x81}}}, 0x130)
lseek(r0, 0x6, 0x3)

4.317373893s ago: executing program 8 (id=7567):
r0 = socket(0x200000100000011, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000740)="4d01000000000000000600e566a5dea20414090b", 0x14, 0x0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x2, 0x6, @broadcast}, 0x14)

4.157924966s ago: executing program 8 (id=7574):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

4.147797386s ago: executing program 8 (id=7575):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000000140)=[{{0x0, 0x2269, 0x0}}], 0x1, 0x2122, &(0x7f0000004f80)={0x0, 0x3938700})
dup2(r0, r1)
write$binfmt_script(r1, 0x0, 0x0)

2.259666185s ago: executing program 0 (id=7614):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x200003, 0x0)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000100)={0x1, r1})

2.207654736s ago: executing program 0 (id=7615):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffff96)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x9)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.173124777s ago: executing program 0 (id=7616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@base={0x1, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000045580415850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

2.128358598s ago: executing program 0 (id=7619):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
sendmmsg$unix(r0, &(0x7f0000004200)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x884}}], 0x1, 0x2000c080)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x33, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x584}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2.058631688s ago: executing program 0 (id=7622):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r1, 0x0, 0x20000000}, 0x20)

1.984265559s ago: executing program 0 (id=7624):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9, "18643ffb"}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

457.726074ms ago: executing program 2 (id=7651):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0)

252.160877ms ago: executing program 1 (id=7655):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@bridge_dellink={0x20, 0x11, 0x1}, 0x20}}, 0x0)

209.117508ms ago: executing program 1 (id=7656):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x6, 0x0, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{0x2, 0x0, 0x1, 0x1}, 0x7, 0x0, 0x0, 0x0, "cdbdcd4203c79548"}}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)

203.098967ms ago: executing program 2 (id=7657):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000400)={0x1, 0x1, 0x5, 0xf, 0xe, 0x0})

196.787848ms ago: executing program 7 (id=7658):
r0 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
write$selinux_user(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t r'], 0x27)

173.797538ms ago: executing program 2 (id=7659):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[], 0x38}, 0x2, 0x0, 0x0, 0x4000800}, 0x200000d0)

154.959678ms ago: executing program 7 (id=7660):
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000100)="27b56fdadba3", 0x6}], 0x2}, 0x20000055)
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @dev, 0x9}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

153.410418ms ago: executing program 1 (id=7661):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

141.285749ms ago: executing program 2 (id=7662):
sched_setscheduler(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='~\x00\x00\n', @ANYRES16=0x0, @ANYBLOB="0000f33bdc97a8d29ebcae76e05f43000000", @ANYRES32=0x0, @ANYBLOB="0c00990000000000000000000800a500000000000400a6804000a6800a00060008021100000100000a00060008021100000100000a00060008021100000000000a00060008021100000100000a00060008021100000000000800a50001"], 0x7c}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000020001000003be8c5ee17688a2002b08030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0x11a)

123.336638ms ago: executing program 1 (id=7663):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e23, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x2a}}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}}}}], 0x28}, 0x4000000)

114.635529ms ago: executing program 7 (id=7664):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x5, 0xffe, &(0x7f00000024c0)=""/4094, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

92.369209ms ago: executing program 2 (id=7665):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f0000000580)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001900)=ANY=[], &(0x7f0000000000)=""/140, 0x1a, 0x8c, 0x1, 0x0, 0x0, @void, @value}, 0x28)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x323)

81.67053ms ago: executing program 1 (id=7666):
r0 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
setns(r1, 0x0)

76.066079ms ago: executing program 7 (id=7667):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{0x0, 0x2000, 0x0, 0xffff}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x9)

35.04183ms ago: executing program 7 (id=7668):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}]}}}]}, 0x3c}}, 0x4)

29.12704ms ago: executing program 1 (id=7669):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000910200"])

12.50926ms ago: executing program 2 (id=7670):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000a00)={0x9, 0xe, 0x7, 0xa, 0xf})

0s ago: executing program 7 (id=7671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18)
timerfd_create(0x7, 0x0)

kernel console output (not intermixed with test programs):

