last executing test programs:

5m35.407546474s ago: executing program 0 (id=689):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000880)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000040004800800020001000000080001000000000004000880cc00088034000780080005007c6610430800060004000000080006009700000008000500c6a13c50080006005700000008000500bf2081642c000780080006006800000008000500eba3b54708000600a3000000070006"], 0xf8}}, 0x0)

5m35.407228087s ago: executing program 0 (id=690):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000200)={0x0, 0x200000, 0x1000, 0xfffffffc, 0x1}, 0x20)

5m35.328167406s ago: executing program 0 (id=691):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x4800, 0x0)

5m35.273519535s ago: executing program 0 (id=693):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3800052, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x42)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$FUSE_WRITE(r1, &(0x7f00000000c0)={0x18}, 0xfffffdef)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}})

5m34.98283892s ago: executing program 0 (id=699):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000940)='./bus\x00', 0x8, &(0x7f0000000240)={[{@autodefrag}, {@acl}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@ssd}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@ssd}, {@noenospc_debug}, {@barrier}, {@nodiscard}, {@acl}, {@enospc_debug}, {@nossd_spread}, {@noenospc_debug}]}, 0x1, 0x55a4, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569H33HvrFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vujlRmD2XzllB11x7Q9AUd8+Mj5aGxsU+xmnbQ87xu0zkztibda16HsQMN2+V1+EDtpPrL3p548MqT/3j6vvPXTt3Wbj6Xs0lz0ztadZjZNqvzNddrnsdogs+TXvD2K9hLGmqnK4Rw/J8+X/bMnJd23/jBqydOvP2Fi6+etvCaKROfHfSLsf947S53T7u8YP7f8NHz//hyjrflebljqx/WJ3Pz+EhdTGysT+bmAAAA0Gv0hqOmXx396kunPnT3oheXH1fx3XG/Omm3+oqzv99x/K4rx3/x0ivbH9+lYP4/tLTz//GUf13uaFeHMKErccGAEHbrejwJ/Cx25+QBIezVlWrJDxyWCqwO4Qtdif2zVaVK9I0lhqYCv6/PBCakAmtioCUVuDEGlqQCF8bAilRgRgysTgUOj4HQnj+OA+oz4yg5UBMDrclGXBGvQninPraW2lbrslUBAABsJ5nZYWX+3ZxrHbY1Q5xerqjpKUO8ArtohupUDekZbHZaVbSGip5qKO+phuy4F3308AtqLuup5oLLMMryM3w45DvlAybu/aO7bhxxU/OLE7/77tjjv/LnN99dvf8//fd7zpl/3QEF8/+mj57/V3fTkbKC8/8hTO76G3OXZyId2XhrS14GAAAAYBtc9djSJ2844Kj/c9/L9935pWtvKF999df/7ysbL9h71HHDy/r+3bdXFMz/J5R2/X88JtInJ3N4NB6GmD0ghKb8QFLtwYWB5Kx3v0wAAAAAeoPs+fjsufD2zG1yiXZ6Pl2Yv2Ur88cT/xO6zX/5pr9+9svXPnniwmH7bLjiv535Qdnnx/5ul2PXjnz8rT2H/UND38Lr/1tKu/6/Nv826cSa2IsrB4TQNyfwSOxlZ6DL0Bh4+dD8QGb8a+IGWByrylyYkK1qcSzRGgNNqcCyYiV+my2xW34g82RlG78gO472TImcAAAAAHzi4uGAeF4+Xv9/z+QDvrT/oJfGvLjnvQtfm7D0hFNrf7jPLbu+PqBj0pgDJxxyxDMF8//Wrbv+v2seXHB5f0e/EEZWhNAn/cWAR2uThQFjoK4sk7i/NqmrT7qq82pDGN85sHRVr2TW/69IrzH4RE1SVQzstvdPNw3rTNxQE8LI3MAz37x+TGdifiqQbfwbNSEM6RxtuvGVfZPGK9ONX9M3hD1zAtmqTu4bQmdjVemqHqzO/I5BuqrbqkMYmBPIVnVgdQgLAwC9VPxXOjP3wXkLz549vaOj7YwdmIjH8GvCrPaOtsYZczpmVhfp08xUn/OWMTqvcEyl/vLN85kliqYOuX14Kens9wSbctvKHMcvuHAwcz/uC1V2jbO5Mu/u6PSQh+9T2ETI2ZMqNuTyHTzk2txKtjyJBfXH/FWhX+i7YF7bGY1nTZ8//4xRyd9Sszcnf+NppmRbjUpvq9ru+lbCy6PoalkpH3db7Zdbycj5p80dOW/h2SPaT5t+Stspbd9pHjuquXnMV8eOaR7ZOaqm5G8PQ92vu6pTQ918fYnj2o5D3b0ip5JP4lNDQkKityWmLyk7f8K0X9//rT3WnHbWSXv8/R4zR5z0V5f/Zu6JjYdM/tX1f7m2YP4/96Pn//FTJ37yZ9ZnKHb+vyGe5k8e33KavzUGlpV6/r+h2Nn87IUBQ1OBRTGwyGl+AAAAPhvi4ch4NDMelb6u7p/uPnLmjEPe/+UJU67+27HjTj1r/b4NF1997JL/sP6dJauOeLtg/r+otO//b6f1/7NL13+t2DL/+8cSTcXW/08v859d/39RsfX/08v8Z9f/X/YprP+/IBtIbZJ3rP8PAAB8Fnxy6//3uLx/+gcCCjL0uLx/+gcCCjL0uIx/qT8QsNXr/8/p+IvaQZfPGXfoiLk/fmTV3ksG3val5yf+ep+lB424d+Ut7426tWD+v6S0+b+F+wEAAGDn8dAv+3774neH3f/UI+8fWXbpbzfedPxftR1wyB8GNp8y+eia79/0bwXz/2Wlzf8/+fX/QrHr/4cWC7QUWxjQ+n8AAAD0UsXW/7t54MtDV88fceNjP3/zlpdafzFz/Gv/bskPvjJ9WNPNa9b9pmHG+oL5/4rS5v/xsovyvNyxNx/WJ2vahfSadhvrs18ZAAAAgN6hPDQ2VpaYN29l1MM+fpvrMkuBflQ619P3DVq1oPyhq8qqN/7gkmmHNJ577Jlzjrxo/fdrn/xJ7dTG6jMK5v+rS5v/530v44HaSfWXvT3x4A9XnvzH0/edv3bqlvP/AAAAwI5T6nEJAAAAAAAAAAAAAADg0/dU69KDPhh19Bsz9xr1p28c+8IPFn/xm4/8zbV/PvPnh9+3V/vmYVMKvv8fJneVK/b9//i7f/H7Bbvm5Y6t9rz+X+b+lGNuXdi1ZOGj9SHskxuYff7sz4XMb/PvlxtYNXX/wZ2J89Ml7nvx8Nc6E9PSgaNG7PJeZ2J8KtAaF0n8QjoQf1Xxvf6pQFxe8cl0IG6PFelAVSZwSf9kHGXpbbWhLtlWZelt9VxdCANyAtltdXdd0kZZeoBXpQLZAZ6eDsQBTsoEytO9urVf0qsYqItF/6Zf0isAAHZacS+wMsxq72hrirvw8Xb3ivzbKG/JsvMKqy0rsfnnM0uTTR1y+/BS0n3S+6Jbfmu8MlR3DmFUwe5qbpayrlFun1p62HS7FhlyT6u9lRcpl7a1m66q+IhqkhE1zpjTMbOyx4GP7jlLc0WPWUYVTHZys5R3bdISaimhLyWMqMRtU0KX4/3y0NjYJ5VrXAw2hDw9vSJK/b5+7jp/xV4FuXn+tubaS/sM7vP+v42/6KEHB1R2nDq57aLdH/vngaNm/viHD7Ze8/uC+X9DafP/6txxvZf5MYBF8Zf1Dh4QQmuJIwIAAIDPvv957vI7TpyzZsOs1RXP/u53s8uPO7Fy8zl3nXP2Rc/dv/ioS/79zdsaX1H21KYT39h01l+/8ZOvXPfwWS8dPuOsuyatO2R9W/WN3/2L5acOKZj/Dy1t/h+PYGVOBSdHO1bH3/+/YEAIXT+t35AEfhaHe/KAEPbqSrXEEskP6n8tlmhKAj+LB0z2jyVaW/Kr6hsDK1KB39dnAqtTgTUxkDlK8dOQOZRzRX0IY7pSk/NLzI0lGlKB42JgaCrQGANNqUD/GJiQCrzZPxNoSQX+MQZCe/62urN/ZlsBAABsjcw8qzL/bkjP81ZU9JShrKcMtT1lKO8pQ3VPGYqNIt6/I2aoTF28UpaTqTJda02qloIM8cfwt7pfBRnCb/NzpgsWNB2vP8heb1CWn2HcD+9oPehr83686eIfPX7kgRceueTKty89ut/gK5/93+3n9uu/qbZg/t9U2vy/Nv82aX1NnP9v+f2/JPBI7N6V8dLxoTHw8qH5gcyBgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4eIAgHqaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKIxzHq4tfj96gL4XM5BziyJdpqkxJVqYbDwzXJN9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35yjL9k2XqhO2qhJB4ZVJYHadGBORRKIR36ygXvKkwBss+xRwfiCylzqktXQfbkir7/Pym+CpodXcAy0m3zdfedqR6lOP5A5ppq1dU9bQXXsEAVvj9Xebb3x3dbg3Za7I5XZQ9m8JVQdyme2zZq+oGN+fCT3m6wFdtDznPst1VLS2+F1uOjj97Zn1ekONKU+Ppq6L9f967AsVvdA7aT6y96eePDKk/94+r7z104tuRtFxC8KH3zr3AOey9m8O1p1yLzmet3nSYvPk974b2Copy2EsPyCWU8+8S/vP1+xvvm/HDh2+W1vPrb8Jwc9MGvEFzZc8uWNb717VMH8v6W0+X9F6rbLB3FjzhsQwvCcjfto3PwTBySfgzmB5FNyYGEgOeW+vr7oJycAAABsb9nDHdnjBe2Z2+SC8PQ8uTB/y1bmj8crJnSbv9R+DxzzD9879KrXv/H19btf/ujSp9b9pzdfOWLaoQ9senrFytebj/380wXz/9aPnv/3TXXT+X/n/9lBnP/v1s5+KLpv+oFF23QouqA6dgjn/7u1s7/bnP/vlvP/zv93x/n/Hjj/362d/Wkr2Euaa6crhNA64Ibbf1E7fXi/K8751oy1P3/6naZxL9Sde/Sd/+PwxeGa81b9uWD+P7e0+b/1/7pftC+7/l9rsfX/5hZb/2+R9f8AAIAdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fVq//V3vS2Se9Uv/WXtdMvP0/3zn9wudPOvHZffs8f8LtJ9w08urhL315Q8H8f1Fp8//4cuiX23pvWf9v6OQiVS2JgbkWBgQAAGBnVOwAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ+uFQ8u/uLmxfscdNOzn7/p8H9dtmbW3r86YPPoMSc3Dl88sOzKv/uXtwYtWPhG26Qzr22ZvvyaDSuXhtDeVa4sKV720KDy8tF/OOau2654uGna4CnnVmfqrczcfjEvd2z1w/oQluU8UhcTG+s772wJTDnm1oUVnYlH60PYJzcw+/zZn+tM3Fgfwn65gVVT9x/cmTg/XeK+Fw9/rTMxLR04asQu73UmxmcCZenuXtc/6W5ZuruX9Q9hQE4g291v98+vKtvGf8wEytNt3FyXtBEDdbHoj+qSNmKgI5Zo7xvCyIoQ+qSr+nV1UlWfdFV/X51U1Sdd1X+tDmF8CKEiXdWLVUlVFemRr61KqoqB3fb+6aZhnYllVSGMzA08883rx3QmTk8Fso1/vSqEIZ0vmXTjd1QmjVemG7+qMoQ9QwhV6RL/WpGUqEqXeKUihIE5gWzjp1aEsDDwmRA/fGbmPjhv4dmzp3d0tJ2xAxNVmbZqwqz2jrbGGXM6Zlan+lRMWU5683kff+zPbzpnRuft1CG3Dy8lXZEpV9nV5ebKvLujd/bex37V5lay5fkoqD/mrwr9Qt8F89rOaDxr+vz5Z4xK/paavTn52ycTTbbVqN6yrfbLrWTk/NPmjpy38OwR7adNP6XtlLbvNI8d1dw85qtjxzSP7BxVU/J3ewz1+k9+qLtX5FTySXwASEhI9LZEed6nW9PO/kFesKO/paOVobrrA7pgWpGbpaxrlNtj0Id9zBF/nP2UHkc0qmDiUJCluecsowsmE1uy1CRZuvbrCiaHuTWVd23SeL88NDb2KbYdGvLv5m7et7Zh867LbLpS0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VuH0bMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcCgAA//9aTM01")
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001fc0)={0x0, ""/256, <r1=>0x0, <r2=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r3=>0x0, <r4=>0x0, <r5=>0x0, <r6=>0x0})
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16=r6, @ANYRES64=r4, @ANYRES16=r3, @ANYRES16=r6, @ANYRESDEC=r5, @ANYRES16=r2, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32=r1], 0x5, 0x0, &(0x7f0000000000))

