last executing test programs:

728.371086ms ago: executing program 2 (id=77):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8509}}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x458, &(0x7f0000000d80)="$eJzs3c9vFFUcAPDvzG7Lb1sVf4CgVTQSf7S0/Dx4wWjiQRMTPWA81bYQZKFKayKEKHrAoyHxbjya+Bd40otRTyZe9W5IiOECmpismdmZsi67pUsXtrifTzLw3s7bvvedmbf75r3dNoCBNZb9k0RsjojfImKkkf1vgbHGf9eunJv568q5mSTq9Tf+TPJyV6+cmymLls/b1MjU60V+XZt6L7wdMV2rzZ0u8hOLJ9+bWDhz9vnjJ6ePzR2bOzV16NC+vTuHD0zt70mcWVxXt380v2PbK29dfG3myMV3fvoma+/mYn9zHL0y1ji6bT3V68r6bEtTOqn2sSF0pRIR2ekayvv/SFRiw9K+kXj50742Drit6vV6vd37c+F8HfgfS6LfLQD6o3yjz+5/y+0ODT3WhMuHI94/2Ij/WrE19lQjLcoMtdzf9tJYRBw5//eX2Ra3aR4CAKDZd4cj4rl24780Hmwqd0+xhjIaEfdGxH0RcX9EbI2IByLysg9FxMNd1t+6QnLj+Ce9dEuBrVA2/nuhWNtaGv/9U8/jL4xWityWPP6h5Ojx2tye4pjsjqF1WX5ymTq+f+nXzzvtax7/ZVtWfzkWbEgvVVsm6GanF6dXGfaSy59EbK+2xJ9LolzGSSJiW0Rs7+onX7/DOP7M1zs6lbp5/MvowTpT/auIpxvn/3y0xF9KOq5PTh48MLV/Yn3U5vZMlFfFjX7+5cLrnepfVfw9kJ3/ja3Xf24p/tFkfcTCmbMn8vXahe7ruPD7Zx3vaW71+h9O3szTw8VjH04vLp6ejBhOXr3x8anrzy3zZfks/t272sWf5q9x5ZF4JCKyi3hnRDwaEY8VbX88Ip6IiF3LxP/ji0++2338y8zK91AW/+zNzn80n//uE5UTP3zbffyl7Pzvy1O7i0dW8vq30gau5tgBAADA3SLNPwOfpONL6TQdH298hn9rbExr8wuLzx6d/+DUbOOz8qMxlJYzXSNN86GTxdxwmZ9qye8t5o2/qGzI8+Mz87XZfgcPA25Th/6f+aPS79YBt53va8Hg0v9hcOn/MLj0fxhc+j8Mrnb9/+M+tAO487z/w+DS/2Fw6f8wuPR/GEgdvxufruor/2s1kYW8MYo/PbAG2nMXJyLt/lnVWCONv5sS1RX/MotbTKxru6vfr0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98W8AAAD///we6rk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0xc0185879, 0x0)

696.060202ms ago: executing program 0 (id=78):
request_key(&(0x7f00000000c0)='.dead\x00', 0x0, 0x0, 0x0)

597.577269ms ago: executing program 0 (id=79):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000200)={0x1f, 0x3}, 0x6)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)

597.289833ms ago: executing program 0 (id=80):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

593.714596ms ago: executing program 2 (id=81):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x4, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @cgroup_sock_addr=0x32, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

521.100137ms ago: executing program 2 (id=84):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0xae}, @exit], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x80)

405.920795ms ago: executing program 2 (id=85):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv6_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0xee00}}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)

405.674359ms ago: executing program 2 (id=86):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000015000103000000000000e7ff0b00000008000100", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)