34.020414][  T302]  f2fs_readahead+0xfd/0x250
[  234.025032][  T302]  ? blk_start_plug+0x9c/0x130
[  234.029767][  T302]  read_pages+0x1be/0xd40
[  234.034044][  T302]  ? workingset_activation+0x430/0x430
[  234.039337][  T302]  ? folio_add_lru+0x280/0x3f0
[  234.044073][  T302]  ? page_cache_ra_unbounded+0x800/0x800
[  234.049622][  T302]  ? filemap_add_folio+0x18f/0x200
[  234.054839][  T302]  ? __filemap_add_folio+0xdb0/0xdb0
[  234.060067][  T302]  page_cache_ra_unbounded+0x61f/0x800
[  234.065304][  T302]  ? readahead_gfp_mask+0x190/0x190
[  234.070569][  T302]  ? __kernel_text_address+0xd/0x40
[  234.075641][  T302]  ? unwind_get_return_address+0x4d/0x90
[  234.081398][  T302]  page_cache_ra_order+0x987/0xc40
[  234.086578][  T302]  ? do_page_cache_ra+0x110/0x110
[  234.091530][  T302]  ? __stack_depot_save+0x36/0x480
[  234.096648][  T302]  ? putname+0xfa/0x150
[  234.100822][  T302]  ondemand_readahead+0x925/0xef0
[  234.105757][  T302]  ? kasan_set_track+0x4b/0x70
[  234.110533][  T302]  ? kasan_save_free_info+0x2b/0x40
[  234.115581][  T302]  ? ____kasan_slab_free+0x131/0x180
[  234.120773][  T302]  ? do_syscall_64+0x3b/0xb0
[  234.125205][  T302]  ? page_cache_sync_ra+0x450/0x450
[  234.130553][  T302]  ? blk_cgroup_congested+0x132/0x150
[  234.135876][  T302]  page_cache_sync_ra+0x3d6/0x450
[  234.140991][  T302]  f2fs_readdir+0x599/0xc10
[  234.145418][  T302]  ? f2fs_fill_dentries+0xd00/0xd00
[  234.150897][  T302]  ? __this_cpu_preempt_check+0x13/0x20
[  234.156827][  T302]  ? memcg_rstat_updated+0x57/0x120
[  234.161890][  T302]  ? security_file_permission+0x86/0xb0
[  234.167399][  T302]  iterate_dir+0x265/0x600
[  234.172282][  T302]  ? f2fs_fill_dentries+0xd00/0xd00
[  234.177558][  T302]  __se_sys_getdents64+0x1c1/0x460
[  234.182538][  T302]  ? __x64_sys_getdents64+0x90/0x90
[  234.187743][  T302]  ? filldir+0x670/0x670
[  234.192257][  T302]  ? debug_smp_processor_id+0x17/0x20
[  234.197464][  T302]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  234.203367][  T302]  ? exit_to_user_mode_prepare+0x39/0xa0
[  234.209030][  T302]  __x64_sys_getdents64+0x7b/0x90
[  234.214204][  T302]  x64_sys_call+0x5ae/0x9a0
[  234.218586][  T302]  do_syscall_64+0x3b/0xb0
[  234.222833][  T302]  ? clear_bhb_loop+0x55/0xb0
[  234.227346][  T302]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  234.233166][  T302] RIP: 0033:0x7fda857bfad3
[  234.237614][  T302] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  234.257454][  T302] RSP: 002b:00007ffc5b54ad88 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  234.265909][  T302] RAX: ffffffffffffffda RBX: 00005555905b44e0 RCX: 00007fda857bfad3
[  234.273705][  T302] RDX: 0000000000008000 RSI: 00005555905b44e0 RDI: 0000000000000005
[  234.281514][  T302] RBP: 00005555905b44b4 R08: 0000000000000000 R09: 0000000000000000
[  234.289411][  T302] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  234.297231][  T302] R13: 0000000000000010 R14: 00005555905b44b0 R15: 00007ffc5b54d040
[  234.305329][  T302]  </TASK>
[  234.309674][  T302] syz-executor: attempt to access beyond end of device
[  234.309674][  T302] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  234.310066][T13953] incfs: Backing dir is not set, filesystem can't be mounted.
[  234.334000][T13954] device bridge0 left promiscuous mode
[  234.339592][T13953] incfs: mount failed -2
[  234.354145][  T327] kworker/u4:4: attempt to access beyond end of device
[  234.354145][  T327] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  234.393273][  T440] kernel write not supported for file /input/event2 (pid: 440 comm: kworker/1:5)
[  234.556214][T13979] netlink: 76 bytes leftover after parsing attributes in process `syz.0.6092'.
[  234.623639][T13985] syz.9.6085[13985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  234.623722][T13985] syz.9.6085[13985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  234.668515][T13989] SELinux: syz.0.6087 (13989) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release.
[  234.710874][T13989] SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot
[  234.770451][T13994] device veth4 entered promiscuous mode
[  234.937417][T14002] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.954231][T14002] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.970167][T14002] device bridge_slave_0 entered promiscuous mode
[  234.986887][T14002] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.004745][T14002] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.013053][T14002] device bridge_slave_1 entered promiscuous mode
[  235.020670][   T10] device bridge_slave_1 left promiscuous mode
[  235.027885][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.060029][   T10] device bridge_slave_0 left promiscuous mode
[  235.071624][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.080789][   T10] device veth1_macvtap left promiscuous mode
[  235.087085][   T10] device veth0_vlan left promiscuous mode
[  235.288215][T14002] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.295340][T14002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.302467][T14002] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.309345][T14002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.339807][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  235.347770][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.356253][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.368535][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.376934][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.383912][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.392643][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  235.401046][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.408190][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.424342][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  235.434219][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.450591][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  235.459740][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  235.472513][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  235.480718][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  235.489199][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  235.496769][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  235.506159][T14002] device veth0_vlan entered promiscuous mode
[  235.518903][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  235.527168][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  235.537639][T14002] device veth1_macvtap entered promiscuous mode
[  235.547857][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  235.555767][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  235.564678][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  235.574314][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  235.582617][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  235.622529][  T224] hid-generic 0000:0000:0000.006A: unknown main item tag 0x0
[  235.631168][  T224] hid-generic 0000:0000:0000.006A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  235.661229][T14027] syz.1.6100[14027] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.661288][T14027] syz.1.6100[14027] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.719744][T14029] device veth2 entered promiscuous mode
[  235.895778][T14031] loop9: detected capacity change from 0 to 40427
[  235.923878][T14031] F2FS-fs (loop9): Found nat_bits in checkpoint
[  235.990895][  T327] Bluetooth: hci0: Frame reassembly failed (-84)
[  235.998273][T14031] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  236.012804][T14044] loop8: detected capacity change from 0 to 40427
[  236.027754][T14044] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  236.038305][T14044] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  236.047782][T14044] F2FS-fs (loop8): invalid crc value
[  236.055470][T14044] F2FS-fs (loop8): Found nat_bits in checkpoint
[  236.064064][T12749] syz-executor: attempt to access beyond end of device
[  236.064064][T12749] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  236.105677][T14044] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  236.112979][T14044] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  236.157524][  T466] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  236.174507][  T466] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  236.537019][ T3137] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  236.730540][ T3137] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.741744][ T3137] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.751768][ T3137] usb 10-1: New USB device found, idVendor=0416, idProduct=c168, bcdDevice= 0.00
[  236.760812][ T3137] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.770109][ T3137] usb 10-1: config 0 descriptor??
[  237.205268][ T3137] hid (null): nested delimiters
[  237.211097][ T3137] hid-generic 0003:0416:C168.006B: nested delimiters
[  237.217800][ T3137] hid-generic 0003:0416:C168.006B: item 0 1 2 10 parsing failed
[  237.225483][ T3137] hid-generic: probe of 0003:0416:C168.006B failed with error -22
[  237.422496][  T440] usb 10-1: USB disconnect, device number 5
[  237.624385][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  237.632858][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  237.642187][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  237.650689][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  237.660132][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  237.668146][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  237.677894][T14075] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  237.726353][T14080] device bridge0 entered promiscuous mode
[  237.742951][T14080] bridge0: port 3(macsec1) entered blocking state
[  237.750695][T14080] bridge0: port 3(macsec1) entered disabled state
[  237.758256][T14080] device bridge0 left promiscuous mode
[  237.983718][T14097] loop9: detected capacity change from 0 to 512
[  238.003666][T14097] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  238.012948][T14097] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.033978][T14097] EXT4-fs (loop9): resizing filesystem from 128 to 1 blocks
[  238.041116][T14097] EXT4-fs warning (device loop9): ext4_resize_fs:2051: can't shrink FS - resize aborted
[  238.059301][T12749] EXT4-fs (loop9): unmounting filesystem.
[  238.172655][   T19] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[  238.194074][ T5194] Bluetooth: hci0: command 0x1003 tx timeout
[  238.199944][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  238.248737][T14112] loop7: detected capacity change from 0 to 512
[  238.316083][T14112] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  238.358402][T14119] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.365998][T14119] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.373023][T14119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.381272][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  238.381657][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  238.407836][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.418988][   T19] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  238.428121][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.437663][   T19] usb 2-1: config 0 descriptor??
[  238.442837][   T28] audit: type=1400 audit(2000000396.444:891): avc:  denied  { mounton } for  pid=14120 comm="syz.8.6139" path="/53/file0" dev="incremental-fs" ino=293 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  238.459959][T14121] overlayfs: workdir and upperdir must reside under the same mount
[  238.526710][T14126] loop8: detected capacity change from 0 to 512
[  238.533891][T14126] EXT4-fs: Ignoring removed orlov option
[  238.548681][T14126] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.6140: casefold flag without casefold feature
[  238.566372][T14126] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.6140: couldn't read orphan inode 15 (err -117)
[  238.589703][T14126] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  238.813554][T14137] loop7: detected capacity change from 0 to 512
[  238.861233][T14137] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  238.874529][  T466] Bluetooth: hci0: Frame reassembly failed (-84)
[  238.883576][T14137] ext4 filesystem being mounted at /691/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.897925][   T19] kone 0003:1E7D:2CED.006C: unknown main item tag 0x2
[  238.911066][   T19] kone 0003:1E7D:2CED.006C: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.1-1/input0
[  238.911578][T14137] EXT4-fs (loop7): resizing filesystem from 128 to 1 blocks
[  238.938643][T14137] EXT4-fs warning (device loop7): ext4_resize_fs:2051: can't shrink FS - resize aborted
[  238.956984][T13414] EXT4-fs (loop8): unmounting filesystem.
[  238.971468][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  239.117374][   T24] usb 2-1: USB disconnect, device number 11
[  239.118336][T14151] loop8: detected capacity change from 0 to 40427
[  239.130961][T14151] F2FS-fs (loop8): fault_type options not supported
[  239.139654][T14151] F2FS-fs (loop8): invalid crc value
[  239.146951][T14151] F2FS-fs (loop8): Found nat_bits in checkpoint
[  239.181496][T14151] F2FS-fs (loop8): Start checkpoint disabled!
[  239.188465][T14151] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  239.239715][   T10] kworker/u4:1: attempt to access beyond end of device
[  239.239715][   T10] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  239.327294][T14157] sch_tbf: burst 0 is lower than device lo mtu (82) !
[  239.337977][  T440] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  239.542226][  T440] usb 8-1: New USB device found, idVendor=0870, idProduct=0001, bcdDevice=28.a9
[  239.551160][  T440] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.560013][  T440] usb 8-1: config 0 descriptor??
[  239.780426][ T3137] usb 8-1: USB disconnect, device number 20
[  240.094058][T14184] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6165'.
[  240.460477][   T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  240.532652][T14225] SELinux: syz.8.6183 (14225) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release.
[  240.546006][T14225] SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot
[  240.642972][T14237] netlink: 'syz.7.6190': attribute type 2 has an invalid length.
[  240.654175][   T24] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  240.667413][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  240.681472][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  240.695363][   T24] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  240.708865][T14243] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.714389][   T24] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  240.715970][T14243] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.725020][   T24] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  240.739854][   T24] usb 2-1: Product: syz
[  240.743907][   T24] usb 2-1: Manufacturer: syz
[  240.751683][T14245] netlink: 52 bytes leftover after parsing attributes in process `syz.7.6195'.
[  240.761543][   T24] cdc_wdm 2-1:1.0: invalid descriptor buffer length
[  240.768118][   T24] cdc_wdm: probe of 2-1:1.0 failed with error -22
[  240.793974][T14250] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  240.981979][   T24] usb 2-1: USB disconnect, device number 12
[  241.016381][ T5193] Bluetooth: hci0: command 0x1003 tx timeout
[  241.022428][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  241.090244][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  241.108408][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  241.131944][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  241.166706][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  241.206601][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  241.224219][T14262] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  241.806904][T14294] SELinux: failed to load policy
[  241.813701][   T28] audit: type=1400 audit(2000000399.578:892): avc:  denied  { load_policy } for  pid=14293 comm="syz.7.6215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  242.138847][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  242.374049][   T24] usb 2-1: Using ep0 maxpacket: 16
[  242.380387][   T24] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  242.388523][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  242.398370][   T24] usb 2-1: config 0 has no interface number 0
[  242.406183][   T24] usb 2-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  242.415214][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.423058][   T24] usb 2-1: Product: syz
[  242.427365][   T24] usb 2-1: Manufacturer: syz
[  242.431965][   T24] usb 2-1: SerialNumber: syz