5m34.346044165s ago: executing program 0 (id=703):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000180)={0x23, 0x1, 0x11, 0x1, 0x0, 0x2, 0x0})

5m18.969188158s ago: executing program 32 (id=703):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000180)={0x23, 0x1, 0x11, 0x1, 0x0, 0x2, 0x0})

5m5.244289844s ago: executing program 3 (id=977):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes)\x00'}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a0eb01001800000000000200070000000100"], 0x0, 0x37}, 0x28)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10)

5m5.243902939s ago: executing program 3 (id=978):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=@base={0x1, 0x8, 0x4932, 0x82, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x20000}, 0x6e)

5m4.262581776s ago: executing program 3 (id=983):
r0 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xabd0, 0x400, 0x2, 0x349})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x40, 0x0, 0x89, 0x0, r0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
getrlimit(0x1, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_FILES(r2, 0x1e, &(0x7f0000000000)=[r0], 0x1)

5m4.191273038s ago: executing program 3 (id=984):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000380)={[{@nogrpid}, {@resuid={'resuid', 0x3d, 0xee01}}, {@resgid}, {@nomblk_io_submit}, {@nombcache}, {@resgid={'resgid', 0x3d, 0xee00}}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000000), &(0x7f0000000b40), 0xfe1c, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

5m4.093231144s ago: executing program 3 (id=985):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{0x0, 0xffe0}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="300000000000000084000000010000000000000000000000000400"/44, @ANYRES32=0x0], 0x30}], 0x1, 0x0)

5m3.666060822s ago: executing program 3 (id=986):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x8, 0x8d, &(0x7f0000000680)=""/141}, 0x22)

5m3.475196991s ago: executing program 33 (id=986):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x8, 0x8d, &(0x7f0000000680)=""/141}, 0x22)

2m21.195976371s ago: executing program 4 (id=2872):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x4b2f, 0x0)

2m21.069168074s ago: executing program 4 (id=2875):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r0, &(0x7f00000008c0)=[{0x0}, {&(0x7f0000000200)="f6", 0x1}], 0x2, 0x0, 0x0)

2m21.00979092s ago: executing program 4 (id=2877):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x1002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x2701, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
lseek(r4, 0x10000000005, 0x0)
r5 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r5, 0x114, 0x2710, &(0x7f0000019440)=""/102400, &(0x7f00000000c0)=0x19000)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)

2m20.099027733s ago: executing program 4 (id=2884):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000020c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000280)='binfmt_misc\x00', 0x800, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

2m19.05743219s ago: executing program 4 (id=2896):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
connect$inet6(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x5)
r3 = socket$kcm(0xa, 0x1, 0x106)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f00000004c0)=""/94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x14, r7, 0x101, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003"], 0x34}}, 0x84)
close(r3)
bind$vsock_stream(r2, 0x0, 0x0)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)

2m18.819168019s ago: executing program 4 (id=2900):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_mount_image$f2fs(&(0x7f0000000380), &(0x7f0000000400)='./bus\x00', 0xa0000b, &(0x7f0000000000)=ANY=[@ANYBLOB="6167655f657874656e745f63616368652c6e6f6c617a7974696d652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6261636b67726f756e645f67633d6f66662c6e6f626172726965722c636f6d70726573735f63616368652c6d6f64653d6c66732c00a0f136a7b12c237938b84e413b4410176f83a54dc492582695e005d110d725abbe2adec1ac2f6f77d172f0a20b3c1a8f19a6b28a8e0ba53dc3bf8ebe1ba50407cd64781927026076251050bd3ce7"], 0x1, 0x551c, &(0x7f00000005c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIude+eNo4oCAHxndmfzAJTFoC2MEEgU0JDNJiSkQxQgi4KfgGQ5m2Cy4ZG4SKIIcEOHXKdBUCKEBDJd/kPqREoTuhRbBInaaF725KH1AvHMrv190t17ZnY099wZyfKZOzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl8ft53yl3dPMuLjbvPLyxkvZ3H+tTtzbuLaYtjaM6k54Pr1Y3ol5ziQAAALCPbH0z8etW0VL3k82ltI+7Wf2flMekNf+PL+RxWc8/XveXfVn7p+2P3x+8vD1QNx8nPen51dHwxJOptP/vVOfVsV2PaGdXPnv20spuSPzR+kvjJLue0fe3b3/QycJDdWQLAPwXx8u+CMrfh9J+0GRiAOwXW7utv7crhXdZ/7e6e58YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNPG6+G5Mo5CCIvtnTh19+GNlaf1tzbuLZbtzM2bG+HbnXOmp0hCCOdXR8MTtc6meYcnfHfl2vWLy6PR8HL9wWshhKZGf6+Y/sVPpjg4hEauj+AZBXFxs2cln/kIavjBBADAgZIULa3r7yebS+m+aCGErZ8erf/frMRhyvr/wadn7lTHqtb/g9pmOPv6a5e+7F+5dv3t1UvLF4YXhp+/c3Lw7uDU2dOnz/azZyX9yU9Mrh6rNV0AAADmUKdo1fo/Xnhy/f9oJQ5T1v9f/TD4ujpWa3L939m7Wc62nUW/pjMBAAA42F58/e+/oqfsjzqdcHV5be3yIP/c3j6ZfzaQ6r92qGjV+r+10HRWAAAAQB3G69Ej6//nKnGYcv3/+Z9f+bV6zlYI4Uix/n985YvRufqmM9Pq+HPipucIAABAs44Urbr+n2Tv/8fbrzzEIYS33sjj4t8ATlX/tz787pfqWNX3/0/VN8WZFPfy65H1vRDavaYzAgAAYD87XLS02P8z2Vz67LejH3e8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQt38CAAD//wcWQag=")