329.832279ms ago: executing program 2 (id=89):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4000, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65290b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e606a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2294], 0xff, 0x5e54, &(0x7f0000005d80)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkfOszwD+7dFrJxCXhBCCIbZzwJBNdtenxAQnDhCahh7SQGhpQx1jrx2DT/Wuc1LULE3aBhGpkdqL9KIUEEVIbZWoQiqVUhSpSO1duSrKDWolLnyRVCaCSlQkW30z7/vuzOzszPow9sz3/n6R/ffOfDPzzjffzO6z0TMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANNr08dk/GyqKovxT+2t9UVxe/nttsaf8cmHnpV4hAAAAcL7eqv3991ekE/as4kIN2/zbB/7ju4uLi4vFF948/fZfLC6mMzYWxciaoqidF/37L36+2LhN8EwxMTTc8PVwl5sf6XL+aJfzx7qcP97l/DVdzp/ocv6yHbDM2vrvY2pXdkPtn+vru7S4qhirnXdDm0s9M7RmeDj+LqdmqHaZxbGDxeHiSDFbTC+7zFDtv6J4ZVN5W/cW8baGG25rQ1EUZ3761P64hqGwj28omm6spvGxe+PuYuObP31q/7fnX39vu9l1NyxbaVFs2Vyu89miWPp1VTFUrEn7JK5zuGGdG9qsc6RpnUO1y5X/bl3nmVWuM97vibDOH3ZY54Zw2uPXF0WxUKy4TatniuFiXcutpv09UT8iyusoH8p3FaNndZxsWsVxUl7mJ9c3Hyetx2Tc/5vCPhldYQ2ND8cbXx5ftt/P9Tgp73U/HKvldd9f3ujEROOvVpuO1XKbp25c+Rho+9i1OQbSsdxwDGzudgwMj4/UjoHhpTVvbjoGZpZdZrgYqt3W6Rs7HwNT80dPTM098eQth4/uOzR7aPbYzPTO7dt2bN+2Y8fUwcNHZqfrf5/dLh0g64rhdAxuDq818Rj8YMu2jYfk4jcu3PNgok+eB+V9/8xN5YIuHy5WOMbLbZ7dcv7Pg/R9v+F5MNrwPGj7mtrmeTC6iudBuc2ZLav7njna8KfdGnr1Wri+4Ri4lN8Py9t86EMrvxZuCOt67sNn+/1wZNkxEO/WUHjulaekn/cmbg/7ZflxcW15xmXjxam52ZO3Pr5vfv7kTBHGRXFlw2PVerysa7hPxbLjZfisj5c9f/fLm65tc/r6sK8mbu78WJXbbJ/s/FjVXt3b78+mU7cWYVxgF3t/tvtuVu7PlCU67M9ym2dvOf+fBVMuaXj9G+v2+jcyNlp//RtJe2Os6fVv+UMzUltZUZy5ZXWvf2Phz8V+/buqT17/yn310K2dj4Fym+emzvYYGO34+nd9mENhPR8KiWGiIfe/XTt/oX6YNjyWXY+b0dGxcNyMxltsPm62LbtMeW3lbW+ZPrfjZsv1zY9V088tFTxuyn31l9Odj5tym1dnzv+1Y238Z8Nrx3i3Y2BsZLxc71g6COqvd4tr4zFwa7G/OF4cKQ6ky5SPcnlbk1tXdwyMhz8X+7Xjmj45Bsp99eLWzsdAuc0Ptl3Yn522hFPSNg0/O7X+fmGlzH/t6NL1te62C535y3V+Ynvn3w2V27y+/WxzRuf9dHM45bI2+6n1+bPSMX2guDj76ZqwziM7Ov9uqtzmqp2rPJ72FEXx2sxrtd93hd/v/uOp//xu0+992/1O+bWZ1+6beuBHZ7N+AADO3du1vxfG6z9rNvwf69X8/38AAABgIMTcPxxmIv8DAABAZcTcPxJmIv8DAABAZcTcPxpmkkn+f+T2XS+99XSR3g1wMYjnx91w/5317WLHeyF8vXFxSXn6x7419tJXnl7dbQ8XRfHL+97XdvtH7ozrqjsR1/mR5tOXuea6Vd3+ww8ubdf4/glndtWvP96f1R4Gsav8ytTW2vVufGKmNl+9r6jNBxaee6Z+/fWv4/ant9W3/+vwpiV7Dg41XX5LWM8NYW4M7ylz/56l/VDOeLmXNnzgX6/87NLtxcsNbX5n7W6++Ef1643vEfXClfXt4/1eaf3/8tXvvFRu//iN7df/9HD79Z8O1/uTMH+xu7594z7/SsP6/ySsP95evNyt3/x+2/W//J769i+H4+LrYbau/+4/f/9b7R6veDt77qhfLt7+9P9ur10uXl+8/tb1Tzw907Q/Wq//1Tfr17P70Z+NNG4fT4+3Ez18R/PxPRQe36YeeVEU3/nTomk/Fx+tX+6fW9Yfr+/EHe3Xf3PLOk8MXVe7/NL9Wd90v772t1vb3t+4nj3/sL7p/rxwT9h/b079oLze0w+E4zGc/38/rF9f63uZvnxP8+tN3P7r6+vP23h9Uy3rf6Fl/QvXlfuu+/rvfbO+/pfvWtO0/j2fDMfTvfXZbf2H/uaKpst/49v1x+PkY5PHjs+dOnygYa82Po/XTKxdd9nl73jnFeG1tPXrvcfnH5k9uXF643RRbBzAtwzs9fq/Geb/1MfChb+Fuh/9rH7cPf+p+vetD/68/vUL4fSHw+MZvz9+7a/Gmo7X1sd94a76PN/1fzisY7Xe89X/vm5VG57+/Cun/umPX2/9uSDenxPvnqjdvxc3XV07b+jV+vmtr1fd/Ne7m5/XPx6drs3vhf26GN6ZefPV9dtrvf743iTPf7r+/I0/ycXLFy3vJ7J+pPl+nO/6fxx+jvn+Nc2vf/H4+N7TLe/mvL4YKpewEF4fioX6+XGruL+fP3N129uL78NTLLz3bJa5orkn5qaOHD526vGp+dm5+am5J57ce/T4qWPze2vvXbr3i90uv/T8Xld7fh+Y3bm9qD3bj9dHj13q9Z94cP+B26ZvOjB7cN+pg/MPnpg9eWj/3Nz+2QNzN+07eHD2sW6XP3xg98zWXdtu2zp56PCB3bfv2rVt1+ThY8fLZdQX1cXO6S9NHju5t3aRud3bd83s2LF9evLo8QOzu2+bnp481e3yte9Nk+WlH508OXtk3/zho7OTc4efnN09s2vnzq1d3/3x6ImDcxunTp46NnVqbvbkVP2+bJyvnVx+7+t2efIwdzy83rUYCj+df+7mnen9cUvf+vKKV1XfpPnH0+KN8F5Q8ftbt69j7h8LM8kk/wMAAEAOYu4Pb/y/dIb8DwAAAJURc/+aMBP5HwAAACoj5v6JMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9y/tiiyzP8AAACQg5j714WZyP8AAABQGTH3XxZmIv8DAABAZcTcf3mYSR75f6z1n/r/+v/6/439/7it/n+h/6