[  242.437001][   T24] usb 2-1: config 0 descriptor??
[  242.442837][   T24] usb 2-1: Found UVC 0.00 device syz (046c:14e8)
[  242.449326][   T24] usb 2-1: No valid video chain found.
[  242.658814][   T19] usb 2-1: USB disconnect, device number 13
[  243.255287][T14350] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6234'.
[  243.456576][T14354] loop9: detected capacity change from 0 to 40427
[  243.493206][T14354] F2FS-fs (loop9): fault_injection options not supported
[  243.507832][T14354] F2FS-fs (loop9): invalid crc value
[  243.524410][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  243.539983][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  243.540753][T14354] F2FS-fs (loop9): Found nat_bits in checkpoint
[  243.548323][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  243.561352][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  243.568956][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  243.576709][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  243.585163][T14361] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  243.660457][T14354] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  243.775470][T12749] F2FS-fs (loop9): access invalid blkaddr:2816
[  243.789947][T12749] CPU: 0 PID: 12749 Comm: syz-executor Not tainted 6.1.129-syzkaller-00049-g1c9aeb1ce34b #0
[  243.800276][T12749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  243.810156][T12749] Call Trace:
[  243.813298][T12749]  <TASK>
[  243.816316][T12749]  dump_stack_lvl+0x151/0x1b7
[  243.821009][T12749]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  243.826295][T12749]  ? f2fs_get_next_page_offset+0x770/0x770
[  243.832026][T12749]  dump_stack+0x15/0x18
[  243.836119][T12749]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  243.841487][T12749]  f2fs_is_valid_blkaddr+0x25/0x30
[  243.846438][T12749]  f2fs_map_blocks+0xd10/0x4510
[  243.851222][T12749]  ? f2fs_map_lock+0x260/0x260
[  243.855921][T12749]  ? xa_load+0x1a1/0x210
[  243.859974][T12749]  ? xas_find_conflict+0x8c0/0x8c0
[  243.865184][T12749]  f2fs_mpage_readpages+0xc65/0x20f0
[  243.870481][T12749]  ? get_page_from_freelist+0x3a98/0x3b10
[  243.876108][T12749]  ? dquot_release_reservation_block+0xa0/0xa0
[  243.882192][T12749]  ? __this_cpu_preempt_check+0x13/0x20
[  243.887558][T12749]  ? memcg_rstat_updated+0x57/0x120
[  243.892657][T12749]  f2fs_readahead+0xfd/0x250
[  243.897187][T12749]  ? blk_start_plug+0x9c/0x130
[  243.902076][T12749]  read_pages+0x1be/0xd40
[  243.906323][T12749]  ? workingset_activation+0x430/0x430
[  243.911705][T12749]  ? folio_add_lru+0x280/0x3f0
[  243.916389][T12749]  ? page_cache_ra_unbounded+0x800/0x800
[  243.922454][T12749]  ? filemap_add_folio+0x18f/0x200
[  243.927879][T12749]  ? __filemap_add_folio+0xdb0/0xdb0
[  243.934397][T12749]  page_cache_ra_unbounded+0x61f/0x800
[  243.939872][T12749]  ? readahead_gfp_mask+0x190/0x190
[  243.944974][T12749]  ? __kernel_text_address+0xd/0x40
[  243.950178][T12749]  ? unwind_get_return_address+0x4d/0x90
[  243.955660][T12749]  page_cache_ra_order+0x987/0xc40
[  243.960599][T12749]  ? do_page_cache_ra+0x110/0x110
[  243.965804][T12749]  ? __stack_depot_save+0x36/0x480
[  243.970925][T12749]  ? putname+0xfa/0x150
[  243.974913][T12749]  ondemand_readahead+0x925/0xef0
[  243.979823][T12749]  ? kasan_set_track+0x4b/0x70
[  243.984635][T12749]  ? kasan_save_free_info+0x2b/0x40
[  243.990188][T12749]  ? ____kasan_slab_free+0x131/0x180
[  243.995330][T12749]  ? do_syscall_64+0x3b/0xb0
[  243.999838][T12749]  ? page_cache_sync_ra+0x450/0x450
[  244.005270][T12749]  ? blk_cgroup_congested+0x132/0x150
[  244.010860][T12749]  page_cache_sync_ra+0x3d6/0x450
[  244.016450][T12749]  f2fs_readdir+0x599/0xc10
[  244.021400][T12749]  ? f2fs_fill_dentries+0xd00/0xd00
[  244.026423][T12749]  ? __this_cpu_preempt_check+0x13/0x20
[  244.031815][T12749]  ? memcg_rstat_updated+0x57/0x120
[  244.036971][T12749]  ? security_file_permission+0x86/0xb0
[  244.042436][T12749]  iterate_dir+0x265/0x600
[  244.047209][T12749]  ? f2fs_fill_dentries+0xd00/0xd00
[  244.052238][T12749]  __se_sys_getdents64+0x1c1/0x460
[  244.057301][T12749]  ? __x64_sys_getdents64+0x90/0x90
[  244.062687][T12749]  ? filldir+0x670/0x670
[  244.066749][T12749]  ? debug_smp_processor_id+0x17/0x20
[  244.071974][T12749]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  244.078295][T12749]  ? exit_to_user_mode_prepare+0x39/0xa0
[  244.083761][T12749]  __x64_sys_getdents64+0x7b/0x90
[  244.088704][T12749]  x64_sys_call+0x5ae/0x9a0
[  244.093216][T12749]  do_syscall_64+0x3b/0xb0
[  244.097470][T12749]  ? clear_bhb_loop+0x55/0xb0
[  244.101988][T12749]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  244.107821][T12749] RIP: 0033:0x7f8f96fbfad3
[  244.112053][T12749] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  244.132627][T12749] RSP: 002b:00007ffffbd5c1e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  244.141575][T12749] RAX: ffffffffffffffda RBX: 00005555659f84e0 RCX: 00007f8f96fbfad3
[  244.149395][T12749] RDX: 0000000000008000 RSI: 00005555659f84e0 RDI: 0000000000000005
[  244.157547][T12749] RBP: 00005555659f84b4 R08: 0000000000000000 R09: 0000000000000000
[  244.165440][T12749] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  244.173260][T12749] R13: 0000000000000010 R14: 00005555659f84b0 R15: 00007ffffbd5e4a0
[  244.181334][T12749]  </TASK>
[  244.196798][T12749] F2FS-fs (loop9): access invalid blkaddr:2816
[  244.203488][T12749] CPU: 0 PID: 12749 Comm: syz-executor Not tainted 6.1.129-syzkaller-00049-g1c9aeb1ce34b #0
[  244.213764][T12749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  244.224194][T12749] Call Trace:
[  244.227428][T12749]  <TASK>
[  244.230204][T12749]  dump_stack_lvl+0x151/0x1b7
[  244.234721][T12749]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  244.240011][T12749]  ? f2fs_get_next_page_offset+0x770/0x770
[  244.245655][T12749]  dump_stack+0x15/0x18
[  244.250078][T12749]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  244.255896][T12749]  f2fs_is_valid_blkaddr+0x25/0x30
[  244.260841][T12749]  f2fs_map_blocks+0xd10/0x4510
[  244.265539][T12749]  ? f2fs_map_lock+0x260/0x260
[  244.270139][T12749]  ? xa_load+0x1a1/0x210
[  244.274213][T12749]  ? xas_find_conflict+0x8c0/0x8c0
[  244.279330][T12749]  ? folio_unlock+0x5c/0x70
[  244.284032][T12749]  f2fs_mpage_readpages+0xc65/0x20f0
[  244.289141][T12749]  ? get_page_from_freelist+0x3a98/0x3b10
[  244.294697][T12749]  ? dquot_release_reservation_block+0xa0/0xa0
[  244.300780][T12749]  ? __this_cpu_preempt_check+0x13/0x20
[  244.306330][T12749]  ? memcg_rstat_updated+0x57/0x120
[  244.311467][T12749]  f2fs_readahead+0xfd/0x250
[  244.315982][T12749]  ? blk_start_plug+0x9c/0x130
[  244.320751][T12749]  read_pages+0x1be/0xd40
[  244.324933][T12749]  ? workingset_activation+0x430/0x430
[  244.331407][T12749]  ? folio_add_lru+0x280/0x3f0
[  244.336642][T12749]  ? page_cache_ra_unbounded+0x800/0x800
[  244.342207][T12749]  ? filemap_add_folio+0x18f/0x200
[  244.347304][T12749]  ? __filemap_add_folio+0xdb0/0xdb0
[  244.352655][T12749]  page_cache_ra_unbounded+0x61f/0x800
[  244.358611][T12749]  ? readahead_gfp_mask+0x190/0x190
[  244.363729][T12749]  ? __kernel_text_address+0xd/0x40
[  244.369356][T12749]  ? unwind_get_return_address+0x4d/0x90
[  244.375516][T12749]  page_cache_ra_order+0x987/0xc40
[  244.380751][T12749]  ? do_page_cache_ra+0x110/0x110
[  244.385657][T12749]  ? __stack_depot_save+0x36/0x480
[  244.391418][T12749]  ? putname+0xfa/0x150
[  244.395686][T12749]  ondemand_readahead+0x925/0xef0
[  244.400730][T12749]  ? kasan_set_track+0x4b/0x70
[  244.405335][T12749]  ? kasan_save_free_info+0x2b/0x40
[  244.410453][T12749]  ? ____kasan_slab_free+0x131/0x180
[  244.415786][T12749]  ? do_syscall_64+0x3b/0xb0
[  244.420350][T12749]  ? page_cache_sync_ra+0x450/0x450
[  244.425657][T12749]  ? blk_cgroup_congested+0x132/0x150
[  244.431485][T12749]  page_cache_sync_ra+0x3d6/0x450
[  244.437025][T12749]  f2fs_readdir+0x599/0xc10
[  244.441363][T12749]  ? f2fs_fill_dentries+0xd00/0xd00
[  244.446482][T12749]  ? __this_cpu_preempt_check+0x13/0x20
[  244.452205][T12749]  ? memcg_rstat_updated+0x57/0x120
[  244.457543][T12749]  ? security_file_permission+0x86/0xb0
[  244.462930][T12749]  iterate_dir+0x265/0x600
[  244.467251][T12749]  ? f2fs_fill_dentries+0xd00/0xd00
[  244.472374][T12749]  __se_sys_getdents64+0x1c1/0x460
[  244.477326][T12749]  ? __x64_sys_getdents64+0x90/0x90
[  244.482351][T12749]  ? filldir+0x670/0x670
[  244.486433][T12749]  ? debug_smp_processor_id+0x17/0x20
[  244.491648][T12749]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  244.497541][T12749]  ? exit_to_user_mode_prepare+0x39/0xa0
[  244.503100][T12749]  __x64_sys_getdents64+0x7b/0x90
[  244.507956][T12749]  x64_sys_call+0x5ae/0x9a0
[  244.513214][T12749]  do_syscall_64+0x3b/0xb0
[  244.518596][T12749]  ? clear_bhb_loop+0x55/0xb0
[  244.523071][T12749]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  244.529123][T12749] RIP: 0033:0x7f8f96fbfad3
[  244.533428][T12749] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  244.553505][T12749] RSP: 002b:00007ffffbd5c1e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  244.561760][T12749] RAX: ffffffffffffffda RBX: 00005555659f84e0 RCX: 00007f8f96fbfad3
[  244.569743][T12749] RDX: 0000000000008000 RSI: 00005555659f84e0 RDI: 0000000000000005
[  244.578260][T12749] RBP: 00005555659f84b4 R08: 0000000000000000 R09: 0000000000000000
[  244.586419][T12749] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  244.594359][T12749] R13: 0000000000000010 R14: 00005555659f84b0 R15: 00007ffffbd5e4a0
[  244.602159][T12749]  </TASK>
[  244.614344][T12749] syz-executor: attempt to access beyond end of device
[  244.614344][T12749] loop9: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  244.632229][T14392] hub 9-0:1.0: USB hub found
[  244.636947][T14392] hub 9-0:1.0: 1 port detected
[  244.693385][  T327] kworker/u4:4: attempt to access beyond end of device
[  244.693385][  T327] loop9: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  244.707494][   T28] audit: type=1400 audit(2000000402.290:893): avc:  denied  { bind } for  pid=14399 comm="syz.1.6255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  244.805133][T14410] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6261'.
[  244.828593][T14410] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6261'.
[  245.090966][T14433] input: syz0 as /devices/virtual/input/input77
[  245.139545][T14436] loop1: detected capacity change from 0 to 512
[  245.153923][T14436] EXT4-fs: Ignoring removed mblk_io_submit option
[  245.173597][T14436] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  245.185024][T14436] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  245.195509][T14436] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 196613)!
[  245.206062][T14436] EXT4-fs (loop1): group descriptors corrupted!
[  245.237518][T14434] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.244656][T14434] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.254285][T14434] device bridge_slave_0 entered promiscuous mode
[  245.261619][T14434] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.268967][T14434] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.277232][T14434] device bridge_slave_1 entered promiscuous mode
[  245.342490][T14458] loop7: detected capacity change from 0 to 256
[  245.367177][   T28] audit: type=1400 audit(2000000402.908:894): avc:  denied  { unlink } for  pid=14461 comm="syz.1.6285" name="#b" dev="tmpfs" ino=274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  245.385841][T14458] FAT-fs (loop7): Directory bread(block 64) failed
[  245.396120][T14458] FAT-fs (loop7): Directory bread(block 65) failed
[  245.403082][T14458] FAT-fs (loop7): Directory bread(block 66) failed
[  245.409751][T14458] FAT-fs (loop7): Directory bread(block 67) failed
[  245.416364][T14458] FAT-fs (loop7): Directory bread(block 68) failed
[  245.422944][T14458] FAT-fs (loop7): Directory bread(block 69) failed
[  245.429373][T14458] FAT-fs (loop7): Directory bread(block 70) failed
[  245.435879][T14458] FAT-fs (loop7): Directory bread(block 71) failed
[  245.442495][T14458] FAT-fs (loop7): Directory bread(block 72) failed
[  245.450393][T14458] FAT-fs (loop7): Directory bread(block 73) failed
[  245.485539][T14458] FAT-fs (loop7): error, invalid access to FAT (entry 0x00006c61)
[  245.499836][  T466] device bridge_slave_1 left promiscuous mode
[  245.505846][  T466] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.513696][  T466] device bridge_slave_0 left promiscuous mode
[  245.520639][  T466] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.529051][  T466] device veth1_macvtap left promiscuous mode
[  245.535261][  T466] device veth0_vlan left promiscuous mode
[  245.758587][T14434] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.765755][T14434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.772956][T14434] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.779949][T14434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.872319][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  245.885671][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.003513][T14488] loop8: detected capacity change from 0 to 256
[  246.032379][T14488] FAT-fs (loop8): error, clusters badly computed (0 != 128)
[  246.039595][T14488] FAT-fs (loop8): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  247.655405][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.700472][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  247.725787][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.732696][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.763278][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.788510][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.795416][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.825823][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  247.859603][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  247.901515][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  247.922248][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  247.956439][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  247.993027][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  248.028791][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  248.038120][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  248.049326][T14434] device veth0_vlan entered promiscuous mode
[  248.065348][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  248.073667][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  248.102417][T14434] device veth1_macvtap entered promiscuous mode
[  248.113730][   T28] audit: type=1400 audit(2000000405.480:895): avc:  denied  { map } for  pid=14535 comm="syz.1.6316" path="socket:[67080]" dev="sockfs" ino=67080 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  248.154988][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  248.186470][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  248.221387][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  248.268464][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  248.282261][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  248.290863][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  248.300932][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  248.366854][T14567] loop1: detected capacity change from 0 to 512
[  248.374114][T14571] serio: Serial port ptm0
[  248.424785][T14567] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.6331: casefold flag without casefold feature
[  248.445832][T14567] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.6331: couldn't read orphan inode 15 (err -117)
[  248.458936][T14567] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  248.506493][T14591] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6340'.
[  248.529721][T14002] EXT4-fs (loop1): unmounting filesystem.
[  248.604675][T14608] loop1: detected capacity change from 0 to 1024
[  248.614021][T14608] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  248.623914][T14608] EXT4-fs (loop1): orphan cleanup on readonly fs
[  248.631215][T14608] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.6346: Freeing blocks not in datazone - block = 0, count = 4096
[  248.645269][T14608] EXT4-fs (loop1): 1 orphan inode deleted
[  248.652188][T14608] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  248.663896][T14608] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  248.686835][   T28] audit: type=1400 audit(2000000406.023:896): avc:  denied  { relabelfrom } for  pid=14613 comm="syz.7.6349" name="" dev="pipefs" ino=68117 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  248.738462][T14002] EXT4-fs (loop1): unmounting filesystem.