2m18.734798244s ago: executing program 34 (id=2900):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_mount_image$f2fs(&(0x7f0000000380), &(0x7f0000000400)='./bus\x00', 0xa0000b, &(0x7f0000000000)=ANY=[@ANYBLOB="6167655f657874656e745f63616368652c6e6f6c617a7974696d652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6261636b67726f756e645f67633d6f66662c6e6f626172726965722c636f6d70726573735f63616368652c6d6f64653d6c66732c00a0f136a7b12c237938b84e413b4410176f83a54dc492582695e005d110d725abbe2adec1ac2f6f77d172f0a20b3c1a8f19a6b28a8e0ba53dc3bf8ebe1ba50407cd64781927026076251050bd3ce7"], 0x1, 0x551c, &(0x7f00000005c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIude+eNo4oCAHxndmfzAJTFoC2MEEgU0JDNJiSkQxQgi4KfgGQ5m2Cy4ZG4SKIIcEOHXKdBUCKEBDJd/kPqREoTuhRbBInaaF725KH1AvHMrv190t17ZnY099wZyfKZOzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl8ft53yl3dPMuLjbvPLyxkvZ3H+tTtzbuLaYtjaM6k54Pr1Y3ol5ziQAAALCPbH0z8etW0VL3k82ltI+7Wf2flMekNf+PL+RxWc8/XveXfVn7p+2P3x+8vD1QNx8nPen51dHwxJOptP/vVOfVsV2PaGdXPnv20spuSPzR+kvjJLue0fe3b3/QycJDdWQLAPwXx8u+CMrfh9J+0GRiAOwXW7utv7crhXdZ/7e6e58YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNPG6+G5Mo5CCIvtnTh19+GNlaf1tzbuLZbtzM2bG+HbnXOmp0hCCOdXR8MTtc6meYcnfHfl2vWLy6PR8HL9wWshhKZGf6+Y/sVPpjg4hEauj+AZBXFxs2cln/kIavjBBADAgZIULa3r7yebS+m+aCGErZ8erf/frMRhyvr/wadn7lTHqtb/g9pmOPv6a5e+7F+5dv3t1UvLF4YXhp+/c3Lw7uDU2dOnz/azZyX9yU9Mrh6rNV0AAADmUKdo1fo/Xnhy/f9oJQ5T1v9f/TD4ujpWa3L939m7Wc62nUW/pjMBAAA42F58/e+/oqfsjzqdcHV5be3yIP/c3j6ZfzaQ6r92qGjV+r+10HRWAAAAQB3G69Ej6//nKnGYcv3/+Z9f+bV6zlYI4Uix/n985YvRufqmM9Pq+HPipucIAABAs44Urbr+n2Tv/8fbrzzEIYS33sjj4t8ATlX/tz787pfqWNX3/0/VN8WZFPfy65H1vRDavaYzAgAAYD87XLS02P8z2Vz67LejH3e8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQt38CAAD//wcWQag=")

28.276696766s ago: executing program 1 (id=4185):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x82e, &(0x7f00000003c0)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, r0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x37}, 0x0, 0x160, 0x1})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x34}, 0x2f, [0x7, 0xa, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0x10, 0x6, 0x7, 0xe4, 0xff, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x7, 0x9, 0xd, 0x2, 0x12a3, 0x6, 0x3, 0x2, 0x4, 0x7, 0x81, 0x89, 0x79, 0x558e0d31, 0x5, 0x0, 0x91, 0x5, 0x4, 0x7, 0x2000002, 0x803, 0x400, 0x7fff, 0x5, 0xa7, 0x81, 0x8, 0xf9a2, 0x80000001, 0x97, 0x0, 0x2, 0x10000002, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x8, 0x5, 0x2, 0xfffffff3, 0x4, 0x5, 0x1000, 0x800, 0x200b396, 0x400000, 0x0, 0x4, 0x1c, 0x8, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0x8, 0x5, 0x6, 0x2, 0x5, 0x7fffffff, 0x1ff, 0x1, 0x40007fff, 0x10, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x2, 0x4, 0x5, 0xfffffff9, 0x200004, 0xffd, 0xfffff801, 0x8000005], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x1, 0x491, 0xb, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x20006, 0x7, 0x7, 0x15, 0x18c, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100007, 0x8000, 0x3fd, 0x3e55, 0xff, 0xd3, 0x7, 0x3435, 0x5, 0x9, 0xfd, 0x401, 0x101, 0x7ff, 0x60a2, 0x17fc, 0x9d26, 0x2, 0x0, 0x2, 0x2, 0xb, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x2, 0x10000, 0x1, 0x2dd, 0x1], [0xa772, 0x1, 0x5, 0x1, 0xbfc, 0x8, 0x7c81, 0x9, 0xfffffff8, 0x40, 0x101, 0x5, 0x80000000, 0x7, 0x3, 0xa1c, 0x81, 0x6, 0x9d8a, 0x9, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x101, 0x80000001, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0x10c, 0x7f, 0x1000, 0x1ff, 0x5, 0xffffffff, 0x10000, 0xfffffffe, 0x8001, 0x7fff, 0x1000, 0x6, 0xf, 0x10, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x3cb, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x80000001, 0x8, 0x14000, 0x1, 0x1b18]}, 0x45c)
io_uring_enter(r1, 0x27e2, 0xda80, 0x24, 0x0, 0x0)

28.213210053s ago: executing program 1 (id=4188):
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaf1, &(0x7f0000001cc0)="$eJzs3V+IXFf9APBzd3c2u2n7y6a/RNc0tonVtmq7aTZrrAZNSoJgaIr4Uii+hDStwRjBCmopmOTJN1tKCj75B5/6UqoIFkRCn3wp2EAR8lQFfWiIWPChRpORnbln5t6Tmdydze7cnd3PB+6eufecO99zZ+/cuf/OPQHYsMZafxcWZrMQLrz5ypH3H/j79OKUg50SM62/E4WxRgghy8cnkvd7b7ydXv/gxRO90izMt/7G8fDk1c68d4QQzoZd4WKYCTsuXHr57fknjp07en73O68duLI6Sw8AABvL1y4eWNj+lz/ds/Xa6/ceCps60+P++UycMNXe7z+U7/jH/f+xUB5fTLdeToJ037Z03LA4jE2Xi473KFeM00jKTfSIvzhMJlVo9Cm3Kdw6/nhhWq/lhlEW1+OZkI3NhRA2d8bHxubm2sfkoXVcP5nNnTl1+tnna6oosOL+dV8IYVdhOHy+PL7WhoNroA7LHJproA4jORwaXqxrzbbal3lIQ3NL3VsggLb0euFNzmYrGq/zbhNLi3/18bHe88MKGPb6P1D8yZviTw81fqh5+ddA/F+ds8Vh5azXtSkuV/we3ZmPp9cR0vuXXv19eb6u9EpHeWp6PaKxxHr2u44wKtcX+tVzfMj1WK5+9U/Xi/XqS3kaP4cvl3LvK31/0v/pqPyPgd4+TM//GwyrODz2fv11GPkhlMYbt/NezZq3P8Dald4314zXR3OTFfmbKvKnKvKnK/I3V+TfUZEPG9lvvveT8FLWPd+VHtMPej48nme7K0//b8D6pOcjB42f3vc7qNuNn95PDGvZ744/dfKxZ56+1L7/P+us/zfy9T0ebszk362LeYF4vjA9rx7vq+82HCjnp+XuTupzV4/yrdfbyuWybd33CYXtzE31mC3Pt6VfuZ3lcjNJuel8mErqm+6fbE7mi/sfcbsaP6+JZHkbyXJMJvWI25WteZrWA5Yjro+t+/8LF63i/f9x/ZwNjezZU6dPPpqPx/X0j+ONTYvT9w6z0sCKSNv/dMfL7X9mQ7n9z52d6Y2x4nZhS3d61t4uvJG/X3n6fCdOYXrhRy3+zn1zfLpVfu7Ed04/s8LLDhvd8z984VvHT58++V0vlv3iK2ujGoO8iIcta6U+Xgz6Ytdqh6h5wwSsuj0/au8EPHLq28efO/ncyTP79u/fNz+//wv7Fva09uv3FPfui87WUFtgJXV/9OuuCQAAAAAAAAAAALBU3z965NK7b33+crv9f7f9X2z/H+/8je3/f5y0/0/bycd28LEd4NYe+a0yyQNWJ5NyjXz4/6S+25I425P5PpKnnX788vb/MVz6XNdYn48m0xt9RpPHCdz0vJTJ5BkkaX+Bn8jT83n6ywA1yno/wj9db3s83zr7sLCux+dTFJrwNj0feHTE/1trbSg80ii2/+75XKce7bUZLcNosVj3MgK9/WNDPf/7n90FH2C+h2uv90YbJoYb76eDrxPrZWj23Utfag82ACuj7v4//xbaceP5zzN/+OrU4hCLXX28vL1Mn18Kg/jzu+Xxtd7/5GrHT/vtG3b8upd/2P1/dvq/y7d/cbvXf/uX9Jg3s7y4//7ZlcuFsGHHUuOnyx+fA71tsPjX8vhxaR4MS4vf/EUSP70gtET/SeJvXmL8m5Z/5/Li/zePHz+2h+5favx2jbOxcj2mk+WI1//S88bR9WT547M9bxH/6y/0Wv5ldtR4I48PG9mo9DM7qGQ/orPTXtX/76C//7fb/2+nslm5Mul9GJ/Lx+OGON7nkPZ3Mmj94/0V8Xdge/L+WcXvm/5/R9sX87Tq+xD7/43r40z+k18Yb32WcbzR47Ndr9saGFXvbajrf8MarrQPg5Y3/1T99TcMMDTHlzFfp5+4muvfbDZX94RWhVqDU/vnX/dxQt3x6/78q6T9/6b78Gn/v2l+2v9vmp/2/5vmT+f/oX75af+/6eeZ9v+bpRVP3jftH3i2Iv9jFfk7eud3ot9TMf/OivyPV+Tv7uQfLJWI+ffecv5uuX7vf3dF/v0V+Z+syP9URf4DFfkPFfKLfUDH/E8n82dJ/noX26P0+/yA9Sttn+f7DxtHvP7T7/u/rZs/WSwy3FoCq+HV1/cefvrX35hpt/+f7JwPidfxDuXjjfzY6Af5eHrdOxTGF/Peysf/muSv9fMdsJGkz89If/8frMgHRle8z8v3GzagbKr35Dytem5Vv/18Rstn8vSzefpwnj6Sp3N5uidP9+bp/JDqx+o4/MZvD7yUdY/3tyT5S72fPG0PVHpOVAhh3xLrk54fGPR+9vQ5foO63fjLbA4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQm7HW34WF2SyEC2++cuSpY6f2LE452Ckx0/o7URhrdOYL4dE8Hc/Tn+cvrn/w4olieiNPszAfspB1pocnr3Yi3RFCOBt2hYthJuy4cOnlt+efOHbu6Pnd77x24MrqfQIAAACw/v0vAAD//8AFCcQ=")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000280)='./bus\x00', 0x0, 0x0, 0xff, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')

28.053628495s ago: executing program 1 (id=4192):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f00000004c0)={0x2da372091066ca7e, 0xa, 0x1, '$'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