//f470//X/O9H/1/8f5PX3Yf9/be/7/0vHtP4/q7Gq/v/40um97v/H3P+OMJM88j8AAABkIeb+d4aZyP8AAABQGTH3XxFmIv8DAABAZcTcvz7MJJP87/P/9f/1/33+v/6//n8v6f/r/3ei/6//P8jr78P+v8//p+/02+f/x9z/K2EmmeR/AAAAyEHM/e8KM5H/AQAAoDJi7r8yzET+BwAAgMqIuf+qMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9z/7jCTTPI/AAAA5CDm/qvDTOR/AAAAqIyY+98TZiL/AwAAQGXE3H9NmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16//r/9Ndv/X/Y+5/b5hJJvkfAAAAchBz/7VhJvI/AAAAVEbM/e8LM5H/AQAAoDJi7t8QZpJJ/tf/1//X/9f/1//X/++lwer/D694jv5/nf5/M/1//X/9f/1/Ouu3/n/M/e8PM8kk/wMAAEAOYu7/QJiJ/A8AAACVEXP/dWEm8j8AAABURsz9G8NMMsn/+v/6//r/+v/6//r/vTRY/f+V6f/X6f830//X/9f/1/+ns37r/8fcvynMJJP8DwAAADmIuX9zmIn8DwAAAJURc//1YSbyPwAAAFRGzP03hJlkkv/1//X/9f/1//X/9f97Sf9f/78T/X/9/0Fev/7/6vr/492uiErrt/5/zP03hplkkv8BAAAgBzH33xRmIv8DAABAZcTc/8EwE/kfAAAAKiPm/i1hJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/+/z/+mu3/r/Mfd/KMwkk/wPAAAAOYi5/8NhJvI/AAAAVEbM/TeHmcj/AAAAUBkx90+GmWSS//X/9f/1//X/9f/1/3upqv3/9Dqq/6//r/+v/6//r//Pivqt/x9z/y1hJpnkfwAAAMhBzP23hpnI/wAAAFAZMfdPhZnI/wAAAFAZMfdPh5lkkv/1//X/9f/1//X/9f97qar9f5//r/9f6P/r/+v/6//TVb/1/2PunwkzyST/AwAAQA5i7t8aZiL/AwAAQGXE3L8tzET+BwAAgMqIuX97mEkm+V///xz7/2uav9T/b79+/X/9f/1//X/9f/3/TvT/9f8Hef36//r/NBtuc1q/9f9j7t8RZpJJ/gcAAIAcxNy/M8xE/gcAAIDKiLn/tjAT+R8AAAAqI+b+28NMMsn/+v8+/1//X/9f/39Q+//jxSDQ/9f/70T/X/9/kNev/6//T3f91v+PuX9XmEkm+R8AAAByEHP/R8JM5H8AAACojJj77wgzkf8BAABgoLT7HMIo5v6Phplkkv/1/6ve/19co/+v/6//33n9g9v/Hwz6//r/nej/6/8P8vr1//X/6a7f+v8x9+8OM8kk/wMAAEAOYu6/M8xE/gcAAIDKiLn/rjAT+R8AAAAqI+b+PWEmmeR//f+q9/99/r/+/+D0/8fi46r/r/9/FvT/9f8L/f9zdq79+fBji/5/H/X/y2NI/59+1G/9/5j77w4zyST/AwAAQA5i7v9YmIn8DwAAAJURc//Hw0zkfwAAAKiMmPs/EWaSSf7X/9f/1//X/++X/n+k/6//fzb0//X/C/3/c3ap+/ODvv5+6v/7/H/6Vb/1/2PuvyfMJJP8DwAAADmIuf+TYSbyPwAAAFRGzP2/GmYi/wMAAEBlxNx/b5hJJvlf/1//X/9f/1//X/+/l/T/9f870f/X/x/k9ev/6//TXb/1/2Pu/7Uwk0zyPwAAAOQg5v77wkzkfwAAAKiMmPs/FWYi/wMAAEBlxNz/62EmmeR//f+L0/8fTtev/6//r/+v/6//fyHp/+v/F/r/5+xS9+cHff36//r/dNdv/f+Y+38jzCST/A8AAAA5iLn/N8NM5H8AAACojJj7fyvMRP4HAACAyoi5//4wk0zyv/6/z//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPt/O8wkk/wPAAAAOYi5/4EwE/kfAAAAKiPm/k+Hmcj/AAAAUBkx938mzCST/K//r/+v/6//r/+v/99L+v/6/53o/+v/D/L69f/1/+mu3/r/Mfc/GGaSSf4HAACAHMTc/9kwE/kfAAAAKiPm/t8JM5H/AQAAoDJi7v/dMJNM8r/+v/6//r/+v/6//n8v6f8v7/+Xr2GXsv8/vpoN9f9XRf9f/1//X/+fzvqt/x9z/+fCTDLJ/wAAAJCDmPt/L8xE/gcAAIDKiLn/98NM5H8AAACojJj7HwozyST/6//r/+v/6//r/+v/95L+v8//70T/X/9/kNev/6//T3f91v+Puf/zYSaZ5H8AAADIQcz9fxBmIv8DAABAZcTcvzfMRP4HAACAyoi5/+Ewk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3L8vzCST/A8AAAA5iLn/C2Em8j8AAABURsz9+8NM5H8AAACojJj7D4SZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/tkwk0zyPwAAAOQg5v6DYSbyPwAAAFRGzP2HwkzkfwAAAKiMmPsfCTPJJP/r/+v/6//r/+v/6//3kv6//n8n+v/6/4O8fv1//X+667f+f8z9h8NMMsn/AAAAkIOY+78YZiL/AwAAQGXE3P+lMBP5HwAAACoj5v4jYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9E/1//f5DXr/+v/093/db/j7n/aJhJJvkfAAAAchBz/7EwE/kfAAAAKiPm/uNhJvI/AAAAVEbM/SfCTDLJ//r/+v/6//r/+v/6/72k/7+8/z8erlP/X/9f/3+w16//r/9Pd/3W/4+5/w/DTDLJ/wAAAJCDmPtPhpnI/wAAAFAZMffPhZnI/wAAAFAZMffPh5lkkv/1//X/9f/1//X/9f97Sf/f5/93ov+v/z/I69f/1/+nu37r/8fcfyrMJJP8DwAAADmIuf/RMBP5HwAAACoj5v7HwkzkfwAAAKiMmPsfDzPJJP/r//8/e3e961t5xHF406aWpum19Ap6Cb2GXkbdhbq7u7u7u1N3d1rqmtCEPTOQAmudA/zY75p5nn+mhZ3whk1IviGfLP2//n+Z/v+889P/6//1/5dF/3+79//X/SOv/z+n/9f/6//1/2xbrf/P3X+/uGXI/gcAAIAJcvffP26x/wEAAKCN3P0PiFvsfwAAAGgjd/8D45Yh+1//r//X/y/T//v+f/5e9f/6/8ug//f9/zP9/y120f380d+v/9f/s2+1/j93/4PiliH7HwAAACbI3f/guMX+BwAAgDZy9z8kbrH/AQAAoI3c/Q+NW4bsf/2//l//r//X/+v/T0n/r//fov/X/x/5/fp//T/7Vuv/c/c/LG4Zsv8BAABggtz9D49b7H8AAABoI3f/I+IW+x8AAADayN3/yLhlyP7X/+v/9f/6f/2//v+U9P/6/y36f/3/kd+v/9f/s2+1/j93/6PiliH7HwAAACbI3f/ouMX+BwAAgDZy9z8mbrH/AQAAoI3c/Y+NW4bsf/2//l//r//X/+v/T0n/r//fov/X/x/5/fp//T/7Tt7/3+fK6+6l9v+5+6+MW4bsfwAAAJggd//j4hb7HwAAANrI3f/4uMX+BwAAgDZy9z8hbhmy//X/+v/r+/9rr9D/6//1/9f/cf3/bUP/r//fov9ftf+/tL8T+n/9v/6fPSfv/3d6/////7n7nxi3DNn/AAAAMEHu/ifFLfY/AAAAtJG7/8lxi/0PAAAAbeTuf0rcMmT/H6X/v1v+D/2/7//r//X/+v9D0f/r/7fo/1ft/33//9b2//e+hPfr/5lgtf4/d/9T45Yh+x8AAAAmyN3/tLjF/gcAAIA2cvc/PW6x/wEAAKCN3P3PiFuG7P+j9P++/6//v6n36//1/2f6/+Xp//X/W/T/+v8jv9/3//X/7Fut/8/d/8y4Zcj+BwAAgAly9z8rbrH/AQAAoI3c/c+OW+x/AAAAaCN3/3PiliH7X/+v/9f/6/9vVf9/R/2//n+b/l//v0X/r/8/8vv1//p/9q3W/+fuf27cMmT/AwAAwAS5+58Xt9j/AAAA0Ebu/ufHLfY/AAAAtJG7/wVxy5D9r//X/+v/9f++/6//PyX9f7v+/wr9//X0//p//b/+n22r9f+5+18YtwzZ/wAAADBB7v4XxS32PwAAALSRu//FcYv9DwAAAG3k7n9J3DJk/+v/9f/6f/2//l//f0r6/3b9v+//34D+X/+v/9f/s221/j93/0vjliH7HwAAACbI3f+yuMX+BwAAgDZy9788brH/AQAAoI3c/a+IW4bsf/2//l//r//X/+v/T0n/r//fov+/6f7/rjfz19P/r/V+/b/+n32r9f+5+18ZtwzZ/wAAADBB7v5XxS32PwAAALSRu//VcYv9DwAAAG3k7n9N3DJk/99c/3/N3c//vP7/0uj/b/r9+n/9v/5f/6//1/9v0f/7/v+R36//1/+zb7X+P3f/a+OWIfsfAAAAJsjd/7q4xf4HAACANnL3vz5usf8BAACgjdz9b4hbhux/3//X/+v/9f/6f/3/Ken/9f9b9P/6/yO/X/+v/2ffav1/7v43xi1D9j8AAABMkLv/TXGL/Q8AAABt5O5/c9xi/wMAAEAbufvfErcM2f/6f/3/hff/d9D/J/1//F71//r/y6D/1/+f6f9vsYvu54/+fv2//p99q/X/ufvfGrcM2f8AAAAwQe7+t8Ut9j8AAAC0kbv/7XGL/Q8AAABt5O5/R9wyZP/r//X/F97/+/5/0f/H71X/r/+/DPp//f+Z/v8Wu+h+/ujv1//r/9m3Wv+fu/+dccuQ/Q8AAAAT5O5/V9xi/wMAAEAbufvfHbfY/wAAANBG7v73xC1D9r/+X/+v/9f/6//1/6ek/9f/b9H/6/+P/H79v/6ffav1/7n73xu3DNn/AAAAMEHu/vfFLfY/AAAAtJG7//1xi/0PAAAAbeTu/0DcMmT/6/+P3v/f9+p4gf5f/6//1/8vSf+v/9+i/9f/H/n9+n/9P/tW6/9z938wbhmy/wEAAGCC3P0filvsfwAAAGgjd/+H4xb7HwAAANrI3f+RuGXI/p/R/9/pRj/Wp//3/X/9v/5f/782/b/+f4v+X/9/5Pfr//X/7Fut/8/d/9G4Zcj+BwAAgAly938sbrH/AQAAoI3c/R+PW+x/AAAAaCN3/yfiliH7f0b/f2P6/3O3ef9/7T31//r/ov/X/5/p//X/O/T/+v8jv1//r/9n32r9f+7+T8YtQ/Y/AAAATJC7/1Nxi/0PAAAAbeTu/3TcYv8DAABAG7n7PxM33OseF/ek25X+X//v+//6f/2//v+U9P/6/y36f/3/kd+v/9f/s2+1/j93/2fjFv/9HwAAANrI3f+5uMX+BwAAgDZy938+brH/AQAAoI3c/V+IW4bsf/2//l//r//X/+v/T0n/r//fov/X/x/5/fp//T/7Vuv/c/d/MW4Zsv8BAABggtz9X4pb7H8AAABoI3f/l+MW+x8AAADayN3/lbhlyP7X/+v/9f/6f/2//v+U9P/6/y36f/3/kd+v/9f/s2+1/j93/1fjliH7HwAAACbI3f+1uMX+BwAAgDZy918Vt9j/AAAA0Ebu/q/HLUP2v/5f/6//1//r//X/p6T/1/9v0f/foP/Pf5no/w/zfv2//p99q/X/ufu/EbcM2f8AAAAwQe7+b8Yt9j8AAAC0kbv/W3GL/Q8AAABt5O7/dtwyZP937v+3fkz/f07/r/8/0//r/09M/6//36L/9/3/I79f/6//Z99q/X/u/u/ELUP2PwAAAEyQu/+7cYv9DwAAAG3k7v9e3GL/AwAAQBu5+78ftwzZ/537/y36/3P6f/3/mf5f/39i+n/9/xb9v/7/yO/X/+v/2bda/5+7/wdxy5D9DwAAABPk7v9h3GL/AwAAQBu5+38Ut9j/AAAA0Ebu/h/HLUP2v/5f/6//1//r//X/p6T/1/9v0f/r/4/8fv2//p99q/X/uft/ErcM2f8AAAAwQe7+n8Yt9j8AAAC0kbv/Z3GL/Q8AAABt5O7/edwyZP/r//X/+n/9v/5f/39K+n/9/xb9v/7/yO/X/+v/2bda/5+7/xdxy5D9DwAAABPk7v9l3GL/AwAAQBu5+38Vt9j/AAAA0Ebu/l/HLUP2v/5f/6//1//r//X/p6T/1/9v0f/r/4/8fv2//p99q/X/uft/E7cM2f8AAAAwQe7+38Yt9j8AAAC0kbv/d3GL/Q8AAABt5O7/fdwyZP/r//X/+n/9v/5f/39K+n/9/xb9v/7/yO/X/+v/2bda/5+7/+q4Zcj+BwAAgAly9/8hbrH/AQAAoI3c/X+MW+x/AAAAaCN3/zVxy5D937n/v+rON/9j+v9zbfv/u+j/9f/6/1Xo//X/W/T/+v8jv1//r/9n32r9f+7+P8UtQ/Y/AAAATJC7/89xi/0PAAAAbeTu/0vcYv8DAABAG7n7/xq3DNn/nfv/Lfr/c237f9//1//r/5eh/9f/b9H/6/+P/H79v/6ffav1/7n7/xa3DNn/AAAAMEHu/r/HLfY/AAAAtJG7/x9xi/0PAAAAbeTu/2fcMmT/6//1//p//b/+X/9/Svp//f8W/b/+/8jv1//r/9m3Wv+fu/9fccuQ/Q8AAAAT5O7/d9xi/wMAAEAbufv/E7fY/wAAANBG7v7/xi1D9r/+X/+v/9f/6//1/6ek/9f/b9H/6/+P/H79v/6ffav1/7n7/xcAAP//mdcmSQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0xb9cbbe05c791f09e)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r0, r1, 0x0, 0xff7e82)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)