[  248.744812][   T28] audit: type=1400 audit(2000000406.060:897): avc:  denied  { lock } for  pid=14614 comm="syz.8.6350" path="socket:[68118]" dev="sockfs" ino=68118 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  248.804566][T14626] loop8: detected capacity change from 0 to 1024
[  248.809471][T14628] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  248.823410][T14628] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  248.842822][T14628] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  248.851216][T14628] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  248.895443][T14626] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  248.928413][T14626] EXT4-fs (loop8): orphan cleanup on readonly fs
[  248.934695][T14626] EXT4-fs error (device loop8): ext4_free_blocks:6210: comm syz.8.6365: Freeing blocks not in datazone - block = 0, count = 4096
[  248.950540][T14626] EXT4-fs (loop8): 1 orphan inode deleted
[  248.956113][T14626] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  248.967305][T14626] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  249.035141][T13414] EXT4-fs (loop8): unmounting filesystem.
[  249.150308][T14661] loop8: detected capacity change from 0 to 512
[  249.162347][T14638] loop1: detected capacity change from 0 to 40427
[  249.185872][T14668] device bridge_slave_1 left promiscuous mode
[  249.213724][T14668] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.222320][T14638] F2FS-fs (loop1): Found nat_bits in checkpoint
[  249.234491][T14661] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  249.253531][T14661] System zones: 0-2, 18-18, 34-35
[  249.269633][T14661] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  249.293720][T14661] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.346378][T14638] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  249.372136][T14693] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  249.383497][T14693] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.390556][T14693] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.404692][T13414] EXT4-fs (loop8): unmounting filesystem.
[  249.502607][T14002] syz-executor: attempt to access beyond end of device
[  249.502607][T14002] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  249.563215][T14711] loop7: detected capacity change from 0 to 1024
[  249.580006][T14711] EXT4-fs: Ignoring removed nobh option
[  249.593065][T14711] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #11: comm syz.7.6393: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  249.618887][T14711] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.6393: couldn't read orphan inode 11 (err -117)
[  249.638499][T14711] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  249.650179][T14711] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:477: comm syz.7.6393: Invalid block bitmap block 0 in block_group 0
[  249.676066][T14711] Quota error (device loop7): write_blk: dquota write failed
[  249.697167][T14711] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  249.713381][T14711] EXT4-fs error (device loop7): ext4_acquire_dquot:6782: comm syz.7.6393: Failed to acquire dquot type 0
[  249.728616][T14727] EXT4-fs error (device loop7): __ext4_get_inode_loc:4508: comm syz.7.6393: Invalid inode table block 8589934593 in block_group 0
[  249.742574][   T28] audit: type=1326 audit(2000000406.995:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14729 comm="syz.8.6400" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21e2b8d169 code=0x0
[  249.767183][   T19] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  249.783991][   T10] EXT4-fs error (device loop7): __ext4_get_inode_loc:4508: comm kworker/u4:1: Invalid inode table block 8589934593 in block_group 0
[  249.795406][T14732] loop1: detected capacity change from 0 to 1024
[  249.804506][T14732] EXT4-fs: Ignoring removed orlov option
[  249.809414][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  249.817899][T14732] EXT4-fs: Ignoring removed nomblk_io_submit option
[  249.847613][T14732] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  249.879938][T14002] EXT4-fs (loop1): unmounting filesystem.
[  249.923909][T14746] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6405'.
[  249.928463][T14748] loop1: detected capacity change from 0 to 512
[  249.971410][T14748] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  249.980930][   T19] usb 3-1: Using ep0 maxpacket: 16
[  249.989088][   T28] audit: type=1400 audit(2000000407.239:899): avc:  denied  { lock } for  pid=14753 comm="syz.7.6408" path="socket:[67490]" dev="sockfs" ino=67490 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  250.002464][T14748] System zones: 0-2, 18-18, 34-35
[  250.015426][   T19] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  250.023668][T14748] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  250.035570][   T19] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  250.037155][T14748] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.072961][   T19] usb 3-1: config 0 has no interface number 0
[  250.113508][T14002] EXT4-fs (loop1): unmounting filesystem.
[  250.120720][   T19] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  250.130365][   T19] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.138604][   T19] usb 3-1: Product: syz
[  250.142620][   T19] usb 3-1: Manufacturer: syz
[  250.147062][   T19] usb 3-1: SerialNumber: syz
[  250.153077][   T19] usb 3-1: config 0 descriptor??
[  250.166450][   T19] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  250.173038][   T19] usb 3-1: No valid video chain found.
[  250.251795][T14774] loop7: detected capacity change from 0 to 128
[  250.267874][T14774] FAT-fs (loop7): Directory bread(block 32) failed
[  250.276251][T14774] FAT-fs (loop7): Directory bread(block 33) failed
[  250.283030][T14774] FAT-fs (loop7): Directory bread(block 34) failed
[  250.289697][T14774] FAT-fs (loop7): Directory bread(block 35) failed
[  250.296830][T14774] FAT-fs (loop7): Directory bread(block 36) failed
[  250.303263][T14774] FAT-fs (loop7): Directory bread(block 37) failed
[  250.310021][T14774] FAT-fs (loop7): Directory bread(block 38) failed
[  250.313645][T14778] SELinux:  policydb magic number 0x18 does not match expected magic number 0xf97cff8c
[  250.316900][T14774] FAT-fs (loop7): Directory bread(block 39) failed
[  250.326357][T14778] SELinux: failed to load policy
[  250.337881][T14774] FAT-fs (loop7): Directory bread(block 40) failed
[  250.345222][T14774] FAT-fs (loop7): Directory bread(block 41) failed
[  250.370982][T14780] netlink: 96 bytes leftover after parsing attributes in process `syz.1.6421'.
[  250.395105][   T19] usb 3-1: USB disconnect, device number 22
[  250.408982][T14774] syz.7.6418: attempt to access beyond end of device
[  250.408982][T14774] loop7: rw=0, sector=4108, nr_sectors = 4 limit=128
[  250.422617][T14774] FAT-fs (loop7): Filesystem has been set read-only
[  250.429758][T14774] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  250.474501][T14786] loop7: detected capacity change from 0 to 512
[  250.489878][T14786] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  250.497994][T14786] System zones: 0-2, 18-18, 34-35
[  250.504049][T14786] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  250.513653][T14786] ext4 filesystem being mounted at /785/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.558660][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  250.597709][T14799] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  250.606524][T14799] SELinux: failed to load policy
[  250.783313][T14818] binder: 14817:14818 ioctl c018620c 200000000180 returned -1
[  251.076720][T14840] loop7: detected capacity change from 0 to 256
[  251.088441][T14840] FAT-fs (loop7): error, clusters badly computed (0 != 128)
[  251.095677][T14840] FAT-fs (loop7): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  251.188682][T14849] input: syz0 as /devices/virtual/input/input78
[  253.325136][   T28] audit: type=1400 audit(2000000410.363:900): avc:  denied  { write } for  pid=14859 comm="syz.7.6455" name="syz7" dev="cgroup2" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:kmsg_device_t:s0"
[  253.389891][T14870] loop1: detected capacity change from 0 to 1024
[  253.407278][T14868] loop8: detected capacity change from 0 to 1024
[  253.413936][T14868] EXT4-fs: Ignoring removed orlov option
[  253.422196][   T28] audit: type=1400 audit(2000000410.381:901): avc:  denied  { add_name } for  pid=14859 comm="syz.7.6455" name="syz0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:kmsg_device_t:s0"
[  253.455020][T14870] EXT4-fs: Ignoring removed orlov option
[  253.465254][T14870] EXT4-fs: Ignoring removed nomblk_io_submit option
[  253.471897][T14868] EXT4-fs: Ignoring removed nomblk_io_submit option
[  253.482593][   T28] audit: type=1400 audit(2000000410.381:902): avc:  denied  { associate } for  pid=14859 comm="syz.7.6455" name="syz0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  253.534600][   T28] audit: type=1400 audit(2000000410.550:903): avc:  denied  { watch watch_reads } for  pid=14888 comm="syz.0.6467" path="/1102/file0" dev="tmpfs" ino=5654 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  253.563077][T14868] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  253.585472][T14870] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  253.621835][   T28] audit: type=1400 audit(2000000410.643:904): avc:  denied  { link } for  pid=14869 comm="syz.1.6458" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  253.629160][T13414] EXT4-fs (loop8): unmounting filesystem.
[  253.687998][T14002] EXT4-fs (loop1): unmounting filesystem.
[  253.720356][T14905] netlink: 'syz.8.6470': attribute type 5 has an invalid length.
[  253.838206][T14920] loop1: detected capacity change from 0 to 512
[  253.866731][T14922] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6482'.
[  253.889306][T14920] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  253.963937][T14920] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.979736][T14930] loop7: detected capacity change from 0 to 1024
[  254.060548][T14930] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  254.073558][T14002] EXT4-fs (loop1): unmounting filesystem.
[  254.104081][   T28] audit: type=1400 audit(2000000411.092:905): avc:  denied  { lock } for  pid=14929 comm="syz.7.6485" path="/801/file1/file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  254.186607][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  254.231643][T14945] loop7: detected capacity change from 0 to 512
[  254.270059][T14945] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.304264][T14945] EXT4-fs error (device loop7): ext4_get_branch:178: inode #13: block 2: comm syz.7.6490: invalid block
[  254.326451][T14945] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.6490: invalid indirect mapped block 10 (level 1)
[  254.377141][T14945] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.6490: invalid indirect mapped block 8 (level 1)
[  254.412321][T14958] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.419768][T14945] EXT4-fs (loop7): 1 truncate cleaned up
[  254.430099][T14945] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  254.439150][T14958] device bridge_slave_1 left promiscuous mode
[  254.454528][T14958] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.535080][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  254.616576][T14969] loop7: detected capacity change from 0 to 256
[  254.638626][T14969] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  254.740835][T14980] loop7: detected capacity change from 0 to 2048
[  254.795766][T14980] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  254.823050][T14980] ext4 filesystem being mounted at /804/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.840930][   T28] audit: type=1400 audit(2000000411.775:906): avc:  denied  { mounton } for  pid=14990 comm="syz.2.6509" path="/syzcgroup/cpu/syz2/cpuset.cpus" dev="cgroup" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  254.841001][T14991] incfs: Options parsing error. -22
[  254.945821][T14980] EXT4-fs error (device loop7): ext4_lookup:1858: inode #13: comm syz.7.6505: iget: bogus i_mode (0)
[  254.973136][T14991] incfs: mount failed -22
[  254.992608][T14980] EXT4-fs (loop7): Remounting filesystem read-only
[  255.031542][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  255.111153][T15008] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  255.295740][T15028] netlink: 277 bytes leftover after parsing attributes in process `syz.8.6525'.
[  255.342320][  T327] Bluetooth: hci0: Frame reassembly failed (-84)
[  255.349514][T15035] Bluetooth: hci0: Frame reassembly failed (-84)
[  255.418854][T15047] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0
[  255.530131][T15064] netlink: 'syz.0.6542': attribute type 1 has an invalid length.
[  255.542641][T15061] user requested TSC rate below hardware speed
[  255.692961][   T28] audit: type=1326 audit(2000000412.570:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15083 comm="syz.0.6552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90358d169 code=0x7ffc0000
[  255.711895][T15086] IPv6: NLM_F_CREATE should be specified when creating new route
[  255.739721][   T28] audit: type=1326 audit(2000000412.570:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15083 comm="syz.0.6552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd90358d169 code=0x7ffc0000
[  255.779451][   T28] audit: type=1326 audit(2000000412.570:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15083 comm="syz.0.6552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90358d169 code=0x7ffc0000
[  255.920898][T15104] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.962152][T15104] device bridge_slave_1 left promiscuous mode
[  255.983318][T15104] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.038078][T15112] bridge0: port 2(vlan2) entered blocking state
[  256.048364][T15112] bridge0: port 2(vlan2) entered disabled state
[  256.172275][T15133] loop8: detected capacity change from 0 to 1024
[  256.179295][T15133] EXT4-fs: Ignoring removed nobh option
[  256.197051][T15133] EXT4-fs error (device loop8): ext4_ext_check_inode:520: inode #11: comm syz.8.6574: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  256.217113][T15133] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.6574: couldn't read orphan inode 11 (err -117)
[  256.229487][T15133] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  256.248636][T15133] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:477: comm syz.8.6574: Invalid block bitmap block 0 in block_group 0
[  256.262295][T15133] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.6574: Failed to acquire dquot type 0
[  256.274984][T15133] EXT4-fs error (device loop8): __ext4_get_inode_loc:4508: comm syz.8.6574: Invalid inode table block 8589934593 in block_group 0
[  256.294508][T15139] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  256.302952][  T327] EXT4-fs error (device loop8): __ext4_get_inode_loc:4508: comm kworker/u4:4: Invalid inode table block 8589934593 in block_group 0
[  256.317953][T13414] EXT4-fs (loop8): unmounting filesystem.
[  256.448874][T15159] netlink: 'syz.8.6586': attribute type 15 has an invalid length.
[  256.550488][T15164] loop8: detected capacity change from 0 to 128
[  256.556975][T15164] EXT4-fs: Ignoring removed nobh option
[  256.565194][T15164] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  256.574324][T15164] ext4 filesystem being mounted at /126/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  256.599358][T13414] EXT4-fs (loop8): unmounting filesystem.
[  257.094009][T15187] netlink: 277 bytes leftover after parsing attributes in process `syz.2.6597'.
[  257.153561][T15197] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6602'.
[  257.192363][T15203] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6606'.
[  257.213123][T15205] loop8: detected capacity change from 0 to 2048
[  257.238205][T15205] EXT4-fs: Ignoring removed nomblk_io_submit option
[  257.257101][T15205] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  257.283018][T13414] EXT4-fs (loop8): unmounting filesystem.
[  257.321238][T15220] loop7: detected capacity change from 0 to 512
[  257.333297][T15220] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  257.342386][T15220] ext4 filesystem being mounted at /835/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.366821][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  257.496803][T15240] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  257.513060][T15242] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6622'.
[  257.522099][T15242] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6622'.
[  257.522698][ T5194] Bluetooth: hci0: command 0x1003 tx timeout
[  257.537027][T14258] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  257.633780][T15255] bridge0: port 2(vlan3) entered blocking state