25.715057995s ago: executing program 1 (id=4211):
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x204804, &(0x7f0000000240)={[{@lazytime}, {}, {@filestreams}, {@usrquota}, {@prjquota}]}, 0x4, 0x9647, &(0x7f0000012cc0)="$eJzs3Qm4pnPh+P/nDGNfxlBJqalGtMiaJaqZwQyFZIl2ZElZChXatEhpo0R79i1bWULZWkn2FkoIlSyRFtsw/+uYM4zxJn37/v6+9X6/r+uc53nu577v83k+r3s5R3NdbTZ5o0mDwVyD6Y0bzNrZV02ZOuaK9W89fMuFjlrupDv3e/iK4yeMPE4ceZw0GAxGjbw9NH3Z2MHJp4wazP7A8oead+55huYfDJYfeTmyn8HK0x/mv3TGetNmadaBDj30bZ/pXw+04PCPGH5yyH57HToYDMbMtP3QYDC05yM+qLTNJk6Z/JDVg27DVqNHns/8Ncf0r/kvGAzmP23Ax8fM6w49AR9p+Gfu+fyzRq//BPzs/7g2mzhlnVn8h8/F2UaWrTx8js96Dhqb9Ti/eYnNVx2ZwgeOt8Fg+BL3sHPlP6LNJk5ed/Do1/nB4audt8+06dfNOQfTbxRzDwaDeUaur/M90S717zVx0goP3LNnvB5hn3Es70nHxbFvOuH+4Zv0YDBYeDAYu/aMe0FVVVX9ZzRx0gprwP1/rse6/5944mKndf+vqqr6z22diZNWGL7Xz3L/n++x7v87L3b+h6f/t/8JK0/f6v4n9kNUVVXVv9TkdfD+P+ax7v8rr3Hxut3/q6qq/nPbcL0H7v/zzXL/X+Sx7v+vP2G1xUfWm/F7w30z7XJopv894d6Zls820/J7Zlo+eqb9zLz+HDMtv2um5XMOvwfrjxsMxs7494JTH1o8dtzweyPL755p+YSH/p3O+DVnWj5xpuWTZ1o+aWSsw8unzLR8ykzrr/0YU11VVfV/pg1XmLzGYKZ/Zz+yeNEZ79P9/9zTr176iRpvVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV/Wd2/61nnDUYDIYGg8GowWDqYOT5zI+DadOmTRt+feI5l1zyhA30/0ZDZ181ZeqYK9a/9fAtFzpquZPu3O+hWfqP7T//E9S/07D/XMeMGwx23OSJHko9AXX+u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7j7bz3jrJFjYNRgMHUw8nzPGY+n7/u6N4ysuuqmJ91+wENbjp+w3cizs6+aMnW7J2DsT0BDw591zBXr33r4lgsdtdxJd+73X3D2/Od/gvp3esB/u6HBYOT8HjN8Lq8/ccONlxoMBgfcftKmKw0efG+V4fdWGzvbYLYHNl3qge9rjecd77n29McJw98WeXAfJz6w/3WmHTzb0CyDmKmXnn3d4W/d7M4VZ31c8tE/x6gZTw695tQ7pk2bNu1hC0ea61E2nrH/GZ9l1vN8ZOxLDY99mV13eMcyu+y+x9Lb7bDFtltvu/WOy62wyoorLb/cSqu+eJltttt+62Wnf3+UORv3wPc1Hs+czTfrnN06ceY5m/WzPdqcjXvsOXtgj1P3GNp4xpzN/i/O2RqPPWfjthv5QeMnjB5s/sDUDA0G49ccPdht+MVycw4G49caWXfR4XVXHztqMNj3oQ86/GzOB4/BoT2H19ls8kaTHhrZIz/hI67TD1tx/ISRx4kjj5OmD3Hc4KFDcezg5FNGDc/Fw6Z53rnnGZp/MFh+5OXIfgarjrx70Iz1ps3SrAMdeujbPtO/HmjB4Z0MP3nbsmdcOXwuzrL9/4v+R9f/R3itMvTgRA2NfI2sM91r4pR1HvpZD0zD8NzNNrJs5WGTWefsf7NHjHfc7IMxjzHeyetMWmF48SzzP2MTPL5uW+K8904/tiasPH2r+//HKDTe+R5jvOtMxPHO91jjPeZ9F50yfVf/a+Od5Vq37gPfJzyea93gsa91s9EOtr5w8Vmvda989CE+7DyeMUdzzrLSo13rdjtw+T2H9z/hsa916w6PffTDrnWjBoPxa8y41g1f+CaPHuw7/GL54RdTRg+OGn6xwgMv5h6cM/ziRW/ZafuthhesPWNOlh3e74SxQw+4n7fyTUtO+/y0aWuOjGXC2IePdeT4GDfz/Xzi2OmTOWPbGfsdXnXGfm98yvT3Jo/sd+K/sN8Z29J4b19w+ntTRvY7aZb9jn6M/c7Y9hHnw1JDD164HuV6M3mW683I3zgzftzDvuaY/jX/BYPB/KeR7yzr/tNrJp2/cz3GeCdOWmGN4fHNcv4+eDjS+XvRlCuG7xXzDwaDhQeDsWvPGPu/2NCjjXf2xx7vJBjv7I813suO3mG9/4XxDmYa78OOs802nH6srD1ynE35F47fGdvOeh0b/cC70y/7az+e69i4R1zHPjTbqFkme6Ye7Xe2rWD96c8Xfej33KuOP3LG3I+eZb//7He2mT7LEFzHxszy9/yota8dDNGc73nM6hcP7f/Ycz568PC/LWbM+YxtH2vOpzyeOX/6Y8/54/09eannTH9/9Czjn3nON/jU0z45Y87nmGW//2zOpzz2veORcz5hMJrmfNl7ps/bY11PH23OZ2w7Y86HP+JqY2cfrDV8zxqZ88mPZ84X/d85zueB9ac/3/rBRWceftJrZsz5rHP8z+Z88r865+MePM7HP/Des0cN5phjsNsWu+6683LTv894ufz073wtuuuq6fP8WPfSRzOase1jnRdrPh6jMY/LaOifGS02+6MZPXRqHbbTzk/+n16L1vxXjQZ8LbriyOnz9li/Fz3anM/Ylu6Di8y0/ax/h2643gO/d883y31wxiZ4Hzzz9HX3nrHLkc3um2WYM+6r9860fLaZlt8z0/LRM+1n5vXnmGn5XTMtH/4Ic8y0/gzWccN/844sn/rQ6mOHf3kaN7L87pmWT3ho2/FrzrR84kzLJ8+0fNJDh8b4KTMtnzLT+msP/sVm/Dfp7Wa9yNfjrf/+6y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9z9t55x1sgxMGowmDqY/nxo5HGw59AGt7x8+HEwGIxe+bhpGzzR432CGzr7qilTx1yx/q2Hb7nQUcuddOd+/wVnz3/+J6h/pwf8txsaDEbO7zHbDQaD9SduuPFSg8Fgg2nHrTxq8OB7iw6/t/rYUYPBvkMP28GcD64ztOfwOptN3mjSYDDXyBrjHvFDH3EePWzF8RNGHieOPE6afn0aN3joeB07OPmUUYPZH1j+UPPOPc/Q/IPB8iMvR/YzWHn6w/yXzlhv2izNOtChh77tM/3rgRYc/hHDT3bbdsozhudqlu3/zzTjWr3dqH+6aue/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL392/5t/R8t9Wou7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+6oam/7+7lrXOf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vf3f/cf5fZ/1cHUk9Inf/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c/beecdbIMTBqMJg6mP58aM+Rx8HQCSc/b+QQGb375Ucc/ESP9wlu6Oyrpkwdc8X6tx6+5UJHLXfSnfv9F5w9//mfoP6dHvDfbmgwGDm/x2w3GAzWn7jhxksNBoODj7h891GDB99bdPi91ceOGgz2HXrYDuZ8cJ2hPYfX2WzyRpMGg7lG1hj3iB/6iPPoYSuOnzDyOHHkcdL069O4wUPH69jByaeMGsz+wPKHmnfueYbmHwyWH3k5sp/BytMf5r90xnrTZmnWgQ499G2f6V8PtODwjxh+std8V50wPFezbP9/phnX6u1G/dNVO//d5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3P23nnHWyDEwajCYOpj+fNTI49CeN1z/gY2HH4dfL7T23lc90eN9ghs6+6opU8dcsf6th2+50FHLnXTnfv8FZ89//ieof6dh/7mOGTcY7LjJEz2UegLq/HeXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9x9996xlkjT0c9tHTUnh0X2NDZV02ZOuaK9W89fMuFjlrupDv3e6IH9O/2KP4fyh+z+H84f8zi/5H8MYv/R/PHLP575Y9Z/D+WP2bx3zt/zOL/8fwxi/8n8scs/vvkj1n8P5k/ZvH/VP6Yxf/T+WMW/8/kj1n8P5s/ZvHfN3/M4r9f/pjF/3P5Yxb/z+ePWfz3zx+z+H8hf8zif0D+mMX/wPwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/L+ZP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP7fyh+z+H87f8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+38kfs/iflj9m8T89f8zif0b+mMX/u/ljFv/v5Y9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/9/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+J+XP2bxPz9/zOL/0/wxi/8F+WMW/5/lj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+P88fs/j/In/M4v/L/DGL/6/yxyz+V+SPWfyvzB+z+P86f8zi/5v8MYv/VfljFv/f5o9Z/K/OH7P4X5M/ZvG/Nn/M4v+7/DGL/3X5Yxb/6/PHLP435I9Z/H+fP2bx/0P+mMX/j/ljFv8b88cs/n/KH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/n/PHLP635Y9Z/G/PH7P4/yV/zOJ/R/6Yxf+v+WMW/7/lj1n8/54/ZvH/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P4T80fs/jflz9m8b8/f8ziPy1/TOI/2yB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/+C+WMW/zH5Yxb/hfLHLP5j88cs/gvnj1n8F8kfs/g/KX/M4v/k/DGL/1Pyxyz+i+aPWfyfmj9m8V8sf8zi/7T8MYv/0/PHLP6L549Z/J+RP2bxf2b+mMV/XP6Yxf9Z+WMW/2fn/4hmH3k0+D8nf8xy/o/PH7P4L5E/ZvF/bv6YxX/J/DGL/1L5Yxb/5+WPWfyfnz9m8X9B/pjF/4X5Yxb/pfPHLP4vyh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4vzh+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/0vyxyz+q+WPWfxXzx+z+L80f8zi/7L8MYv/y/PHLP4T8scs/hPzxyz+k/LHLP5r5I9Z/NfMH7P4r5U/ZvGfnD9m8Z+i8p/tca9p8V9b5f/4s/ivkz9m8X9F/pjF/5X5Yxb/dfPHLP7r5Y9Z/NfPH7P4vyp/zOK/Qf6Yxf/V+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