219.694234ms ago: executing program 1 (id=92):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x2a803)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000280)={0x2, 0x100004, 0x20})

219.436322ms ago: executing program 1 (id=93):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x7}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x1, 0x1}]}]}, {0x0, [0x61, 0x61, 0x5f]}}, 0x0, 0x3d, 0x0, 0x1}, 0x28)

158.147413ms ago: executing program 1 (id=94):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @local, @multicast1}, {0x17, 0x7c, 0x0, @local}}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

157.84199ms ago: executing program 1 (id=95):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
write$vhost_msg(r0, &(0x7f0000000840)={0x796e6564, {0x0, 0x0, 0x0}}, 0x7)

154.853781ms ago: executing program 0 (id=96):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000440)=0x91)

154.676568ms ago: executing program 1 (id=97):
io_setup(0x7ff, &(0x7f0000002080)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

99.919325ms ago: executing program 0 (id=98):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x6, &(0x7f0000000680)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r0, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r0, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}])

129.29µs ago: executing program 1 (id=99):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
sendfile(r5, r5, 0x0, 0x40008)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x8002, 0x0)
pipe2$9p(0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
r8 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r10 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, 0x0)
bind$alg(r8, 0x0, 0x0)
ioctl$RTC_SET_TIME(r6, 0x4024700a, &(0x7f0000000200)={0x17, 0x20, 0x13, 0x1b, 0xb, 0x46, 0x4, 0xf5, 0x1})
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
dup3(r2, r0, 0x80000)