[  257.640070][T15255] bridge0: port 2(vlan3) entered disabled state
[  257.647235][T15253] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  257.657287][T15253] F2FS-fs (loop3): Unable to read 1th superblock
[  257.665936][T15253] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  257.675114][T15253] F2FS-fs (loop3): Unable to read 2th superblock
[  257.880693][T15282] netlink: 196 bytes leftover after parsing attributes in process `syz.8.6641'.
[  258.832811][T15300] loop8: detected capacity change from 0 to 131072
[  258.849682][T15300] F2FS-fs (loop8): Segment count (31) mismatch with total segments from devices (0)
[  258.860737][T15300] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  258.870444][T15300] F2FS-fs (loop8): invalid crc value
[  258.910784][T15300] F2FS-fs (loop8): Found nat_bits in checkpoint
[  259.008219][T15300] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  259.019380][T15300] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  259.030842][   T28] kauditd_printk_skb: 79 callbacks suppressed
[  259.030859][   T28] audit: type=1400 audit(2000004510.700:987): avc:  denied  { create } for  pid=15350 comm="syz.1.6672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  259.078019][   T28] audit: type=1400 audit(2000004510.700:988): avc:  denied  { connect } for  pid=15350 comm="syz.1.6672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  259.121311][   T28] audit: type=1400 audit(2000004510.766:989): avc:  denied  { ioctl } for  pid=15299 comm="syz.8.6650" path="/155/file0/memory.events.local" dev="loop8" ino=10 ioctlcmd=0x5820 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  259.162277][T15333] loop7: detected capacity change from 0 to 40427
[  259.170412][T15333] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  259.183527][T15353] loop1: detected capacity change from 0 to 1024
[  259.185433][T15333] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  259.210004][   T28] audit: type=1400 audit(2000004510.831:990): avc:  denied  { write } for  pid=15352 comm="syz.1.6673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  259.231914][   T28] audit: type=1400 audit(2000004510.831:991): avc:  denied  { read } for  pid=15352 comm="syz.1.6673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  259.252383][T15353] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  259.253496][T15333] F2FS-fs (loop7): Found nat_bits in checkpoint
[  259.319120][T15333] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  259.325991][T15333] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  259.339322][T15353] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  259.392519][T15353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6673'.
[  259.448102][T14002] EXT4-fs (loop1): unmounting filesystem.
[  259.505426][T15363] loop1: detected capacity change from 0 to 2048
[  259.532843][T15363] EXT4-fs: Ignoring removed nomblk_io_submit option
[  259.575025][T15363] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  259.601581][   T28] audit: type=1400 audit(2000004511.224:992): avc:  denied  { map } for  pid=15370 comm="syz.7.6676" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=70509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  259.667569][T14002] EXT4-fs (loop1): unmounting filesystem.
[  259.682188][   T28] audit: type=1400 audit(2000004511.224:993): avc:  denied  { read write } for  pid=15370 comm="syz.7.6676" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=70509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  259.725569][   T28] audit: type=1400 audit(2000004511.346:994): avc:  denied  { write } for  pid=15380 comm="syz.1.6681" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  259.784207][   T28] audit: type=1400 audit(2000004511.365:995): avc:  denied  { open } for  pid=15380 comm="syz.1.6681" path="/dev/ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  259.994429][   T28] audit: type=1400 audit(2000004511.598:996): avc:  denied  { getopt } for  pid=15406 comm="syz.2.6694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  260.151620][T15393] loop7: detected capacity change from 0 to 40427
[  260.153885][T15387] loop1: detected capacity change from 0 to 40427
[  260.186553][T15387] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  260.194219][T15387] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  260.194796][T15393] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  260.227650][T15387] F2FS-fs (loop1): invalid crc value
[  260.237345][T15393] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  260.291899][T15387] F2FS-fs (loop1): Found nat_bits in checkpoint
[  260.296937][T15393] F2FS-fs (loop7): Found nat_bits in checkpoint
[  260.371404][T15393] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  260.378361][T15393] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  260.398429][T15387] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  260.405311][T15387] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  260.461961][  T327] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  260.479371][  T327] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  260.727816][T15473] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6722'.
[  260.750018][T15473] device bridge_slave_1 left promiscuous mode
[  260.760850][T15473] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.833937][T15489] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  260.852987][T15491] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  261.113963][T15513] loop7: detected capacity change from 0 to 2048
[  261.166498][T15513] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  261.190114][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  261.221248][T15528] loop7: detected capacity change from 0 to 512
[  261.262472][T15528] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  261.295249][T15528] ext4 filesystem being mounted at /871/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.359219][T15528] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  261.401836][T15528] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28
[  261.414363][T15544] loop8: detected capacity change from 0 to 1024
[  261.421030][T15544] EXT4-fs: Ignoring removed nobh option
[  261.428025][T15528] EXT4-fs (loop7): This should not happen!! Data will be lost
[  261.428025][T15528] 
[  261.435524][T15544] EXT4-fs: Ignoring removed bh option
[  261.446324][T15528] EXT4-fs (loop7): Total free blocks count 0
[  261.452445][T15544] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  261.460393][T15528] EXT4-fs (loop7): Free/Dirty block details
[  261.478675][T15528] EXT4-fs (loop7): free_blocks=65280
[  261.489019][T15528] EXT4-fs (loop7): dirty_blocks=31
[  261.500842][T15528] EXT4-fs (loop7): Block reservation details
[  261.507995][T15544] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  261.521036][T15528] EXT4-fs (loop7): i_reserved_data_blocks=31
[  261.547233][T13414] EXT4-fs (loop8): unmounting filesystem.
[  261.575492][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  261.809078][T15581] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  261.837392][T15585] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6768'.
[  261.889475][  T319] kernel write not supported for file /uhid (pid: 319 comm: kworker/0:2)
[  261.990284][T15603] netlink: 48 bytes leftover after parsing attributes in process `syz.7.6777'.
[  261.991406][   T19] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  262.098793][T15626] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[  262.168876][T15636] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  262.196113][T15641] loop7: detected capacity change from 0 to 1024
[  262.217167][   T19] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  262.218184][T15641] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  262.227281][   T19] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  262.236123][   T19] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  262.246019][T15641] ext4 filesystem being mounted at /884/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.285166][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  262.294334][   T19] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  262.313748][   T19] usb 9-1: SerialNumber: syz
[  262.521078][T15680] loop7: detected capacity change from 0 to 16
[  262.527785][T15680] erofs: (device loop7): mounted with root inode @ nid 36.
[  262.536579][T15680] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  262.545054][T15680] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  262.553620][T15680] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  262.562867][   T19] usb 9-1: 0:2 : does not exist
[  262.567683][   T19] usb 9-1: unit 255 not found!
[  262.580858][   T19] usb 9-1: USB disconnect, device number 15
[  263.736234][T15693] loop1: detected capacity change from 0 to 2048
[  263.749864][T15693] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  263.758879][T15693] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.774060][T15693] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.6818: bg 0: block 345: padding at end of block bitmap is not set
[  263.805640][T14002] EXT4-fs (loop1): unmounting filesystem.
[  263.978822][T15709] loop1: detected capacity change from 0 to 40427
[  263.996072][T15709] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  264.011833][T15709] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  264.051433][T15709] F2FS-fs (loop1): Found nat_bits in checkpoint
[  264.140421][T15709] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  264.147315][T15709] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  264.424656][T15764] loop1: detected capacity change from 0 to 256
[  264.443553][   T28] kauditd_printk_skb: 48 callbacks suppressed
[  264.443572][   T28] audit: type=1400 audit(2000004515.761:1045): avc:  denied  { name_bind } for  pid=15765 comm="syz.7.6843" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  264.460084][T15764] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  264.487246][T15769] device lo left promiscuous mode
[  264.502261][T15764] exFAT-fs (loop1): hint_cluster is invalid (1)
[  264.503236][T15769] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  264.509328][T15764] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000)
[  264.530760][   T28] audit: type=1400 audit(2000004515.761:1046): avc:  denied  { node_bind } for  pid=15765 comm="syz.7.6843" saddr=::1 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  264.532822][T15764] exFAT-fs (loop1): Filesystem has been set read-only
[  264.564743][T15764] exFAT-fs (loop1): error, failed to bmap (inode : ffff8881176de5f0 iblock : 9, err : -5)
[  264.573349][   T28] audit: type=1400 audit(2000004515.798:1047): avc:  denied  { mount } for  pid=15763 comm="syz.1.6834" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  264.585961][ T3137] kworker/0:5: attempt to access beyond end of device
[  264.585961][ T3137] loop1: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  264.620695][   T28] audit: type=1400 audit(2000004515.808:1048): avc:  denied  { write } for  pid=15763 comm="syz.1.6834" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  264.653367][   T28] audit: type=1400 audit(2000004515.808:1049): avc:  denied  { add_name } for  pid=15763 comm="syz.1.6834" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  264.706496][   T28] audit: type=1400 audit(2000004515.808:1050): avc:  denied  { associate } for  pid=15763 comm="syz.1.6834" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  264.732433][T15783] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  264.742876][T15783] FAT-fs (loop15): unable to read boot sector
[  264.752601][   T28] audit: type=1400 audit(2000004515.808:1051): avc:  denied  { read write } for  pid=15763 comm="syz.1.6834" name="file1" dev="loop1" ino=1048946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  264.806407][   T28] audit: type=1400 audit(2000004515.808:1052): avc:  denied  { open } for  pid=15763 comm="syz.1.6834" path="/134/file0/file1" dev="loop1" ino=1048946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  264.837390][T15793] loop8: detected capacity change from 0 to 512
[  264.847666][   T28] audit: type=1400 audit(2000004515.892:1053): avc:  denied  { mounton } for  pid=15763 comm="syz.1.6834" path="/134/file0/file0" dev="loop1" ino=1048947 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  264.871923][   T28] audit: type=1400 audit(2000004515.920:1054): avc:  denied  { mount } for  pid=15774 comm="syz.7.6857" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  264.911373][T15793] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  264.920232][T15793] ext4 filesystem being mounted at /181/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  264.945699][T15802] loop7: detected capacity change from 0 to 512
[  264.957783][T15793] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.6853: corrupted xattr block 33
[  264.970169][T15793] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  264.984306][T15802] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #15: comm syz.7.6858: iget: bad extended attribute block 1
[  264.997458][T15802] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.6858: couldn't read orphan inode 15 (err -117)
[  265.009431][T15802] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  265.018407][T15793] EXT4-fs error (device loop8): ext4_xattr_block_get:546: inode #15: comm syz.8.6853: corrupted xattr block 33
[  265.030297][T15793] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  265.039197][T15793] EXT4-fs error (device loop8): ext4_xattr_block_list:719: inode #15: comm syz.8.6853: corrupted xattr block 33
[  265.060740][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  265.068430][T13414] EXT4-fs (loop8): unmounting filesystem.
[  265.101467][T15813] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6864'.
[  265.122609][T15813] bridge: RTM_NEWNEIGH with invalid ether address
[  265.205768][T15838] loop7: detected capacity change from 0 to 512
[  265.222021][T15838] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #3: comm syz.7.6874: corrupted inode contents
[  265.234218][T15838] EXT4-fs error (device loop7): ext4_dirty_inode:6091: inode #3: comm syz.7.6874: mark_inode_dirty error
[  265.246236][T15838] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #3: comm syz.7.6874: corrupted inode contents
[  265.258067][T15838] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #3: comm syz.7.6874: mark_inode_dirty error
[  265.269808][T15838] EXT4-fs error (device loop7): ext4_acquire_dquot:6782: comm syz.7.6874: Failed to acquire dquot type 0
[  265.282349][T15838] EXT4-fs (loop7): 1 orphan inode deleted
[  265.288257][T15838] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  265.297519][T12805] EXT4-fs error (device loop7): ext4_release_dquot:6805: comm kworker/u4:6: Failed to release dquot type 1
[  265.312080][T15838] ext4 filesystem being mounted at /910/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.316364][   T39] kworker/1:1: attempt to access beyond end of device
[  265.316364][   T39] loop1: rw=2049, sector=34359738488, nr_sectors = 1 limit=256
[  265.338728][   T39] Buffer I/O error on dev loop1, logical block 34359738488, lost async page write
[  265.368098][T15846] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6877'.
[  265.368447][ T7018] EXT4-fs (loop7): unmounting filesystem.
[  265.385701][T15846] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6877'.
[  265.522087][T15873] binder: 15872:15873 ioctl c018620c 200000000380 returned -22
[  265.815003][T15899] loop8: detected capacity change from 0 to 1024
[  265.872644][T15899] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  265.882853][T15899] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.933662][T15917] netlink: 92 bytes leftover after parsing attributes in process `syz.0.6907'.
[  265.940266][T13414] EXT4-fs (loop8): unmounting filesystem.
[  266.099487][T15852] loop7: detected capacity change from 0 to 131072
[  266.106584][T15852] F2FS-fs (loop7): Test dummy encryption mode enabled
[  266.114267][T15852] F2FS-fs (loop7): invalid crc value
[  266.120968][T15852] F2FS-fs (loop7): Found nat_bits in checkpoint
[  266.166516][T15852] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  266.220845][ T7018] F2FS-fs (loop7): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  266.288943][   T24] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  266.314017][  T327] tipc: Disabling bearer <udp:s>
[  266.331790][  T327] tipc: Disabling bearer <eth:ip6gre0>
[  266.337331][  T327] tipc: Left network mode
[  266.492088][   T24] usb 9-1: Using ep0 maxpacket: 8