bxf03+mMV/0/wxi/9m+WMW/9fmj1n8X5c/ZvF/ff6Yxf8N+WMW/zfmj1n835Q/ZvF/c/6YxX/z/DGL/xb5Yxb/LfPHLP5vyR+z+G+VP2bx3zp/zOK/Tf6YxX/b/DGL/1vzxyz+2+WPWfzflj9m8X97/pjFf/v8MYv/DvljFv8d88cs/jvlj1n835E/ZvF/Z/6YxX/n/DGL/y75Yxb/XfPHLP7vyh+z+L87f8zi/578MYv/bvljFv/d88cs/nvkj1n835s/ZvF/X/6Yxf/9+WMW/w/kj1n8P5g/ZvHfM3/M4v+h/DGL/4fzxyz+H8kfs/h/NH/M4r9X/pjF/2P5Yxb/vfPHLP4fzx+z+H8if8ziv0/+mMX/k/ljFv9P5Y9Z/D+dP2bx/0z+mMX/s/ljFv9988cs/vvlj1n8P5c/ZvH/fP6YxX///DGL/xfyxyz+B+SPWfwPzB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP7fyB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/5v5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4v+t/DGL/7fzxyz+J+WPWfxPzh+z+J+SP2bxPzV/zOL/nfwxi/9p+WMW/9Pzxyz+Z+SPWfy/mz9m8f9e/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/h/P3/M4v+D/DGL/w/zxyz+P8ofs/j/OH/M4v+T/DGL/3n5Yxb/8/PHLP4/zR+z+F+QP2bx/1n+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOL/8/wxi/8v8scs/r/MH7P4/yp/zOJ/Rf6Yxf/K/DGL/6/zxyz+v8kfs/hflT9m8f9t/pjF/+r8MYv/NfljFv9r88cs/r/LH7P4X5c/ZvG/Pn/M4n9D/pjF//f5Yxb/P+SPWfz/mD9m8b8xf8zi/6f8MYv/TfljFv+b88cs/rfkj1n8b80fs/j/OX/M4n9b/pjF//b8MYv/X/LHLP535I9Z/P+aP2bx/1v+mMX/7/ljFv9/5I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/1Pwxi/99+WMW//vzxyz+0/LHJP6zD/LHLP5D+WMW/1H5Yxb/2fLHLP6z549Z/Efnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxH5M/ZvFfKH/M4j82f8ziv3D+mMV/kfwxi/+T8scs/k/OH7P4PyV/zOK/aP6Yxf+p+WMW/8Xyxyz+T8sfs/g/PX/M4r94/pjF/xn5Yxb/Z+aPWfzH5Y9Z/J+VP2bxf3b+mMX/OfljFv/x+WMW/yXyxyz+z80fs/gvmT9m8V8qf8zi/7z8MYv/8/PHLP4vyB+z+L8wf8ziv3T+mMX/RfljFv9l8scs/svmj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMX/xfljFv+V8scs/ivnj1n8V8kfs/ivmj9m8X9J/pjFf7X8MYv/6vljFv+X5o9Z/F+WP2bxf3n+mMV/Qv6YxX9i/pjFf1L+mMV/jfwxi/+a+WMW/7Xyxyz+k/PHLP5T8scs/mvnj1n818kfs/i/In/M4v/K/DGL/7r5Yxb/9fLHLP7r549Z/F+VP2bx3yB/zOL/6sEl+UMW/w07/zGL/0b5Yxb/jfPHLP6b5I9Z/F+TP2bx3zR/zOK/Wf6Yxf+1+WMW/9flj1n8X58/ZvF/Q/6Yxf+N+WMW/zflj1n835w/ZvHfPH/M4r9F/pjFf8v8MYv/W/LHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v/W/DGL/3b5Yxb/t+WPWfzfnj9m8d8+f8ziv0P+mMV/x/wxi/9O+WMW/3fkj1n835k/ZvHfOX/M4r9L/pjFf9f8MYv/u/LHLP7vzh+z+L8nf8ziv1v+mMV/9/wxi/8e+WMW//fmj1n835c/ZvF/f/6Yxf8D+WMW/w/mj1n898wfs/h/KH/M4v/h/DGL/0fyxyz+H80fs/jvlT9m8f9Y/pjFf+/8MYv/x/PHLP6fyB+z+O+TP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bx/2z+mMV/3/wxi/9++WMW/8/lj1n8P58/ZvHfP3/M4v+F/DGL/wH5Yxb/A/PHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8f9m/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/h/K3/M4v/t/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4fyd/zOJ/Wv6Yxf/0/DGL/xn5Yxb/7+aPWfy/lz9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9e/pjF//z8MYv/T/PHLP4X5I9Z/H+WP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X5E/ZvG/Mn/M4v/r/DGL/2/yxyz+V+U/3LTZZllg8f9t/pjF/+r8MYv/NfljFv9r88cs/r/LH7P4X5c/ZvG/Pn/M4n9D/pjF//f5Yxb/P+SPWfz/mD9m8b8xf8zi/6f8MYv/TfljFv+b88cs/rfkj1n8b80fs/j/OX/M4n9b/pjF//b8MYv/X/LHLP535I9Z/P+aP2bx/1v+mMX/7/ljFv9/5I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/1Pwxi/99+WMW//vzxyz+0/LHJP6jB/ljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP4L5I9Z/BfMH7P4j8kfs/gvlD9m8R+bP2bxXzh/zOK/SP6Yxf9J+WMW/yfnj1n8n5I/ZvFfNH/M4v/U/DGL/2L5Yxb/p+WPWfyfnj9m8V88f8zi/4z8MYv/M/PHLP7j8scs/s/KH7P4Pzt/zOL/nPwxi//4/DGL/xL5Yxb/5+aPWfyXzB+z+C+VP2bxf17+mMX/+fljFv8X5I9Z/F+YP2bxXzp/zOL/ovwxi/8y+WMW/2Xzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOL/4vwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+L8kf8ziv1r+mMV/9fwxi/9L88cs/i/LH7P4vzx/zOI/IX/M4j8xf8ziPyl/zOK/Rv6YxX/N/DGL/1r5Yxb/yfljFv8p+WMW/7Xzxyz+6+SPWfxfkT9m8X9l/pjFf938MYv/evljFv/188cs/q/KH7P4b5A/ZvF/df6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/F+TP2bx3zR/zOK/Wf6Yxf+1+WMW/9flj1n8X58/ZvF/Q/6Yxf+N+WMW/zflj1n835w/ZvHfPH/M4r9F/pjFf8v8MYv/W/LHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v/W/DGL/3b5Yxb/t+WPWfzfnj9m8d8+f8ziv0P+mMV/x/wxi/9O+WMW/3fkj1n835k/ZvHfOX/M4r9L/pjFf9f8MYv/u/LHLP7vzh+z+L8nf8ziv1v+mMV/9/wxi/8e+WMW//fmj1n835c/ZvF/f/6Yxf8D+WMW/w/mj1n898wfs/h/KH/M4v/h/DGL/0fyxyz+H80fs/jvlT9m8f9Y/pjFf+/8MYv/x/PHLP6fyB+z+O+TP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bx/2z+mMV/3/wxi/9++WMW/8/lj1n8P58/ZvHfP3/M4v+F/DGL/wH5Yxb/A/PHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8f9m/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/h/K3/M4v/t/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4fyd/zOJ/Wv6Yxf/0/DGL/xn5Yxb/7+aPWfy/lz9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9e/pjF//z8MYv/T/PHLP4X5I9Z/H+WP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X5E/ZvG/Mn/M4v/r/DGL/2/yxyz+V+WPWfx/mz9m8b86f8zif03+mMX/2vwxi//v8scs/tflj1n8r88fs/jfkD9m8f99/pjF/w/5Yxb/P+aPWfxvzB+z+P8pf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+f84fs/jflj9m8b89f8zi/5f8MYv/HfljFv+/5o9Z/P+WP2bx/3v+mMX/H/ljFv8788cs/nflj1n8784fs/jfkz9m8b83f8ziPzV/zOJ/X/6Yxf/+/DGL/7T8MYn/HIP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/Mfkj1n8F8ofs/iPzR+z+C+cP2bxXyR/zOL/pPwxi/+T88cs/k/JH7P4L5o/ZvF/av6YxX+x/DGL/9Pyxyz+T88fs/gvnj9m8X9G/pjF/5n5Yxb/cfljFv9n5Y9Z/J+dP2bxf07+mMV/fP6YxX+J/DGL/3Pzxyz+S+aPWfyXyh+z+D8vf8zi//z8MYv/C/LHLP4vzB+z+C+dP2bxf1H+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxf3H+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxfkj9m8V8tf8ziv3r+mMX/pfljFv+X5Y9Z/F+eP2bxn5A/ZvGfmD9m8Z+UP2bxXyN/zOK/Zv6YxX+t/DGL/+T8MYv/lPwxi//a+WMW/3Xyxyz+r8gfs/i/Mn/M4r9u/pjFf738MYv/+vljFv9X5Y9Z/DfIH7P4vzp/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6vyR+z+G+aP2bx3yx/zOL/2vwxi//r8scs/q/PH7P4vyF/zOL/xvwxi/+b8scs/m/OH7P4b54/ZvHfIn/M4r9l/pjF/y35Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvF/a/6YxX+7/DGL/9vyxyz+b88fs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/878scs/u/MH7P475w/ZvHfJX/M4r9r/pjF/135Yxb/d+ePWfzfkz9m8d8tf8ziv3v+mMV/j/wxi/9788cs/u/LH7P4vz9/zOL/gfwxi/8H88cs/nvmj1n8P5Q/ZvH/cP6Yxf8j+WMW/4/mj1n898ofs/h/LH/M4r93/pjF/+P5Yxb/T+SPWfz3yR+z+H8yf8zi/6n8MYv/p/PHLP6fyR+z+H82f8ziv2/+mMV/v/wxi//n8scs/p/PH7P4758/