0s ago: executing program 0 (id=100):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
splice(r6, 0x0, r5, 0x0, 0x8, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:15062' (ED25519) to the list of known hosts.
syzkaller login: [   41.373164][ T5782] cgroup: Unknown subsys name 'net'
[   41.473276][ T5782] cgroup: Unknown subsys name 'cpuset'
[   41.477070][ T5782] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.021296][ T5782] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.487129][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.490040][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.492903][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.495824][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.498627][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.513381][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.522360][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.525220][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.528101][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.531390][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.551750][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.554522][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.557218][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.560245][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.563524][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.660138][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   46.707968][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   46.751180][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.754283][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.756936][ T5845] bridge_slave_0: entered allmulticast mode
[   46.759694][ T5845] bridge_slave_0: entered promiscuous mode
[   46.768709][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.771039][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.773741][ T5845] bridge_slave_1: entered allmulticast mode
[   46.776390][ T5845] bridge_slave_1: entered promiscuous mode
[   46.793801][ T5853] chnl_net:caif_netlink_parms(): no params data found
[   46.798679][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.802951][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.810926][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.813829][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.816614][ T5849] bridge_slave_0: entered allmulticast mode
[   46.819400][ T5849] bridge_slave_0: entered promiscuous mode
[   46.836361][ T5845] team0: Port device team_slave_0 added
[   46.838806][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.842126][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.844703][ T5849] bridge_slave_1: entered allmulticast mode
[   46.847319][ T5849] bridge_slave_1: entered promiscuous mode
[   46.862536][ T5845] team0: Port device team_slave_1 added
[   46.875599][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.889220][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.910356][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.913528][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.924011][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.936111][ T5849] team0: Port device team_slave_0 added
[   46.940341][ T5849] team0: Port device team_slave_1 added
[   46.949663][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.952830][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.961906][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.984782][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.987461][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.997819][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.002218][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.004984][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.007728][ T5853] bridge_slave_0: entered allmulticast mode
[   47.010225][ T5853] bridge_slave_0: entered promiscuous mode
[   47.013509][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.015906][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.018582][ T5853] bridge_slave_1: entered allmulticast mode
[   47.021527][ T5853] bridge_slave_1: entered promiscuous mode
[   47.024842][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.027413][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.036925][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.059492][ T5845] hsr_slave_0: entered promiscuous mode
[   47.062097][ T5845] hsr_slave_1: entered promiscuous mode
[   47.070445][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.086928][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.103440][ T5849] hsr_slave_0: entered promiscuous mode
[   47.106116][ T5849] hsr_slave_1: entered promiscuous mode
[   47.108621][ T5849] debugfs: 'hsr0' already exists in 'hsr'
[   47.110844][ T5849] Cannot create hsr debugfs directory
[   47.135570][ T5853] team0: Port device team_slave_0 added
[   47.143357][ T5853] team0: Port device team_slave_1 added
[   47.190876][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.194048][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.204066][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.214874][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.217456][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.226813][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.269833][ T5853] hsr_slave_0: entered promiscuous mode
[   47.272569][ T5853] hsr_slave_1: entered promiscuous mode
[   47.274907][ T5853] debugfs: 'hsr0' already exists in 'hsr'
[   47.277069][ T5853] Cannot create hsr debugfs directory
[   47.290955][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.303202][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.307423][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.322890][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.343611][ T5849] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.347065][ T5849] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.354682][ T5849] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.365551][ T5849] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.390209][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.392980][ T5845] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.395856][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.398645][ T5845] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.428958][ T5853] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.434734][ T5853] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.439687][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.442427][ T5849] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.444907][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.447159][ T5849] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.452325][ T5853] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.457209][ T5853] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.479883][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.482761][ T5853] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.485682][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.488520][ T5853] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.529351][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.539212][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.546939][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[   47.550479][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.553989][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.557020][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.560131][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.565084][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.568013][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.579390][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.582071][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.587525][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.594334][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   47.604629][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.607237][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.610812][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.613454][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.625393][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.628188][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.645234][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   47.650675][ T5853] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.659776][ T1092] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.662209][ T1092] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.673427][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.676239][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.766237][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.792203][ T5853] veth0_vlan: entered promiscuous mode
[   47.797385][ T5853] veth1_vlan: entered promiscuous mode
[   47.813500][ T5853] veth0_macvtap: entered promiscuous mode
[   47.817732][ T5853] veth1_macvtap: entered promiscuous mode
[   47.829900][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.837431][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.850221][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.854187][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.857622][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.866459][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.881700][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.899114][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.916807][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.919889][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.927168][ T5845] veth0_vlan: entered promiscuous mode
[   47.943077][ T5845] veth1_vlan: entered promiscuous mode
[   47.949520][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.952183][ T5849] veth0_vlan: entered promiscuous mode
[   47.954901][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.965874][ T5849] veth1_vlan: entered promiscuous mode
[   47.983613][ T5845] veth0_macvtap: entered promiscuous mode
[   47.990205][ T5845] veth1_macvtap: entered promiscuous mode
[   47.995850][ T5853] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.009328][ T5849] veth0_macvtap: entered promiscuous mode
[   48.022974][ T5849] veth1_macvtap: entered promiscuous mode