[  266.498389][   T24] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  266.518100][   T24] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  266.527821][   T24] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  266.545545][   T24] usb 9-1: config 250 has no interface number 0
[  266.551744][   T24] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  266.588273][   T24] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  266.598751][   T24] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  266.631011][   T24] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  266.641152][   T24] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  266.655103][   T24] usb 9-1: config 250 interface 228 has no altsetting 0
[  266.673390][   T24] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  266.682378][   T24] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  266.702083][   T24] usb 9-1: Product: syz
[  266.707383][   T24] usb 9-1: SerialNumber: syz
[  266.714803][   T24] hub 9-1:250.228: bad descriptor, ignoring hub
[  266.721387][   T24] hub: probe of 9-1:250.228 failed with error -5
[  266.803559][  T327] device bridge_slave_0 left promiscuous mode
[  266.816005][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.831122][  T327] device veth1_macvtap left promiscuous mode
[  266.837065][  T327] device veth0_vlan left promiscuous mode
[  266.930017][   T24] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 16 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  266.999201][T15947] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.006199][T15947] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.013433][T15947] device bridge_slave_0 entered promiscuous mode
[  267.020563][T15947] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.027739][T15947] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.035023][T15947] device bridge_slave_1 entered promiscuous mode
[  267.088802][T15947] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.095686][T15947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.102815][T15947] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.109667][T15947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.133133][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.140659][T12805] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.148937][T12805] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.160564][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  267.169320][T12805] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.176300][T12805] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.185280][T15962] syz.1.6923[15962] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.185363][T15962] syz.1.6923[15962] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.198244][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  267.217731][T12805] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.224658][T12805] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.240637][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.248931][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.272793][   T19] usb 9-1: USB disconnect, device number 16
[  267.279198][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  267.288468][   T19] usblp0: removed
[  267.297227][T15947] device veth0_vlan entered promiscuous mode
[  267.309283][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  267.317855][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  267.325341][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  267.331348][T15968] loop1: detected capacity change from 0 to 256
[  267.342255][T15968] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  267.346753][T15947] device veth1_macvtap entered promiscuous mode
[  267.365900][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  267.386300][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  267.395151][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  267.398491][   T19] hid-generic 0000:0000:0000.006D: unknown main item tag 0x0
[  267.404396][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  267.411682][   T19] hid-generic 0000:0000:0000.006D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  267.419483][  T466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  267.514735][T15986] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check.
[  267.553436][T15990] loop7: detected capacity change from 0 to 512
[  267.560291][T15990] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  267.569256][T15990] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  267.578340][T15990] EXT4-fs (loop7): warning: maximal mount count reached, running e2fsck is recommended
[  267.589031][T15990] EXT4-fs error (device loop7): ext4_orphan_get:1400: comm syz.7.6935: inode #15: comm syz.7.6935: iget: illegal inode #
[  267.602048][T15990] EXT4-fs (loop7): Remounting filesystem read-only
[  267.608431][T15990] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.6935: couldn't read orphan inode 15 (err -117)
[  267.620631][T15990] EXT4-fs (loop7): Remounting filesystem read-only
[  267.627084][T15990] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  267.644003][T15947] EXT4-fs (loop7): unmounting filesystem.
[  267.827109][T16023] netlink: 260 bytes leftover after parsing attributes in process `syz.8.6950'.
[  267.994029][T16052] loop7: detected capacity change from 0 to 16
[  268.003100][T16052] erofs: (device loop7): mounted with root inode @ nid 36.
[  268.008337][T16054] loop8: detected capacity change from 0 to 1024
[  268.020528][T16054] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.027434][T16054] EXT4-fs: Ignoring removed orlov option
[  268.035178][T16054] EXT4-fs: Ignoring removed nomblk_io_submit option
[  268.071397][T16054] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  268.097801][T16054] EXT4-fs (loop8): changing journal_checksum during remount not supported; ignoring
[  268.118029][T16054] EXT4-fs (loop8): re-mounted. Quota mode: none.
[  268.142019][T16054] EXT4-fs (loop8): re-mounted. Quota mode: none.
[  268.158661][T13414] EXT4-fs (loop8): unmounting filesystem.
[  268.214238][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  268.367050][T16091] loop8: detected capacity change from 0 to 512
[  268.396743][T16091] EXT4-fs error (device loop8): ext4_get_branch:178: inode #13: block 2: comm syz.8.6981: invalid block
[  268.424963][T16091] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.6981: invalid indirect mapped block 10 (level 1)
[  268.448439][   T24] usb 3-1: Using ep0 maxpacket: 8
[  268.460233][   T24] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  268.479151][   T24] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  268.487489][   T24] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  268.496356][   T24] usb 3-1: config 250 has no interface number 0
[  268.500218][T16091] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.6981: invalid indirect mapped block 8 (level 1)
[  268.504141][   T24] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  268.527483][   T24] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  268.538158][   T24] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  268.548228][   T24] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  268.558862][   T24] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  268.572658][   T24] usb 3-1: config 250 interface 228 has no altsetting 0
[  268.581171][T16091] EXT4-fs (loop8): 1 truncate cleaned up
[  268.590689][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  268.601034][T16098] tipc: Started in network mode
[  268.605738][T16098] tipc: Node identity 2d20000000000000002e, cluster identity 4711
[  268.608603][T16091] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  268.619461][   T24] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  268.643834][   T24] usb 3-1: Product: syz
[  268.647928][   T24] usb 3-1: SerialNumber: syz
[  268.667341][T13414] EXT4-fs (loop8): unmounting filesystem.
[  268.669155][   T24] hub 3-1:250.228: bad descriptor, ignoring hub
[  268.689819][   T24] hub: probe of 3-1:250.228 failed with error -5
[  268.704174][T16103] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6986'.
[  268.886184][   T24] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 23 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  268.932616][T16121] loop8: detected capacity change from 0 to 512
[  268.950328][T16121] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  268.983820][T16121] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #16: comm syz.8.6995: invalid indirect mapped block 4294967295 (level 0)
[  269.001562][T16121] EXT4-fs (loop8): Remounting filesystem read-only
[  269.008184][T16121] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #16: comm syz.8.6995: invalid indirect mapped block 4294967295 (level 1)
[  269.022450][T16121] EXT4-fs (loop8): Remounting filesystem read-only
[  269.029323][T16121] EXT4-fs (loop8): 1 orphan inode deleted
[  269.035205][T16121] EXT4-fs (loop8): 1 truncate cleaned up
[  269.041311][T16121] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  269.062749][T13414] EXT4-fs (loop8): unmounting filesystem.
[  269.090037][T16124] loop8: detected capacity change from 0 to 256
[  269.109657][T16124] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  269.155982][T16124] exFAT-fs (loop8): hint_cluster is invalid (1)
[  269.165167][T16124] exFAT-fs (loop8): error, invalid access to exfat cache (entry 0x00000000)
[  269.184591][T16124] exFAT-fs (loop8): Filesystem has been set read-only
[  269.206110][T16124] exFAT-fs (loop8): error, failed to bmap (inode : ffff8881176dddb0 iblock : 9, err : -5)
[  269.218174][   T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  269.227647][T16124] syz.8.6996: attempt to access beyond end of device
[  269.227647][T16124] loop8: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  269.250994][  T440] usb 3-1: USB disconnect, device number 23
[  269.258181][  T440] usblp0: removed
[  269.274821][  T224] kworker/1:2: attempt to access beyond end of device
[  269.274821][  T224] loop8: rw=2049, sector=34359738488, nr_sectors = 1 limit=256
[  269.299069][  T224] Buffer I/O error on dev loop8, logical block 34359738488, lost async page write
[  269.421302][   T39] usb 2-1: Using ep0 maxpacket: 16
[  269.428080][   T39] usb 2-1: unable to get BOS descriptor or descriptor too short
[  269.447397][   T39] usb 2-1: unable to read config index 0 descriptor/start: -71
[  269.459530][   T39] usb 2-1: can't read configurations, error -71
[  269.784768][  T319] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  269.807546][T16150] loop8: detected capacity change from 0 to 131072
[  269.814567][T16150] F2FS-fs (loop8): Test dummy encryption mode enabled
[  269.822110][T16150] F2FS-fs (loop8): invalid crc value
[  269.828826][T16150] F2FS-fs (loop8): Found nat_bits in checkpoint
[  269.863474][T16150] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  269.885354][   T28] kauditd_printk_skb: 118 callbacks suppressed
[  269.885372][   T28] audit: type=1400 audit(2000000001.973:1170): avc:  denied  { create } for  pid=16149 comm="syz.8.7008" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  269.911951][   T28] audit: type=1400 audit(2000000001.973:1171): avc:  denied  { mounton } for  pid=16149 comm="syz.8.7008" path="/226/bus/file0" dev="loop8" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  269.914107][T13414] F2FS-fs (loop8): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  269.935259][   T28] audit: type=1400 audit(2000000001.973:1172): avc:  denied  { write } for  pid=16149 comm="syz.8.7008" name="file0" dev="loop8" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  269.965382][   T28] audit: type=1400 audit(2000000001.973:1173): avc:  denied  { add_name } for  pid=16149 comm="syz.8.7008" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  269.978351][  T319] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.985742][   T28] audit: type=1400 audit(2000000001.983:1174): avc:  denied  { setattr } for  pid=16149 comm="syz.8.7008" name="work" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  270.009051][  T319] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.021063][   T28] audit: type=1400 audit(2000000001.983:1175): avc:  denied  { write } for  pid=16149 comm="syz.8.7008" path=2F202864656C6574656429 dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  270.029948][  T319] usb 8-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  270.051609][   T28] audit: type=1400 audit(2000000001.983:1176): avc:  denied  { remove_name } for  pid=16149 comm="syz.8.7008" name="#17" dev="loop8" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  270.060310][  T319] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.082561][   T28] audit: type=1400 audit(2000000001.983:1177): avc:  denied  { rename } for  pid=16149 comm="syz.8.7008" name="#17" dev="loop8" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  270.093234][  T319] usb 8-1: config 0 descriptor??
[  270.112387][   T28] audit: type=1400 audit(2000000001.983:1178): avc:  denied  { unlink } for  pid=16149 comm="syz.8.7008" name="#17" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  270.138879][   T28] audit: type=1400 audit(2000000001.983:1179): avc:  denied  { unlink } for  pid=16149 comm="syz.8.7008" name="#18" dev="loop8" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  270.549429][  T319] playstation 0003:054C:0DF2.006E: unknown main item tag 0x0
[  270.557023][  T319] playstation 0003:054C:0DF2.006E: unknown main item tag 0x0
[  270.564618][  T319] playstation 0003:054C:0DF2.006E: unknown main item tag 0x0
[  270.571907][  T319] playstation 0003:054C:0DF2.006E: unknown main item tag 0x0
[  270.579263][  T319] playstation 0003:054C:0DF2.006E: unknown main item tag 0x0
[  270.587272][  T319] playstation 0003:054C:0DF2.006E: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.7-1/input0
[  270.694121][T12805] device bridge_slave_0 left promiscuous mode
[  270.700224][T12805] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.708177][T12805] device veth1_macvtap left promiscuous mode
[  270.714228][T12805] device veth0_vlan left promiscuous mode
[  270.764815][  T319] playstation 0003:054C:0DF2.006E: Invalid reportID received, expected 9 got 32
[  270.773764][  T319] playstation 0003:054C:0DF2.006E: Failed to retrieve DualSense pairing info: -22
[  270.784887][  T319] playstation 0003:054C:0DF2.006E: Failed to get MAC address from DualSense
[  270.793962][  T319] playstation 0003:054C:0DF2.006E: Failed to create dualsense.
[  270.804402][  T319] playstation: probe of 0003:054C:0DF2.006E failed with error -22
[  271.008519][  T319] usb 8-1: USB disconnect, device number 21
[  271.584084][T16165] loop7: detected capacity change from 0 to 256
[  271.596603][T16165] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  271.634274][T16165] exFAT-fs (loop7): hint_cluster is invalid (1)
[  271.640959][T16165] exFAT-fs (loop7): error, invalid access to exfat cache (entry 0x00000000)
[  271.655627][T16165] exFAT-fs (loop7): Filesystem has been set read-only
[  271.666757][T16165] exFAT-fs (loop7): error, failed to bmap (inode : ffff8881176dc0d0 iblock : 9, err : -5)
[  271.678151][T16165] syz.7.7010: attempt to access beyond end of device
[  271.678151][T16165] loop7: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  271.693428][  T224] kworker/1:2: attempt to access beyond end of device
[  271.693428][  T224] loop7: rw=2049, sector=34359738488, nr_sectors = 1 limit=256
[  271.708260][  T224] Buffer I/O error on dev loop7, logical block 34359738488, lost async page write
[  271.820402][T16170] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.829157][T16170] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.843664][T16170] device bridge_slave_0 entered promiscuous mode
[  271.844237][T16182] syz.2.7016[16182] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  271.849955][T16182] syz.2.7016[16182] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  271.857904][T16170] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.882965][T16170] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.890495][T16170] device bridge_slave_1 entered promiscuous mode
[  271.897393][T16184] loop1: detected capacity change from 0 to 512
[  271.904641][T16184] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  271.933726][T16184] EXT4-fs (loop1): 1 orphan inode deleted
[  271.939650][T16184] EXT4-fs (loop1): 1 truncate cleaned up
[  271.945274][T16184] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  271.956729][T16184] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.7017: iget: bad extra_isize 46 (inode size 256)
[  271.969817][T16184] EXT4-fs (loop1): Remounting filesystem read-only
[  271.988342][T14002] EXT4-fs (loop1): unmounting filesystem.