ZvH/Qv6Yxf+A/DGL/4H5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/h/M3/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8v5U/ZvH/dv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/L+TP2bxPy1/zOJ/ev6Yxf+M/DGL/3fzxyz+38sfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvE/L3/M4n9+/pjF/6f5Yxb/C/LHLP4/yx+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/IH7P4X5k/ZvH/df6Yxf83+WMW/6vyxyz+v80fs/hfnT9m8b8mf8zif23+mMX/d/ljFv/r8scs/tfnj1n8b8gfs/j/XuU/+nGvafH/g8r/8Wfx/2P+mMX/xvwxi/+f8scs/jflj1n8b84fs/jfkj9m8b81f8zi/+f8MYv/bfljFv/b88cs/n/JH7P435E/ZvH/a/6Yxf9v+WMW/7/nj1n8/5E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/lPzxyz+9+WPWfzvzx+z+E/LH5P4zznIH7P4D+WPWfxH5Y9Z/GfLH7P4z54/ZvEfnT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6YxX9M/pjFf6H8MYv/2Pwxi//C+WMW/0Xyxyz+T8ofs/g/OX/M4v+U/DGL/6L5Yxb/p+aPWfwXyx+z+D8tf8zi//T8MYv/4vljFv9n5I9Z/J+ZP2bxH5c/ZvF/Vv6Yxf/Z+WMW/+fkj1n8x+ePWfyXyB+z+D83f8ziv2T+mMV/qfwxi//z8scs/s/PH7P4vyB/zOL/wvwxhf/4wZxL548p/AeDOV+UP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/F+cP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/l+SPWfxXyx+z+K+eP2bxf2n+mMX/ZfljFv+X549Z/Cfkj1n8J+aPWfwn5Y9Z/NfIH7P4r5k/ZvFfK3/M4j85f8ziPyV/zOK/dv6YxX+d/DGL/yvyxyz+r8wfs/ivmz9m8V8vf8ziv37+mMX/VfljFv8N8scs/q/OH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/a/LHLP6b5o9Z/DfLH7P4vzZ/zOL/uvwxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/pvnj1n8t8gfs/hvmT9m8X9L/pjFf6v8MYv/1vljFv9t8scs/tvmj1n835o/ZvHfLn/M4v+2/DGL/9vzxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/jvwxi/8788cs/jvnj1n8d8kfs/jvmj9m8X9X/pjF/935Yxb/9+SPWfx3yx+z+O+eP2bx3yN/zOL/3vwxi//78scs/u/PH7P4fyB/zOL/wfwxi/+e+WMW/w/lj1n8P5w/ZvH/SP6Yxf+j+WMW/73yxyz+H8sfs/jvnT9m8f94/pjF/xP5Yxb/ffLHLP6fzB+z+H8qf8zi/+n8MYv/Z/LHLP6fzR+z+O+bP2bx3y9/zOL/ufwxi//n88cs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+38wfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/2/lj1n8v50/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/v5I9Z/E/LH7P4n54/ZvE/I3/M4v/d/DGL//fyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf/7+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8z8sfs/ifnz9m8f9p/pjF/4L8MYv/z/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv+f549Z/H+RP2bx/2X+mMX/V/ljFv8r8scs/lfmj1n8f50/ZvH/Tf6Yxf+q/DGL/2/zxyz+V+ePWfyvyR+z+F+bP2bx/13+mMX/uvwxi//1+WMW/xvyxyz+v88fs/j/IX/M4v/H/DGL/435Yxb/P+WPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf/P+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zi/9f8MYv/3/LHLP5/zx+z+P8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfyn5o9Z/O/LH7P4358/ZvGflj8m8Z9rkD9m8R/KH7P4j8ofs/jPlj9m8Z89f8ziPzp/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/mPwxi/9C+WMW/7H5Yxb/hfPHLP6L5I9Z/J+UP2bxf3L+mMX/KfljFv9F88cs/k/NH7P4L5Y/ZvF/Wv6Yxf/p+WMW/8Xzxyz+z8gfs/g/M3/M4j8uf8zi/6z8MYv/s/PHLP7PyR+z+I/PH7P4L5E/ZvF/bv6YxX/J/DGL/1L5Yxb/5+WPWfyfnz9m8X9B/pjF/4X5Yxb/pfPHLP4vyh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4vzh+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/0vyxyz+q+WPWfxXzx+z+L80f8zi/7L8MYv/y/PHLP4T8scs/hPzxyz+k/LHLP5r5I9Z/NfMH7P4r5U/ZvGfnD9m8Z+SP2bxXzt/zOK/Tv6Yxf8V+WMW/1fmj1n8180fs/ivlz9m8V8/f8zi/6r8MYv/BvljFv9X549Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjF/zX5Yxb/TfPHLP6b5Y9Z/F+bP2bxf13+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv/N88cs/lvkj1n8t8wfs/i/JX/M4r9V/pjFf+v8MYv/NvljFv9t88cs/m/NH7P4b5c/ZvF/W/6Yxf/t+WMW/+3zxyz+O+SPWfx3zB+z+O+UP2bxf0f+mMX/nfljFv+d88cs/rvkj1n8d80fs/i/K3/M4v/u/DGL/3vyxyz+u+WPWfx3zx+z+O+RP2bxf2/+mMX/ffljFv/3549Z/D+QP2bx/2D+mMV/z/wxi/+H8scs/h/OH7P4fyR/zOL/0fwxi/9e+WMW/4/lj1n8984fs/h/PH/M4v+J/DGL/z75Yxb/T+aPWfw/lT9m8f90/pjF/zP5Yxb/z+aPWfz3zR+z+O+XP2bx/1z+mMX/8/ljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2/mj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/+38scs/t/OH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/d/LHLP6n5Y9Z/E/PH7P4n5E/ZvH/bv6Yxf97+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/uflj1n8z38c/lcs8P9yYP83s/j/tPMfs/hfkD9m8f9Z/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif0X+mMX/yvwxi/+v88cs/r/JH7P4X5U/ZvH/bf6Yxf/q/DGL/zX5Yxb/a/PHLP6/yx+z+F+XP2bxvz5/zOJ/Q/6Yxf/3+WMW/z/kj1n8/5g/ZvG/MX/M4v+n/DGL/035Yxb/m/PHLP635I9Z/G/NH7P4/zl/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/9T8MYv/ffljFv/788cs/tPyxyT+cw/yxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8R+TP2bxXyh/zOI/Nn/M4r9w/pjFf5H8MYv/k/LHLP5Pzh+z+D8lf8ziv2j+mMX/qfljFv/F8scs/k/LH7P4Pz1/zOK/eP6Yxf8Z+WMW/2fmj1n8x+WPWfyflT9m8X92/pjF/zn5Yxb/8fljFv8l8scs/s/NH7P4L5k/ZvFfKn/M4v+8/DGL//Pzxyz+L8gfs/i/MH/M4r90/pjF/0X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/8X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/Sf6YxX+1/DGL/+r5Yxb/l+aPWfxflj9m8X95/pjFf0L+mMV/Yv6YxX9S/pjFf438MYv/mvljFv+18scs/pPzxyz+U/LHLP5r549Z/NfJH7P4vyJ/zOL/yvwxi/+6+WMW//Xyxyz+6+ePWfxflT9m8d8gf8zi/+r8MYv/hvljFv+N8scs/hvnj1n8N8kfs/i/Jn/M4r9p/pjFf7P8MYv/a/PHLP6vyx+z+L8+f8zi/4b8MYv/G/PHLP5vyh+z+L85f8ziv3n+mMV/i/wxi/+W+WMW/7fkj1n8t8ofs/hvnT9m8d8mf8ziv23+mMX/rfljFv/t8scs/m/LH7P4vz1/zOK/ff6YxX+H/DGL/475Yxb/nfLHLP7vyB+z+L8zf8ziv3P+mMV/l/wxi/+u+WMW/3flj1n8350/ZvF/T/6YxX+3/DGL/+75Yxb/PfLHLP7vzR+z+L8vf8zi//78MYv/B/LHLP4fzB+z+O+ZP2bx/1D+mMX/w/ljFv+P5I9Z/D+aP2bx3yt/zOL/sfwxi//e+WMW/4/nj1n8P5E/ZvHfJ3/M4v/J/DGL/6fyxyz+n84fs/h/Jn/M4v/Z/DGL/775Yxb//fLHLP6fyx+z+H8+f8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOL/zfwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bx/1b+mMX/2/ljFv+T8scs/ifnj1n8T8kfs/ifmj9m8f9O/pjF/7T8MYv/6fljFv8z8scs/t/NH7P4fy9/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/L+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/vPwxi//5+WMW/5/mj1n8L8gfs/j/LH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8f95/pjF/xf5Yxb/X+aPWfx/lT9m8b8if8zif2X+mMX/1/ljFv/f5I9Z/K/KH7P4/zZ/7OH+o5/o4fz7PYr/1fljlvP/mvwxi/+1+WMW/9/lj1n8r8sfs/hfnz9m8b8hf8zi//v8MYv/H/LHLP5/zB+z+N+YP2bx/1P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfz/nD