[   48.030142][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.058537][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.078061][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.097301][ T5874] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.101078][ T5874] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.106514][ T5874] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.119772][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.130065][ T5874] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.157723][ T5874] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.179239][ T5874] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.183180][ T5874] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.190752][ T5874] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.295355][ T3631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.298520][ T3631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.361528][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.377372][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.378176][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.381759][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.438918][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.448502][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.524379][   T55] Bluetooth: hci0: command tx timeout
[   48.602018][   T55] Bluetooth: hci1: command tx timeout
[   48.795361][   T33] audit: type=1326 audit(1756146337.621:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.8" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ef18ebe9 code=0x7ffc0000
[   48.806308][   T33] audit: type=1326 audit(1756146337.631:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.8" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ef18ebe9 code=0x7ffc0000
[   48.816475][   T33] audit: type=1326 audit(1756146337.641:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.8" exe="/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f10ef18ebe9 code=0x7ffc0000
[   48.836970][   T33] audit: type=1326 audit(1756146337.641:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.8" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ef18ebe9 code=0x7ffc0000
[   48.860322][   T33] audit: type=1326 audit(1756146337.641:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.8" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ef18ebe9 code=0x7ffc0000
[   48.870842][ T5929] loop0: detected capacity change from 0 to 4096
[   48.902649][ T5934] binder: 5933:5934 unknown command 0
[   48.904775][ T5934] binder: 5933:5934 ioctl c0306201 200000000080 returned -22
[   48.927787][ T5935] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   49.259970][ T5943] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode active-backup(1)
[   49.601460][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   49.632402][ T5974] Bluetooth: Error in BCSP hdr checksum
[   49.765591][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[   49.769187][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.772901][   T24] usb 1-1: Product: syz
[   49.774666][   T24] usb 1-1: Manufacturer: syz
[   49.777166][   T24] usb 1-1: SerialNumber: syz
[   50.191546][ T5848] Bluetooth: hci2: command tx timeout
[   50.602769][ T5848] Bluetooth: hci0: command tx timeout
[   50.671400][ T5848] Bluetooth: hci1: command tx timeout
[   50.735482][ T5988] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[   50.790622][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[   50.795523][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[   50.799293][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[   50.804789][   T24] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[   50.810031][   T24] usb 1-1: USB disconnect, device number 2
[   51.021367][ T5920] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   51.171347][ T5920] usb 3-1: Using ep0 maxpacket: 32
[   51.175193][ T5920] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[   51.178496][ T5920] usb 3-1: config 0 has no interface number 0
[   51.183569][ T5920] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   51.187353][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.190535][ T5920] usb 3-1: Product: syz
[   51.192451][ T5920] usb 3-1: Manufacturer: syz
[   51.194519][ T5920] usb 3-1: SerialNumber: syz
[   51.197638][ T5920] usb 3-1: config 0 descriptor??
[   51.201089][ T5920] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   51.404022][ T5920] usb 3-1: qt2_setup_urbs - submit read urb failed -8
[   51.411556][ T5920] quatech2 3-1:0.51: probe with driver quatech2 failed with error -8
[   51.608190][ T5895] usb 3-1: USB disconnect, device number 2
[   51.631462][ T5848] Bluetooth: hci3: command 0x1003 tx timeout
[   51.631566][   T55] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   51.682558][ T6014] syz.1.42 (6014): attempted to duplicate a private mapping with mremap.  This is not supported.
[   52.271373][   T55] Bluetooth: hci2: command tx timeout
[   52.671803][   T55] Bluetooth: hci0: command tx timeout
[   52.681494][ T5314] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   52.751626][   T55] Bluetooth: hci1: command tx timeout
[   52.833482][ T5314] usb 3-1: not running at top speed; connect to a high speed hub
[   52.841801][ T5314] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   52.845310][ T5314] usb 3-1: config 1 has no interface number 1
[   52.847670][ T5314] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   52.873379][ T5314] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   52.882361][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.884919][ T5314] usb 3-1: Product: syz
[   52.886251][ T5314] usb 3-1: Manufacturer: syz
[   52.889368][ T5314] usb 3-1: SerialNumber: syz
[   53.086198][ T6056] loop1: detected capacity change from 0 to 32768
[   53.110946][ T5314] usb 3-1: failed to enable PITCH for EP 0x82
[   53.131366][ T5314] usb 3-1: USB disconnect, device number 3
[   53.152580][ T5850] udevd[5850]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   53.168353][ T6056] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   53.168370][ T6056]   allowing incompatible features above 0.0: (unknown version)
[   53.168376][ T6056]   features: lz4
[   53.204997][ T6056] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   53.208318][ T6056] bcachefs (loop1): initializing new filesystem
[   53.214401][ T6058] loop0: detected capacity change from 0 to 32768
[   53.226250][ T6056] bcachefs (loop1): going read-write
[   53.231420][ T6058] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.57 (6058)
[   53.243072][ T6056] bcachefs (loop1): marking superblocks
[   53.248328][ T6058] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   53.252574][ T6058] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   53.263715][ T6056] bcachefs (loop1): initializing freespace
[   53.268972][ T6056] bcachefs (loop1): done initializing freespace
[   53.275888][ T6056] bcachefs (loop1): reading snapshots table
[   53.278394][ T6056] bcachefs (loop1): reading snapshots done
[   53.298502][ T6056] bcachefs (loop1): done starting filesystem
[   53.305485][ T6058] BTRFS info (device loop0): setting nodatasum
[   53.307931][ T6058] BTRFS info (device loop0): setting nodatacow
[   53.310352][ T6058] BTRFS info (device loop0): enabling free space tree
[   53.314265][ T6058] BTRFS info (device loop0): enabling auto defrag
[   53.321410][ T6058] BTRFS info (device loop0): max_inline set to 0
[   53.351507][ T5845] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   53.367075][ T6056] syz.1.56 (6056) used greatest stack depth: 17336 bytes left
[   53.381734][ T5853] bcachefs (loop1): shutting down
[   53.383502][ T5853] bcachefs (loop1): going read-only
[   53.387729][ T5853] bcachefs (loop1): finished waiting for writes to stop
[   53.390462][ T5853] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[   53.405752][ T5853] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   53.419525][ T5853] bcachefs (loop1): clean shutdown complete, journal seq 4
[   53.423488][ T5853] bcachefs (loop1): marking filesystem clean
[   53.434975][ T6091] loop0: detected capacity change from 0 to 512
[   53.438460][ T6091] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   53.444018][ T6091] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   53.451499][ T6091] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   53.453311][ T5853] bcachefs (loop1): shutdown complete
[   53.456526][ T6091] EXT4-fs (loop0): 1 truncate cleaned up
[   53.462259][ T6091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.486802][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.673465][ T6097] loop2: detected capacity change from 0 to 1024
[   53.676294][ T6097] =======================================================
[   53.676294][ T6097] WARNING: The mand mount option has been deprecated and
[   53.676294][ T6097]          and is ignored by this kernel. Remove the mand
[   53.676294][ T6097]          option from the mount to silence this warning.
[   53.676294][ T6097] =======================================================
[   53.694915][ T6097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.699411][ T6097] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.710040][ T6097] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   53.716990][ T6097] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 11 with error 28
[   53.721877][ T6097] EXT4-fs (loop2): This should not happen!! Data will be lost
[   53.721877][ T6097] 
[   53.725598][ T6097] EXT4-fs (loop2): Total free blocks count 0
[   53.727900][ T6097] EXT4-fs (loop2): Free/Dirty block details
[   53.730197][ T6097] EXT4-fs (loop2): free_blocks=4293918720
[   53.732580][ T6097] EXT4-fs (loop2): dirty_blocks=48
[   53.734475][ T6097] EXT4-fs (loop2): Block reservation details
[   53.736617][ T6097] EXT4-fs (loop2): i_reserved_data_blocks=3
[   53.747942][ T1092] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 17 with error 28
[   53.761321][   T47] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   53.923399][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   53.928049][   T47] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   53.933444][   T47] usb 1-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[   53.936975][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.940257][   T47] usb 1-1: config 0 descriptor??
[   54.011363][ T5314] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   54.162740][ T5314] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   54.166776][ T5314] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   54.171371][ T5314] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   54.175376][ T5314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   54.178449][ T5314] usb 3-1: SerialNumber: syz