[  272.034739][T16170] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.041630][T16170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.048733][T16170] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.055536][T16170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.109174][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  272.127465][T12805] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.134882][T12805] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.152389][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  272.160596][T12805] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.167562][T12805] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.175556][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  272.184155][T12805] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.191052][T12805] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.204477][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  272.212712][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  272.232218][T16170] device veth0_vlan entered promiscuous mode
[  272.238913][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.247774][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  272.256146][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  272.263728][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  272.276746][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.286836][T16170] device veth1_macvtap entered promiscuous mode
[  272.298489][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.324449][T12805] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.352498][T16215] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  272.365332][T16215] FAT-fs (loop5): unable to read boot sector
[  272.459967][T16230] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7038'.
[  272.475211][  T224] kworker/1:2: attempt to access beyond end of device
[  272.475211][  T224] loop7: rw=2049, sector=34359738488, nr_sectors = 1 limit=256
[  272.508299][  T224] Buffer I/O error on dev loop7, logical block 34359738488, lost async page write
[  272.527513][T12805] Bluetooth: hci0: Frame reassembly failed (-84)
[  272.534896][T12805] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0
[  272.579917][T16245] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  272.589241][T16245] FAT-fs (loop3): unable to read boot sector
[  272.692036][T16261] loop1: detected capacity change from 0 to 128
[  273.068045][T16276] syz.8.7058[16276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  273.068141][T16276] syz.8.7058[16276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  275.334000][ T5194] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  275.338928][T14258] Bluetooth: hci0: command 0x1003 tx timeout
[  275.455439][   T28] kauditd_printk_skb: 42 callbacks suppressed
[  275.455461][   T28] audit: type=1326 audit(2000000007.183:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16299 comm="syz.1.7067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457b98d169 code=0x7ffc0000
[  275.488457][   T28] audit: type=1326 audit(2000000007.183:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16299 comm="syz.1.7067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457b98d169 code=0x7ffc0000
[  275.512573][   T28] audit: type=1400 audit(2000000007.230:1224): avc:  denied  { read write } for  pid=16308 comm="syz.8.7071" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  275.543525][   T28] audit: type=1400 audit(2000000007.230:1225): avc:  denied  { open } for  pid=16308 comm="syz.8.7071" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  275.567101][   T28] audit: type=1400 audit(2000000007.230:1226): avc:  denied  { ioctl } for  pid=16309 comm="syz.7.7070" path="socket:[75333]" dev="sockfs" ino=75333 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  275.643899][   T28] audit: type=1400 audit(2000000007.361:1227): avc:  denied  { read } for  pid=16324 comm="syz.1.7079" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  275.666795][   T28] audit: type=1400 audit(2000000007.361:1228): avc:  denied  { open } for  pid=16324 comm="syz.1.7079" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  275.690211][   T28] audit: type=1400 audit(2000000007.361:1229): avc:  denied  { ioctl } for  pid=16324 comm="syz.1.7079" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  275.868702][   T28] audit: type=1400 audit(2000000007.576:1230): avc:  denied  { create } for  pid=16340 comm="syz.1.7087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  275.888896][   T28] audit: type=1400 audit(2000000007.576:1231): avc:  denied  { connect } for  pid=16340 comm="syz.1.7087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  275.984531][T16355] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7094'.
[  276.018044][T16357] SELinux: failed to load policy
[  276.341005][T16406] incfs: Options parsing error. -22
[  276.346192][T16406] incfs: mount failed -22
[  276.373400][T16409] loop7: detected capacity change from 0 to 512
[  276.400486][T16409] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  276.428303][T16409] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.465398][T15947] EXT4-fs (loop7): unmounting filesystem.
[  276.738225][T16464] incfs: Options parsing error. -22
[  276.743386][T16464] incfs: mount failed -22
[  276.767064][T16468] loop7: detected capacity change from 0 to 1024
[  276.774053][T16468] EXT4-fs: Ignoring removed bh option
[  276.779809][T16468] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  276.827562][T16468] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  276.843321][T16477] SELinux: failed to load policy
[  276.862718][T15947] EXT4-fs (loop7): unmounting filesystem.
[  277.043575][T16516] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7167'.
[  277.087209][T16518] SELinux: failed to load policy
[  277.508060][T16527] loop1: detected capacity change from 0 to 1024
[  277.514692][T16527] EXT4-fs: Ignoring removed bh option
[  277.520327][T16527] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  277.538671][T16527] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  277.558434][T14002] EXT4-fs (loop1): unmounting filesystem.
[  277.717946][T16551] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7179'.
[  277.830515][T16562] loop1: detected capacity change from 0 to 512
[  277.847429][T16562] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  277.862562][T16562] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.907944][T14002] EXT4-fs (loop1): unmounting filesystem.
[  278.188842][T16597] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7199'.
[  278.870827][T16638] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7217'.
[  278.879794][T16638] device batadv_slave_1 entered promiscuous mode
[  278.886269][T16638] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7217'.
[  280.827548][T16653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7225'.
[  280.874168][T16659] tap0: tun_chr_ioctl cmd 1074025677
[  280.884694][T16659] tap0: linktype set to 821
[  280.986181][T16648] loop1: detected capacity change from 0 to 40427
[  280.993281][T16648] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  281.001180][T16648] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  281.010721][T16648] F2FS-fs (loop1): invalid crc value
[  281.021741][T16648] F2FS-fs (loop1): Found nat_bits in checkpoint
[  281.069931][T16648] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  281.076947][T16648] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  281.126222][   T28] kauditd_printk_skb: 38 callbacks suppressed
[  281.126240][   T28] audit: type=1400 audit(2000000012.487:1270): avc:  denied  { create } for  pid=16679 comm="syz.8.7237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  281.153400][   T28] audit: type=1400 audit(2000000012.487:1271): avc:  denied  { write } for  pid=16679 comm="syz.8.7237" path="socket:[77870]" dev="sockfs" ino=77870 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  281.180165][   T28] audit: type=1400 audit(2000000012.487:1272): avc:  denied  { nlmsg_read } for  pid=16679 comm="syz.8.7237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  281.202428][   T28] audit: type=1400 audit(2000000012.553:1273): avc:  denied  { compute_member } for  pid=16686 comm="syz.2.7240" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  281.279107][   T28] audit: type=1400 audit(2000000012.637:1274): avc:  denied  { mount } for  pid=16695 comm="syz.2.7244" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  281.302413][   T28] audit: type=1400 audit(2000000012.655:1275): avc:  denied  { remount } for  pid=16695 comm="syz.2.7244" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  281.330622][   T28] audit: type=1400 audit(2000000012.674:1276): avc:  denied  { unmount } for  pid=14434 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  281.351495][T16699] netlink: 'syz.1.7245': attribute type 6 has an invalid length.
[  281.393570][   T28] audit: type=1400 audit(2000000012.730:1277): avc:  denied  { ioctl } for  pid=16707 comm="syz.1.7249" path="uts:[4026532543]" dev="nsfs" ino=4026532543 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  281.499111][   T28] audit: type=1400 audit(2000000012.833:1278): avc:  denied  { connect } for  pid=16724 comm="syz.1.7257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  281.567890][T16735] syz.7.7262[16735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.567974][T16735] syz.7.7262[16735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.593418][T16737] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7263'.
[  281.595915][   T28] audit: type=1400 audit(2000000012.927:1279): avc:  denied  { listen } for  pid=16738 comm="syz.7.7264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  281.634083][T16741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7265'.
[  281.660416][T16747] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  281.661631][T16746] Â: renamed from pim6reg1
[  281.859163][T16766] incfs: Options parsing error. -22
[  281.864475][T16766] incfs: mount failed -22
[  281.980774][T16780] loop8: detected capacity change from 0 to 512
[  281.987756][T16780] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  281.999442][T16780] EXT4-fs (loop8): 1 truncate cleaned up
[  282.005090][T16780] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  282.022154][T16170] EXT4-fs (loop8): unmounting filesystem.
[  282.602690][T16815] loop7: detected capacity change from 0 to 512
[  282.609444][T16815] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  282.621178][T16815] EXT4-fs (loop7): 1 truncate cleaned up
[  282.626957][T16815] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  282.646266][T15947] EXT4-fs (loop7): unmounting filesystem.
[  282.690015][T16822] loop7: detected capacity change from 0 to 128
[  282.697987][T16822] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  282.706573][T16822] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.728264][T15947] EXT4-fs (loop7): unmounting filesystem.
[  282.906152][T16833] device veth0_virt_wifi entered promiscuous mode
[  283.341221][ T3137] hid-generic 0000:0003:0000.006F: unknown main item tag 0x0
[  283.349543][ T3137] hid-generic 0000:0003:0000.006F: unknown main item tag 0x0
[  283.357620][ T3137] hid-generic 0000:0003:0000.006F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  283.446921][T16850] loop1: detected capacity change from 0 to 512
[  283.469375][T16850] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  283.502239][T16850] EXT4-fs (loop1): 1 truncate cleaned up
[  283.507735][T16850] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  283.534212][T14002] EXT4-fs (loop1): unmounting filesystem.
[  283.555402][T16854] syzkaller0: tun_chr_ioctl cmd 1074025680
[  283.621440][T16856] Â: renamed from pim6reg1
[  283.725327][ T3137] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  283.767053][T16874] netlink: 36 bytes leftover after parsing attributes in process `syz.7.7324'.
[  283.816455][T16878] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  283.856993][T16862] loop1: detected capacity change from 0 to 40427
[  283.863755][T16862] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  283.872092][T16862] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  283.882551][T16862] F2FS-fs (loop1): Found nat_bits in checkpoint
[  283.938140][ T3137] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  283.949844][ T3137] usb 9-1: config 0 has no interface number 0
[  283.956047][T16862] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  283.963002][ T3137] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.976648][T16862] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  283.984160][ T3137] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.985198][T16891] Â: renamed from pim6reg1
[  284.003275][ T3137] usb 9-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  284.022957][ T3137] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.036089][ T3137] usb 9-1: config 0 descriptor??
[  284.060998][T14002] syz-executor: attempt to access beyond end of device
[  284.060998][T14002] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  284.299867][  T224] kernel write not supported for file /load (pid: 224 comm: kworker/1:2)
[  284.480882][ T3137] prodikeys 0003:041E:2801.0070: item fetching failed at offset 5/7
[  284.488876][ T3137] prodikeys 0003:041E:2801.0070: hid parse failed
[  284.495199][ T3137] prodikeys: probe of 0003:041E:2801.0070 failed with error -22
[  284.697154][ T3137] usb 9-1: USB disconnect, device number 17
[  285.166519][T16933] input: syz0 as /devices/virtual/input/input81
[  285.222575][T16943] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7356'.
[  285.418291][T16992] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7380'.
[  285.440446][T16994] device wireguard0 entered promiscuous mode
[  285.852761][ T3137] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  286.046363][ T3137] usb 9-1: config 220 has an invalid interface number: 76 but max is 2
[  286.054504][ T3137] usb 9-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  286.064660][ T3137] usb 9-1: config 220 has no interface number 2
[  286.071027][ T3137] usb 9-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  286.084121][ T3137] usb 9-1: config 220 interface 0 has no altsetting 0
[  286.090757][ T3137] usb 9-1: config 220 interface 76 has no altsetting 0
[  286.097386][ T3137] usb 9-1: config 220 interface 1 has no altsetting 0
[  286.105433][ T3137] usb 9-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  286.114438][ T3137] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.122336][ T3137] usb 9-1: Product: syz
[  286.126274][ T3137] usb 9-1: Manufacturer: syz
[  286.130944][ T3137] usb 9-1: SerialNumber: syz
[  286.353918][ T3137] usb 9-1: selecting invalid altsetting 0
[  286.360180][ T3137] usb 9-1: Found UVC 7.01 device syz (8086:0b07)
[  286.366881][ T3137] usb 9-1: No valid video chain found.
[  286.388165][ T3137] usb 9-1: USB disconnect, device number 18
[  286.542058][T17017] loop1: detected capacity change from 0 to 40427
[  286.548877][T17017] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  286.556409][T17017] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  286.566706][T17017] F2FS-fs (loop1): Found nat_bits in checkpoint
[  286.599984][T17017] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  286.607053][T17017] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  286.898502][T17027] loop1: detected capacity change from 0 to 512
[  286.898583][   T28] kauditd_printk_skb: 20 callbacks suppressed
[  286.898598][   T28] audit: type=1326 audit(2000000017.884:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17028 comm="syz.8.7394" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bf018d169 code=0x0
[  286.905209][T17027] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  286.945834][T17027] EXT4-fs (loop1): 1 truncate cleaned up
[  286.951347][T17027] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  286.970846][T14002] EXT4-fs (loop1): unmounting filesystem.
[  287.566613][   T28] audit: type=1400 audit(2000000018.511:1301): avc:  denied  { name_bind } for  pid=17068 comm="syz.1.7412" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  287.595354][   T28] audit: type=1400 audit(2000000018.539:1302): avc:  denied  { node_bind } for  pid=17068 comm="syz.1.7412" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  287.647610][T17079] loop1: detected capacity change from 0 to 256
[  287.703523][T17091] netlink: 'syz.1.7422': attribute type 15 has an invalid length.
[  287.774463][   T28] audit: type=1400 audit(2000000018.708:1303): avc:  denied  { bind } for  pid=17098 comm="syz.2.7426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  287.852737][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  287.859362][T17108] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  287.888618][T17112] af_packet: tpacket_rcv: packet too big, clamped from 94 to 4294967286. macoff=82