9m8b8tf8zif3v+mMX/L/ljFv878scs/n/NH7P4/y1/zOL/9/wxi/8/8scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMV/av6Yxf++/DGL//35Yxb/afljEv95BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/7Yf7//XA++lf8j++/3f6B55ssfs/jPnz9m8V8gf8ziv2D+mMV/TP6YxX+h/DGL/9j8MYv/wvljFv9F8scs/k/KH7P4Pzl/zOL/lPwxi/+i+WMW/6fmj1n8F8sfs/g/LX/M4v/0/DGL/+L5Yxb/Z+SPWfyfmT9m8R+XP2bxf1b+mMX/2fljFv/n5I9Z/Mfnj1n8l8gfs/g/N3/M4r9k/pjFf6n8MYv/8/LHLP7Pzx+z+L8gf8zi/8L8MYv/0vljFv8X5Y9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv8X549Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/yX5Yxb/1fLHLP6r549Z/F+aP2bxf1n+mMX/5fljFv8J+WMW/4n5Yxb/SfljFv818scs/mvmj1n818ofs/hPzh+z+E/JH7P4r50/ZvFfJ3/M4v+K/DGL/yvzxyz+6+aPWfzXyx+z+K+fP2bxf1X+mMV/g/wxi/+r88cs/hvmj1n8N8ofs/hvnD9m8d8kf8zi/5r8MYv/pvljFv/N8scs/q/NH7P4vy5/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi//m+WMW/y3yxyz+W+aPWfzfkj9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/7fmj1n8t8sfs/i/LX/M4v/2/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P4vyN/zOL/zvwxi//O+WMW/13yxyz+u+aPWfzflT9m8X93/pjF/z35Yxb/3fLHLP67549Z/PfIH7P4vzd/zOL/vvwxi//788cs/h/IH7P4fzB/zOK/Z/6Yxf9D+WMW/w/nj1n8P5I/ZvH/aP6YxX+v/DGL/8fyxyz+e+ePWfw/nj9m8f9E/pjFf5/8MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/Z/PHLP775o9Z/PfLH7P4fy5/zOL/+fwxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/zfzxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf9b+WMW/2/nj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/O/ljFv/T8scs/qfnj1n8z8gfs/h/N3/M4v+9/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW//Pyxyz+5+ePWfx/mj9m8b8gf8zi/7P8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/5/ljFv9f5I9Z/H+ZP2bx/1X+mMX/ivwxi/+V+WMW/1/nj1n8f5M/ZvG/Kn/M4v/b/DGL/9X5Yxb/a/LHLP7X5o9Z/H+XP2bxvy5/zOJ/ff6Yxf+G/DGL/+/zxyz+f8gfs/j/MX/M4n9j/pjF/0/5Yxb/m/LHLP43549Z/G/JH7P435o/ZvH/c/6Yxf+2/DGL/+35Yxb/v+SPWfzvyB+z+P81f8zi/7f8MYv/3/PHLP7/yB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/qfljFv/78scs/vfnj1n8p+WPSfznHeSPWfyH8scs/qPyxyz+s+WPWfxnzx+z+I/OH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8ziPyZ/zOK/UP6YxX9s/pjFf+H8MYv/IvljFv8n5Y9Z/J+cP2bxf0r+mMV/0fwxi/9T88cs/ovlj1n8n5Y/ZvF/ev6YxX/x/DGL/zPyxyz+z8wfs/iPyx+z+D8rf8zi/+z8MYv/c/LHLP7j88cs/kvkj1n8n5s/ZvFfMn/M4r9U/pjF/3n5Yxb/5+ePWfxfkD9m8X9h/pjFf+n8MYv/i/LHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/i/PHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v+S/DGL/2r5Yxb/1fPHLP4vzR+z+L8sf8zi//L8MYv/hPwxi//E/DGL/6T8MYv/GvljFv8188cs/mvlj1n8J+ePWfyn5I9Z/NfOH7P4r5M/ZvF/Rf6Yxf+V+WMW/3Xzxyz+6+WPWfzXzx+z+L8qf8ziv0H+mMX/1fljFv8N88cs/hvlj1n8N84fs/hvkj9m8X9N/pjFf9P8MYv/ZvljFv/X5o9Z/F+XP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMV/8/wxi/8W+WMW/y3zxyz+b8kfs/hvlT9m8d86f8ziv03+mMV/2/wxi/9b88cs/tvlj1n835Y/ZvF/e/6YxX/7/DGL/w75Yxb/HfPHLP475Y9Z/N+RP2bxf2f+mMV/5/wxi/8u+WMW/13zxyz+78ofs/i/O3/M4v+e/DGL/275Yxb/3fPHLP575I9Z/N+bP2bxf1/+mMX//fljFv8P5I9Z/D+YP2bx3zN/zOL/ofwxi/+H88cs/h/JH7P4fzR/zOK/V/6Yxf9j+WMW/73zxyz+H88fs/h/In/M4r9P/pjF/5P5Yxb/T+WPWfw/nT9m8f9M/pjF/7P5Yxb/ffPHLP775Y9Z/D+XP2bx/3z+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf+b+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOL/rfwxi/+388cs/iflj1n8T84fs/ifkj9m8T81f8zi/538MYv/afljFv/T88cs/mfkj1n8v5s/ZvH/Xv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/95+WMW//Pzxyz+P80fs/hfkD9m8f9Z/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif0X+mMX/yvwxi/+v88cs/r/JH7P4X5U/ZvH/bf6Yxf/q/DGL/zX5Yxb/a/PHLP6/yx+z+F+XP2bxvz5/zOJ/Q/6Yxf/3+WMW/z/kj1n8/5g/ZvG/MX/M4v+n/DGL/035Yxb/m/PHLP635I9Z/G/NH7P4/zl/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/9T8MYv/ffljFv/788cs/tPyxyT+8w3yxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8R+TP2bxXyh/zOI/Nn/M4r9w/pjFf5H8MYv/k/LHLP5Pzh+z+D8lf8ziv2j+mMX/qfljFv/F8scs/k/LH7P4Pz1/zOK/eP6Yxf8Z+WMW/2fmj1n8x+WPWfyflT9m8X92/pjF/zn5Yxb/8fljFv8l8scs/s/NH7P4L5k/ZvFfKn/M4v+8/DGL//Pzxyz+L8gfs/i/MH/M4r90/pjF/0X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/8X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/Sf6YxX+1/DGL/+r5Yxb/l+aPWfxflj9m8X95/pjFf0L+mMV/Yv6YxX9S/pjFf438MYv/mvljFv+18scs/pPzxyz+U/LHLP5r549Z/NfJH7P4vyJ/zOL/yvwxi/+6+WMW//Xyxyz+6+ePWfxflT9m8d8gf8zi/+r8MYv/hvljFv+N8scs/hvnj1n8N8kfs/i/Jn/M4r9p/pjFf7P8MYv/a/PHLP6vyx+z+L8+f8zi/4b8MYv/G/PHLP5vyh+z+L85f8ziv3n+mMV/i/wxi/+W+WMW/7fkj1n8t8ofs/hvnT9m8d8mf8ziv23+mMX/rfljFv/t8scs/m/LH7P4vz1/zOK/ff6YxX+H/DGL/475Yxb/nfLHHvTf5oT/av935I9Zzv935o9Z/HfOH7P475I/ZvHfNX/M4v+u/DGL/7vzxyz+78kfs/jvlj9m8d89f8ziv0f+mMX/vfljFv/35Y9Z/N+fP2bx/0D+mMX/g/ljFv8988cs/h/KH7P4fzh/zOL/kfwxi/9H88cs/nvlj1n8P5Y/ZvHfO3/M4v/x/DGL/yfyxyz+++SPWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfw/mz9m8d83f8ziv1/+mMX/c/ljFv/P549Z/PfPH7P4fyF/zOJ/QP6Yxf/A/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/h/PX/M4v+N/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n+E0n+Of7qGxf9Ipf8/z+J/VP6Yxf/o/DGL/zH5Yxb/b+aPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/E/DGL/7fyxyz+384fs/iflD9m8T85f8zif0r+mMX/1Pwxi/938scs/qflj1n8T88fs/ifkT9m8f9u/pjF/3v5Yxb/M/PHLP5n5Y9Z/M/OH7P4n5M/ZvE/N3/M4v/9/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+5+WPWfzPzx+z+P80f8zif0H+mMX/Z/ljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zif1n+mMX/8vwxi//P88cs/r/IH7P4/zJ/zOL/q/wxi/8V+WMW/yvzxyz+v84fs/j/Jn/M4n9V/pjF/7f5Yxb/q/PHLP7X5I9Z/K/NH7P4/y5/zOJ/Xf6Yxf/6/DGL/w35Yxb/3+ePWfz/kD9m8f9j/pjF/8b8MYv/n/LHLP435Y9Z/G/OH7P435I/ZvG/NX/M4v/n/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bx/2v+mMX/b/ljFv+/549Z/P+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP5T88cs/vflj1n8788fs/hPyx+T+M8/eAz/D/7/MKz/q1n8hzr/MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/iPyR+z+C+UP2bxH5s/ZvFfOH/M4r9I/pjF/0n5Yxb/J+ePWfyfkj9m8V80f8zi/9T8MYv/YvljFv+n5Y9Z/J+eP2bxXzx/zOL/jPwxi/8z88cs/uPyxyz+z8ofs/g/O3/M4v+c/DGL//j8MYv/EvljFv/n5o9Z/JfMH7P4L5U/ZvF/Xv6Yxf/5+WMW/xfkj1n8X5g/ZvFfOn/M4v+i/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v/i/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