[   54.352386][   T47] ortek 0003:1223:3F07.0001: unknown main item tag 0x6
[   54.352789][   T55] Bluetooth: hci2: command tx timeout
[   54.361685][   T47] ortek 0003:1223:3F07.0001: report_id 29495 is invalid
[   54.364481][   T47] ortek 0003:1223:3F07.0001: item 0 2 1 8 parsing failed
[   54.367430][   T47] ortek 0003:1223:3F07.0001: probe with driver ortek failed with error -22
[   54.391074][ T5314] usb 3-1: 0:2 : does not exist
[   54.408206][ T5314] usb 3-1: USB disconnect, device number 4
[   54.432922][ T5847] udevd[5847]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   54.553969][  T792] usb 1-1: USB disconnect, device number 3
[   54.628350][ T6115] loop1: detected capacity change from 0 to 32768
[   54.639982][ T6115] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   54.658730][ T6115] XFS (loop1): Ending clean mount
[   54.662687][ T6115] XFS (loop1): Quotacheck needed: Please wait.
[   54.669547][ T6115] XFS (loop1): Quotacheck: Done.
[   54.712402][ T6115] mmap: syz.1.68 (6115) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   54.738022][ T5853] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   54.761871][   T55] Bluetooth: hci0: command tx timeout
[   54.841349][   T55] Bluetooth: hci1: command tx timeout
[   54.854321][ T6125] capability: warning: `syz.1.69' uses deprecated v2 capabilities in a way that may be insecure
[   54.956846][ T6134] loop2: detected capacity change from 0 to 2048
[   54.967950][ T6134] FAT-fs (loop2): Directory bread(block 131102) failed
[   54.970473][ T6134] FAT-fs (loop2): Directory bread(block 131103) failed
[   54.975087][ T6134] FAT-fs (loop2): Directory bread(block 131104) failed
[   54.977932][ T6134] FAT-fs (loop2): Directory bread(block 131105) failed
[   54.988050][ T6134] FAT-fs (loop2): Directory bread(block 131106) failed
[   54.991065][ T6134] FAT-fs (loop2): Directory bread(block 131107) failed
[   54.995111][ T6134] FAT-fs (loop2): Directory bread(block 131108) failed
[   54.999042][ T6134] FAT-fs (loop2): Directory bread(block 131109) failed
[   55.003425][ T6138] loop1: detected capacity change from 0 to 64
[   55.006048][ T6134] FAT-fs (loop2): Directory bread(block 131110) failed
[   55.008905][ T6134] FAT-fs (loop2): Directory bread(block 131111) failed
[   55.045702][ T5853] Trying to free block not in datazone
[   55.048766][ T5853] Trying to free block not in datazone
[   55.053156][ T5853] Trying to free block not in datazone
[   55.055353][ T5853] Trying to free block not in datazone
[   55.057738][ T5853] Trying to free block not in datazone
[   55.060127][ T5853] Trying to free block not in datazone
[   55.063163][ T5853] Trying to free block not in datazone
[   55.065394][ T5853] Trying to free block not in datazone
[   55.067669][ T5853] Trying to free block not in datazone
[   55.069888][ T5853] Trying to free block not in datazone
[   55.088150][ T5853] Trying to free block not in datazone
[   55.093738][ T6140] loop2: detected capacity change from 0 to 512
[   55.101524][ T5853] Trying to free block not in datazone
[   55.107008][ T5853] Trying to free block not in datazone
[   55.109057][ T6140] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   55.109784][ T5853] Trying to free block not in datazone
[   55.122157][ T6140] EXT4-fs (loop2): 1 truncate cleaned up
[   55.130583][ T6140] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.204105][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.237172][ T6155] Bluetooth: MGMT ver 1.23
[   55.260625][ T6153] loop1: detected capacity change from 0 to 4096
[   55.279773][ T6153] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[   55.295574][ T6153] ntfs3(loop1): ino=19, mi_enum_attr
[   55.297908][ T6153] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   55.659901][ T6168] loop2: detected capacity change from 0 to 32768
[   55.671109][   T33] audit: type=1800 audit(1756146344.491:7): pid=6168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.89" name="file1" dev="loop2" ino=7 res=0 errno=0
[   55.744698][ T6168] ERROR: (device loop2): dbAdjCtl: the maximum free buddy is not the old root
[   55.744698][ T6168] 
[   55.759998][ T6168] ERROR: (device loop2): remounting filesystem as read-only
[   56.471360][   T33] audit: type=1800 audit(1756146345.261:8): pid=6187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.89" name="file1" dev="loop2" ino=7 res=0 errno=0
[   56.581134][ T5849] ------------[ cut here ]------------
[   56.583676][ T5849] kernel BUG at fs/jfs/inode.c:169!
[   56.585999][ T5849] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[   56.589664][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   56.593645][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   56.597959][ T5849] RIP: 0010:jfs_evict_inode+0x438/0x440
[   56.600328][ T5849] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 f3 75 e8 fe e9 16 fe ff ff e8 c9 0c 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   56.608299][ T5849] RSP: 0018:ffffc9000334fae0 EFLAGS: 00010293
[   56.610913][ T5849] RAX: ffffffff833a9e67 RBX: ffff888124d03b80 RCX: ffff88810af4b980
[   56.614219][ T5849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888124d03b80
[   56.617398][ T5849] RBP: 0000000000000001 R08: ffffffff8fa38337 R09: 1ffffffff1f47066
[   56.620594][ T5849] R10: dffffc0000000000 R11: ffffffff833a7b60 R12: dffffc0000000000
[   56.623864][ T5849] R13: dffffc0000000000 R14: ffff888124d03808 R15: ffffffff833a9a30
[   56.627120][ T5849] FS:  00005555693c5500(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[   56.630523][ T5849] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.633164][ T5849] CR2: 00007ffe3d339b78 CR3: 000000010c4ce000 CR4: 00000000000006f0
[   56.635670][ T5849] Call Trace:
[   56.636811][ T5849]  <TASK>
[   56.637813][ T5849]  ? evict+0x4f8/0x9c0
[   56.639179][ T5849]  ? __pfx_jfs_evict_inode+0x10/0x10
[   56.640970][ T5849]  evict+0x504/0x9c0
[   56.642288][ T5849]  ? __pfx_evict+0x10/0x10
[   56.643792][ T5849]  ? rcu_is_watching+0x15/0xb0
[   56.645407][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   56.646996][ T5849]  evict_inodes+0x64c/0x6d0
[   56.648420][ T5849]  ? __pfx_evict_inodes+0x10/0x10
[   56.649943][ T5849]  generic_shutdown_super+0x9a/0x2c0
[   56.651668][ T5849]  kill_block_super+0x44/0x90
[   56.653393][ T5849]  deactivate_locked_super+0xbc/0x130
[   56.655135][ T5849]  cleanup_mnt+0x425/0x4c0
[   56.656634][ T5849]  task_work_run+0x1d4/0x260
[   56.658183][ T5849]  ? __pfx_task_work_run+0x10/0x10
[   56.659785][ T5849]  ? __x64_sys_umount+0x122/0x160
[   56.661466][ T5849]  ? __pfx___x64_sys_umount+0x10/0x10
[   56.663176][ T5849]  ? rcu_is_watching+0x15/0xb0
[   56.664763][ T5849]  exit_to_user_mode_loop+0xec/0x110
[   56.666520][ T5849]  do_syscall_64+0x2bd/0x3b0
[   56.668048][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.670060][ T5849]  ? exc_page_fault+0x9f/0xf0
[   56.671692][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.673745][ T5849] RIP: 0033:0x7f10ef18ff17
[   56.675276][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   56.681564][ T5849] RSP: 002b:00007ffe3d33a328 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   56.684341][ T5849] RAX: 0000000000000000 RBX: 00007f10ef211c05 RCX: 00007f10ef18ff17
[   56.686977][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3d33a3e0
[   56.689584][ T5849] RBP: 00007ffe3d33a3e0 R08: 0000000000000000 R09: 0000000000000000
[   56.692234][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3d33b470
[   56.695314][ T5849] R13: 00007f10ef211c05 R14: 000000000000dbeb R15: 00007ffe3d33b4b0
[   56.698177][ T5849]  </TASK>
[   56.699285][ T5849] Modules linked in:
[   56.701489][ T5849] ---[ end trace 0000000000000000 ]---
[   56.713542][ T5849] RIP: 0010:jfs_evict_inode+0x438/0x440
[   56.715540][ T5849] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 f3 75 e8 fe e9 16 fe ff ff e8 c9 0c 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   56.724490][ T5849] RSP: 0018:ffffc9000334fae0 EFLAGS: 00010293
[   56.726763][ T5849] RAX: ffffffff833a9e67 RBX: ffff888124d03b80 RCX: ffff88810af4b980
[   56.729957][ T5849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888124d03b80
[   56.734217][ T5849] RBP: 0000000000000001 R08: ffffffff8fa38337 R09: 1ffffffff1f47066
[   56.737390][ T5849] R10: dffffc0000000000 R11: ffffffff833a7b60 R12: dffffc0000000000
[   56.742421][ T5849] R13: dffffc0000000000 R14: ffff888124d03808 R15: ffffffff833a9a30
[   56.745154][ T5849] FS:  00005555693c5500(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[   56.748602][ T5849] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.751093][ T5849] CR2: 00007ffd3881ec08 CR3: 000000010c4ce000 CR4: 00000000000006f0
[   56.754174][ T5849] Kernel panic - not syncing: Fatal exception
[   56.756932][ T5849] Kernel Offset: disabled
[   56.758386][ T5849] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:25:45  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000334f230
R8 =ffff888108cc0237 R9 =1ffff11021198046 R10=dffffc0000000000 R11=ffffffff854f1c80
R12=dffffc0000000000 R13=ffffffff99afa8f0 R14=ffffffff99def3e0 R15=0000000000000000
RIP=ffffffff854f1cfc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555693c5500 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe3d339b78 CR3=000000010c4ce000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 ff000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007f10ef212e53
XMM06=0000000000000000 00007f10ef212e4d XMM07=0000000000000000 00007f10ef212e61
XMM08=0000000000000000 00007f10ef212ee7 XMM09=0000000000000000 00007f10ef212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000081ad5733 RBX=00007fcf510e5720 RCX=ffffffff81ad5733 RDX=0000000000001733
RSI=ffffffff81ad5733 RDI=0000000000000011 RBP=ffffffff81ad5733 RSP=00007ffca7f72858
R8 =00007fcf505a0000 R9 =00007fcf505a2000 R10=0000000081ad5737 R11=0000000000000011
R12=0000000000000011 R13=0000000000000000 R14=ffffffff81ad5733 R15=000000000006d7ca
RIP=00007fcf5024d9f3 RFL=00000206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555558fef500 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00002000001f2000 CR3=0000000114715000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fcf50587498 00007fcf50587470 XMM03=00007fcf505874a8 00007fcf505874a0
XMM04=00007fcf510ed100 00007fcf50587460 XMM05=00007fcf50587478 00007fcf505874c0
XMM06=00007fcf505874b8 00007fcf505874b0 XMM07=00007fcf505874a8 00007fcf505874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fcf50412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