[  288.703199][T17137] devpts: called with bogus options
[  288.722562][   T28] audit: type=1400 audit(2000000019.596:1304): avc:  denied  { listen } for  pid=17140 comm="syz.0.7446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  288.750500][   T28] audit: type=1400 audit(2000000019.596:1305): avc:  denied  { accept } for  pid=17140 comm="syz.0.7446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  288.786821][T17149] loop1: detected capacity change from 0 to 512
[  288.796008][T17149] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2759: inode #12: comm syz.1.7450: corrupted xattr block 142
[  288.814973][T17149] EXT4-fs (loop1): Remounting filesystem read-only
[  288.822620][T17149] EXT4-fs (loop1): 1 truncate cleaned up
[  288.830236][T17149] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  288.886161][T14002] EXT4-fs (loop1): unmounting filesystem.
[  288.955051][T17173] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7460'.
[  288.963947][T17173] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7460'.
[  288.972629][T17173] netlink: 2 bytes leftover after parsing attributes in process `syz.8.7460'.
[  289.048560][T17179] loop8: detected capacity change from 0 to 4096
[  289.057748][T17179] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  289.076040][   T28] audit: type=1400 audit(2000000019.924:1306): avc:  denied  { read } for  pid=17178 comm="syz.8.7463" name="file3" dev="loop8" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  289.100930][T16170] EXT4-fs (loop8): unmounting filesystem.
[  289.107714][   T28] audit: type=1400 audit(2000000019.924:1307): avc:  denied  { open } for  pid=17178 comm="syz.8.7463" path="/64/file1/file3" dev="loop8" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  289.143765][   T28] audit: type=1400 audit(2000000019.924:1308): avc:  denied  { ioctl } for  pid=17178 comm="syz.8.7463" path="/64/file1/file3" dev="loop8" ino=16 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  289.223085][T17189] loop8: detected capacity change from 0 to 512
[  289.254237][T17189] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  289.267059][T17189] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  289.290917][T16170] EXT4-fs (loop8): unmounting filesystem.
[  290.022070][T14258] Bluetooth: hci0: command 0x1003 tx timeout
[  290.022075][ T5194] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  290.234491][T17210] loop8: detected capacity change from 0 to 512
[  290.255604][T17210] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  290.290795][T17210] EXT4-fs (loop8): 1 truncate cleaned up
[  290.305304][T17210] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  290.351791][T16170] EXT4-fs (loop8): unmounting filesystem.
[  290.413851][   T28] audit: type=1400 audit(2000000021.177:1309): avc:  denied  { create } for  pid=17227 comm="syz.8.7482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  290.492117][  T319] kernel write not supported for file /zero (pid: 319 comm: kworker/0:2)
[  290.503147][ T3137] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  290.706284][ T3137] usb 3-1: Using ep0 maxpacket: 32
[  290.713864][ T3137] usb 3-1: config 1 has an invalid interface number: 112 but max is 0
[  290.722241][ T3137] usb 3-1: config 1 has an invalid interface number: 216 but max is 0
[  290.737629][ T3137] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[  290.746854][ T3137] usb 3-1: config 1 has no interface number 0
[  290.753052][ T3137] usb 3-1: config 1 has no interface number 1
[  290.759064][ T3137] usb 3-1: config 1 interface 112 altsetting 4 has an invalid endpoint with address 0x0, skipping
[  290.781127][ T3137] usb 3-1: config 1 interface 112 altsetting 4 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  290.797614][ T3137] usb 3-1: config 1 interface 112 altsetting 4 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  290.823866][ T3137] usb 3-1: too many endpoints for config 1 interface 216 altsetting 57: 229, using maximum allowed: 30
[  290.840245][ T3137] usb 3-1: config 1 interface 216 altsetting 57 endpoint 0x8 has an invalid bInterval 70, changing to 10
[  290.852022][ T3137] usb 3-1: config 1 interface 216 altsetting 57 has a duplicate endpoint with address 0xF, skipping
[  290.865781][ T3137] usb 3-1: config 1 interface 216 altsetting 57 has an invalid endpoint with address 0x80, skipping
[  290.888013][ T3137] usb 3-1: config 1 interface 216 altsetting 57 has 4 endpoint descriptors, different from the interface descriptor's value: 229
[  290.913477][ T3137] usb 3-1: config 1 interface 112 has no altsetting 0
[  290.925541][ T3137] usb 3-1: config 1 interface 216 has no altsetting 0
[  290.942640][ T3137] usb 3-1: New USB device found, idVendor=2639, idProduct=0013, bcdDevice=c8.8f
[  290.951552][ T3137] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.963920][ T3137] usb 3-1: Product: syz
[  290.968551][ T3137] usb 3-1: Manufacturer: syz
[  290.982549][ T3137] usb 3-1: SerialNumber: syz
[  291.213990][ T3137] usb 3-1: USB disconnect, device number 24
[  291.442941][T17284] loop8: detected capacity change from 0 to 512
[  291.453065][T17284] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  291.464764][T17284] EXT4-fs (loop8): orphan cleanup on readonly fs
[  291.472172][T17284] EXT4-fs error (device loop8): ext4_acquire_dquot:6782: comm syz.8.7509: Failed to acquire dquot type 1
[  291.484649][T17284] EXT4-fs (loop8): 1 truncate cleaned up
[  291.490419][T17284] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  291.502232][T17284] SELinux: ebitmap: map size 3858152994 does not match my size 64 (high bit was -819564664)
[  291.512677][T17284] SELinux: failed to load policy
[  291.526154][T16170] EXT4-fs (loop8): unmounting filesystem.
[  291.725068][T17309] netlink: 'syz.8.7521': attribute type 12 has an invalid length.
[  291.901596][T17308] loop1: detected capacity change from 0 to 40427
[  291.910091][T17308] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  291.917757][T17308] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  291.926118][T17308] F2FS-fs (loop1): fault_injection options not supported
[  291.933857][T17308] F2FS-fs (loop1): invalid crc value
[  291.940365][T17308] F2FS-fs (loop1): Found nat_bits in checkpoint
[  291.985493][T17343] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7536'.
[  291.985523][T17342] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[  292.004272][T17308] F2FS-fs (loop1): Start checkpoint disabled!
[  292.020729][T17308] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  292.034592][T17308] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  292.085941][T17308] syz.1.7520: attempt to access beyond end of device
[  292.085941][T17308] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  292.132496][  T327] kworker/u4:4: attempt to access beyond end of device
[  292.132496][  T327] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  292.190210][T17375] incfs: Options parsing error. -22
[  292.200255][T17375] incfs: mount failed -22
[  292.360516][T17390] loop1: detected capacity change from 0 to 4096
[  292.400063][T17390] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  292.427915][T17390] SELinux:  policydb table sizes (-1778848005,-25616801) do not match mine (6,7)
[  292.447695][T17390] SELinux: failed to load policy
[  292.460662][T14002] EXT4-fs (loop1): unmounting filesystem.
[  292.463560][T17386] loop8: detected capacity change from 0 to 40427
[  292.474002][T17386] F2FS-fs (loop8): invalid crc value
[  292.480634][T17386] F2FS-fs (loop8): Found nat_bits in checkpoint
[  292.551892][T17386] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  292.604492][T16170] syz-executor: attempt to access beyond end of device
[  292.604492][T16170] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  292.693611][T17421] netlink: 'syz.2.7571': attribute type 2 has an invalid length.
[  292.773126][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  292.773139][   T28] audit: type=1400 audit(2000000023.385:1331): avc:  denied  { setattr } for  pid=16170 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  293.528603][   T28] audit: type=1326 audit(2000000024.086:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17414 comm="syz.1.7568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f457b98d169 code=0x7fc00000
[  293.626011][T17441] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  293.635918][   T28] audit: type=1400 audit(2000000024.198:1333): avc:  denied  { relabelto } for  pid=17440 comm="syz.1.7580" name="" dev="pipefs" ino=80441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  293.869047][T17465] netlink: 100 bytes leftover after parsing attributes in process `syz.0.7591'.
[  293.918688][   T28] audit: type=1326 audit(2000000024.451:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17470 comm="syz.2.7594" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7c43f8d169 code=0x0
[  293.990297][   T28] audit: type=1400 audit(2000000024.526:1335): avc:  denied  { map } for  pid=17474 comm="syz.0.7596" path="socket:[80531]" dev="sockfs" ino=80531 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  294.041340][   T28] audit: type=1400 audit(2000000024.526:1336): avc:  denied  { read } for  pid=17474 comm="syz.0.7596" path="socket:[80531]" dev="sockfs" ino=80531 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  294.305026][T17473] loop1: detected capacity change from 0 to 40427
[  294.320712][T17473] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[  294.341583][T17473] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  294.359681][T17473] F2FS-fs (loop1): invalid crc value
[  294.384772][T17473] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[  294.414156][   T28] audit: type=1400 audit(2000000024.919:1337): avc:  denied  { wake_alarm } for  pid=17498 comm="syz.0.7606" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  294.478896][T17473] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  294.489156][T17473] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  294.555940][T14002] syz-executor: attempt to access beyond end of device
[  294.555940][T14002] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  294.807140][   T28] audit: type=1400 audit(2000000025.283:1338): avc:  denied  { write } for  pid=17525 comm="syz.1.7618" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  295.090188][   T28] audit: type=1400 audit(2000000025.555:1339): avc:  denied  { block_suspend } for  pid=17546 comm="syz.1.7628" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  295.348100][T17564] loop7: detected capacity change from 0 to 512
[  295.384854][T17564] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  295.406916][T17564] EXT4-fs error (device loop7): ext4_map_blocks:634: inode #2: block 3: comm syz.7.7636: lblock 0 mapped to illegal pblock 3 (length 1)
[  295.431938][T17564] EXT4-fs warning (device loop7): dx_probe:823: inode #2: lblock 0: comm syz.7.7636: error -117 reading directory block
[  295.475438][T15947] EXT4-fs (loop7): unmounting filesystem.
[  295.591954][  T440] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  295.785515][  T440] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  295.807329][  T440] usb 2-1: New USB device found, idVendor=1c9e, idProduct=9001, bcdDevice=25.d8
[  295.837764][  T440] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.856509][  T440] usb 2-1: Product: syz
[  295.867283][  T440] usb 2-1: Manufacturer: syz
[  295.877985][  T440] usb 2-1: SerialNumber: syz
[  295.889476][  T440] usb 2-1: config 0 descriptor??
[  295.900391][  T440] usb 2-1: bad CDC descriptors
[  295.977361][T17573] loop7: detected capacity change from 0 to 40427
[  295.988580][T17573] F2FS-fs (loop7): invalid crc value
[  296.020365][T17573] F2FS-fs (loop7): Found nat_bits in checkpoint
[  296.105433][T17573] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  296.118425][  T224] usb 2-1: USB disconnect, device number 16
[  296.213578][T15947] syz-executor: attempt to access beyond end of device
[  296.213578][T15947] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  296.418598][   T28] audit: type=1400 audit(2000000026.799:1340): avc:  denied  { mounton } for  pid=17598 comm="syz.2.7650" path="/339/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  296.482930][T17603] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7651'.
[  296.502561][T17603] device bridge_slave_0 left promiscuous mode
[  296.508564][T17603] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.852239][T17636] input: syz0 as /devices/virtual/input/input83
[  296.949724][T11292] ------------[ cut here ]------------
[  296.955021][T11292] kernel BUG at fs/buffer.c:2714!
[  296.959906][T11292] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  296.965782][T11292] CPU: 0 PID: 11292 Comm: kmmpd-loop0 Not tainted 6.1.129-syzkaller-00049-g1c9aeb1ce34b #0
[  296.975586][T11292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.985484][T11292] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[  296.990692][T11292] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 da 10 9f ff 0f 0b e8 d3 10 9f ff <0f> 0b e8 cc 10 9f ff 0f 0b e8 c5 10 9f ff 0f 0b e8 be 10 9f ff 0f
[  297.010133][T11292] RSP: 0018:ffffc90004e6fc20 EFLAGS: 00010293
[  297.016053][T11292] RAX: ffffffff81d686bd RBX: 0000000000000000 RCX: ffff88811e4c6540
[  297.023848][T11292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.031666][T11292] RBP: ffffc90004e6fc70 R08: ffffffff81d68290 R09: ffffed1022eb4d7b
[  297.039995][T11292] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  297.047885][T11292] R13: 1ffff11022eb4d7a R14: ffff8881175a6bd0 R15: 0000000000003801
[  297.055783][T11292] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  297.064556][T11292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  297.070973][T11292] CR2: 000000110c2cfabe CR3: 000000011a971000 CR4: 00000000003526b0
[  297.078788][T11292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  297.086599][T11292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  297.094407][T11292] Call Trace:
[  297.097541][T11292]  <TASK>
[  297.100324][T11292]  ? __die_body+0x62/0xb0
[  297.104475][T11292]  ? die+0x88/0xb0
[  297.108035][T11292]  ? do_trap+0x103/0x330
[  297.112119][T11292]  ? submit_bh_wbc+0x4cd/0x4f0
[  297.116718][T11292]  ? handle_invalid_op+0x95/0xc0
[  297.121492][T11292]  ? submit_bh_wbc+0x4cd/0x4f0
[  297.126187][T11292]  ? exc_invalid_op+0x32/0x50
[  297.130770][T11292]  ? asm_exc_invalid_op+0x1b/0x20
[  297.135554][T11292]  ? submit_bh_wbc+0xa0/0x4f0
[  297.140148][T11292]  ? submit_bh_wbc+0x4cd/0x4f0
[  297.144840][T11292]  ? submit_bh_wbc+0x4cd/0x4f0
[  297.149439][T11292]  ? __kasan_check_read+0x11/0x20
[  297.154300][T11292]  submit_bh+0x1d/0x30
[  297.158202][T11292]  write_mmp_block_thawed+0x3a0/0x570
[  297.163410][T11292]  ? read_mmp_block+0x7d0/0x7d0
[  297.168111][T11292]  ? update_process_times+0x1b0/0x1b0
[  297.173307][T11292]  write_mmp_block+0x12b/0x2a0
[  297.177904][T11292]  kmmpd+0x40c/0xa10
[  297.181642][T11292]  ? write_mmp_block_thawed+0x570/0x570
[  297.187016][T11292]  ? __kthread_parkme+0x12d/0x180
[  297.191882][T11292]  kthread+0x26d/0x300
[  297.195784][T11292]  ? write_mmp_block_thawed+0x570/0x570
[  297.201163][T11292]  ? kthread_blkcg+0xd0/0xd0
[  297.205592][T11292]  ret_from_fork+0x1f/0x30
[  297.210195][T11292]  </TASK>
[  297.213051][T11292] Modules linked in:
[  297.496696][T11292] ---[ end trace 0000000000000000 ]---
[  297.507868][T11292] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[  297.517731][T11292] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 da 10 9f ff 0f 0b e8 d3 10 9f ff <0f> 0b e8 cc 10 9f ff 0f 0b e8 c5 10 9f ff 0f 0b e8 be 10 9f ff 0f
[  297.557877][T11292] RSP: 0018:ffffc90004e6fc20 EFLAGS: 00010293
[  297.571112][T11292] RAX: ffffffff81d686bd RBX: 0000000000000000 RCX: ffff88811e4c6540
[  297.578938][T11292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.612713][T11292] RBP: ffffc90004e6fc70 R08: ffffffff81d68290 R09: ffffed1022eb4d7b
[  297.620537][T11292] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  297.644483][T11292] R13: 1ffff11022eb4d7a R14: ffff8881175a6bd0 R15: 0000000000003801
[  297.652567][T11292] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  297.676523][T11292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  297.682965][T11292] CR2: 00007f457bb79178 CR3: 000000011a971000 CR4: 00000000003506b0
[  297.702087][T11292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  297.718048][T11292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  297.733976][T11292] Kernel panic - not syncing: Fatal exception
[  297.740153][T11292] Kernel Offset: disabled
[  297.744722][T11292] Rebooting in 86400 seconds..