4vyR/zOK/Wv6YxX/1/DGL/0vzxyz+L8sfs/i/PH/M4j8hf8ziPzF/zOI/KX/M4r9G/pjFf838MYv/WvljFv/J+WMW/yn5Yxb/tfPHLP7r5I9Z/F+RP2bxf2X+mMV/3fwxi/96+WMW//Xzxyz+r8ofs/hvkD9m8X91/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8X5M/ZvHfNH/M4r9Z/pjF/7X5Yxb/1+WPWfxfnz9m8X9D/pjF/435Yxb/N+WPWfzfnD9m8d88f8ziv0X+mMV/y/wxi/9b8scs/lvlj1n8t84fs/hvkz9m8d82f8zi/9b8MYv/dvljFv+35Y9Z/N+eP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/d+SPWfzfmT9m8d85f8ziv0v+mMV/1/wxi/+78scs/u/OH7P4vyd/zOK/W/6YxX/3/DGL/x75Yxb/9+aPWfzflz9m8X9//pjF/wP5Yxb/D+aPWfz3zB+z+H8of8zi/+H8MYv/R/LHLP4fzR+z+O+VP2bx/1j+mMV/7/wxi//H88cs/p/IH7P475M/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvH/bP6YxX/f/DGL/375Yxb/z+WPWfw/nz9m8d8/f8zi/4X8MYv/AfljFv8D88cs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/gflj1n8D84fs/gfkj9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bx/2b+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+H8rf8zi/+38MYv/SfljFv+T88cs/qfkj1n8T80fs/h/J3/M4n9a/pjF//T8MYv/GfljFv/v5o9Z/L+XP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif17+mMX//Pwxi/9P88cs/hfkj1n8f5Y/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfkT9m8b8yf8zi/+v8MYv/b/LHLP5X5Y9Z/H+bP2bxvzp/zOJ/Tf6Yxf/a/DGL/+/yxyz+1+WPWfyvzx+z+N+QP2bx/33+mMX/D/ljFv8/5o9Z/G/MH7P4/yl/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP5/zh+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOI/NX/M4n9f/pjF//78MYv/tPwxif8Cg/wxi/9Q/pjFf1T+mMV/tvwxi//s+WMW/9H5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8x+SPWfwXyh+z+I/NH7P4L5w/ZvFfJH/M4v+k/DGL/5Pzxyz+T8kfs/gvmj9m8X9q/pjFf7H8MYv/0/LHLP5Pzx+z+C+eP2bxf0b+mMX/mfljFv9x+WMW/2flj1n8n50/ZvF/Tv6YxX98/pjFf4n8MYv/c/PHLP5L5o9Z/JfKH7P4Py9/zOL//Pwxi/8L8scs/i/MH7P4L50/ZvF/Uf6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/FfIH7P4r5g/ZvF/cf6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/F+SP2bxXy1/zOK/ev6Yxf+l+WMW/5flj1n8X54/ZvGfkD9m8Z+YP2bxn5Q/ZvFfI3/M4r+myH+uf2Fdi/9aIv9/JYv/5Pwxi/+U/DGL/9r5Yxb/dfLHLP6vyB+z+L8yf8ziv27+mMV/vfwxi//6+WMW/1flj1n8N8gfs/i/On/M4r9h/pjFf6P8MYv/xvljFv9N8scs/q/JH7P4b5o/ZvHfLH/M4v/a/DGL/+vyxyz+r88fs/i/IX/M4v/G/DGL/5vyxyz+b84fs/hvnj9m8d8if8ziv2X+mMX/LfljFv+t8scs/lvnj1n8t8kfs/hvmz9m8X9r/pjFf7v8MYv/2/LHLP5vzx+z+G+fP2bx3yF/zOK/Y/6YxX+n/DGL/zvyxyz+78wfs/jvnD9m8d8lf8ziv2v+mMX/XfljFv93549Z/N+TP2bx3y1/zOK/e/6YxX+P/DGL/3vzxyz+78sfs/i/P3/M4v+B/DGL/wfzxyz+e+aPWfw/lD9m8f9w/pjF/yP5Yxb/j+aPWfz3yh+z+H8sf8ziv3f+mMX/4/ljFv9P5I9Z/PfJH7P4fzJ/zOL/qfwxi/+n88cs/p/JH7P4fzZ/zOK/b/6YxX+//DGL/+fyxyz+n88fs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+H8zf8zif2z+mMX/uPwxi//x+WMW/xN0/o/v01r8T9T5P74s/t/KH7P4fzt/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP7fyR+z+J+WP2bxPz1/zOJ/Rv6Yxf+7+WMW/+/lj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi//388cs/j/IH7P4/zB/zOL/o/wxi/+P88cs/j/JH7P4n5c/ZvE/P3/M4v/T/DGL/wX5Yxb/n+WPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP4/zx+z+P8if8zi/8v8MYv/r/LHLP5X5I9Z/K/MH7P4/zp/zOL/m/wxi/9V+WMW/9/mj1n8r84fs/hfkz9m8b82f8zi/7v8MYv/dfljFv/r88cs/jfkj1n8f58/ZvH/Q/6Yxf+P+WMW/xvzxyz+f8ofs/jflD9m8b85f8zif0v+mMX/1vwxi/+f88cs/rflj1n8b88fs/j/JX/M4n9H/pjF/6/5Yxb/v+WPWfz/nj9m8f9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/hPzR+z+N+XP2bxvz9/zOI/LX9M4r/gIH/M4j+UP2bxH5U/ZvGfLX/M4j97/g9rtpFHi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/mPyxyz+C+WPWfzH5o9Z/BfOH7P4L5I/ZvF/Uv6Yxf/J+WMW/6fkj1n8F80fs/g/NX/M4r9Y/pjF/2n5Yxb/p+ePWfwXzx+z+D8jf8zi/8z8MYv/uPwxi/+z8scs/s/OH7P4Pyd/zOI/Pn/M4r9E/pjF/7n5Yxb/JfPHLP5L5Y9Z/J+XP2bxf37+mMX/BfljFv8X5o9Z/JfOH7P4vyh/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vzh/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vyR+z+K+WP2bxXz1/zOL/0vwxi//L8scs/i/PH7P4T8gfs/hPzB+z+E/KH7P4r5E/ZvFfM3/M4r9W/pjFf3L+mMV/Sv6YxX/t/DGL/zr5Yxb/V+SPWfxfmT9m8V83f8ziv17+mMV//fwxi/+r8scs/hvkj1n8X50/ZvHfMH/M4r9R/pjFf+P8MYv/JvljFv/X5I9Z/DfNH7P4b5Y/ZvF/bf6Yxf91+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n8N88fs/hvkT9m8d8yf8zi/5b8MYv/VvljFv+t88cs/tvkj1n8t80fs/i/NX/M4r9d/pjF/235Yxb/t+ePWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf8d+WMW/3fmj1n8d84fs/jvkj9m8d81f8zi/678MYv/u/PHLP7vyR+z+O+WP2bx3z1/zOK/R/6Yxf+9+WMW//flj1n835///8cePSAAQihQAPxG3Gzbtm3btu3dbNu2bdu2bdt1gXeC3swVJmr5H+g/avkf5D9q+d/Tf9Tyv5f/qOV/b/9Ry/8+/qOW/339Ry3/+/mPWv739x+1/B/gP2r5P9B/1PJ/kP+o5f9g/1HL/yH+o5b/Q/1HLf+H+Y9a/g/3H7X8H+E/avk/0n/U8n+U/6jl/2j/Ucv/Mf6jlv9j/Uct/8f5j1r+j/cftfyf4D9q+T/Rf9Tyf5L/qOX/ZP9Ry/8p/qOW/1P9Ry3/p/mPWv5P9x+1/J/hP2r5P9N/1PJ/lv+o5f9s/1HL/zn+o5b/c/1HLf/n+Y9a/s/3H7X8X+A/avm/0H/U8n+R/6jl/2L/Ucv/Jf6jlv9L/Uct/5f5j1r+L/cftfxf4T9q+b/Sf9Tyf5X/qOX/av9Ry/81/qOW/2v9Ry3/1/mPWv6v9x+1/N/gP2r5v9F/1PJ/k/+o5f9m/1HL/y3+o5b/W/1HLf+3+Y9a/m/3H7X83+E/avm/03/U8n+X/6jl/27/Ucv/Pf6jlv97/Uct//f5j1r+7/cftfw/4D9q+X/Qf9Ty/5D/qOX/Yf9Ry/8j/qOW/0f9Ry3/j/mPWv4f9x+1/D/hP2r5f9J/1PL/lP+o5f9p/1HL/zP+o5b/Z/1HLf/P+Y9a/p/3H7X8v+A/avl/0X/U8v+S/6jl/2X/Ucv/K/6jlv9X/Uct/6/5j1r+X/cftfy/4T9q+X/Tf9Ty/5b/qOX/bf9Ry/87/qOW/3f9Ry3/7/mPWv7f9x+1/H/gP2r5/9B/1PL/kf+o5f9j/1HL/yf+o5b/T/1HLf+f+Y9a/j/3H7X8f+E/avn/0n/U8v+V/6jl/2v/Ucv/N/6jlv9v/Uct/9/5j1r+v/cftfz/4D9q+f/Rf9Ty/5P/qOX/Z/9Ry/8v/qOW/1/9Ry3/v/mPWv5/9x+1/P/hPyr5H/A3/1HL/9/9Ry3///Aftfz/03/U8v8v/1HL/7/9Ry3///Eftfz/13/U8v8//1HL///9Ry3/g/mPWv4H9x+1/A/hP2r5H9J/1PI/lP+o5X9o/1HL/wD/Ucv/MP6jlv9h/Uct/8P5j1r+h/cftfyP4D9q+R/Rf9TyP5L/qOV/ZP9Ry/8o/qOW/1H9Ry3/o/mPWv5H9x+1/I/hP2r5H9N/1PI/lv+o5X9s/1HL/zj+o5b/cf1HLf/j+Y9a/sf3H7X8T+A/avmf0H/U8j+R/6jlf2L/Ucv/JP6jlv9J/Uct/5P5j1r+J/cftfxP4T9q+Z/Sf9TyP5X/qOV/av9Ry/80/qOW/2n9Ry3/0/mPWv6n9x+1/M/gP2r5n9F/1PI/k/+o5X9m/1HL/yz+o5b/Wf1HLf+z+Y9a/mf3H7X8z+E/avmf03/U8j+X/6jlf27/Ucv/PP6jlv95/Uct//P5j1r+5/cftfwv4D9q+V/Qf9Tyv5D/qOV/Yf9Ry/8i/qOW/0X9Ry3/i/mPWv4X9x+1/C/hP2r5X9J/1PK/lP+o5X9p/1HL/zL+o5b/Zf1HLf/L+Y9a/pf3H7X8r+A/avlf0X/U8r+S/6jlf2X/Ucv/Kv6jlv9V/Uct/6v5j1r+V/cftfyv4T9q+V/Tf9Tyv5b/qOV/bf9Ry/86/qOW/3X9Ry3/6/mPWv7X9x+1/G/gP2r539B/1PK/kf+o5X9j/1HL/yb+o5b/Tf1HLf+b+Y9a/jf3H7X8b+E/avnf0n/U8r+V/6jlf2v/Ucv/Nv6jlv9t/Uct/9v5j1r+t/cftfzv4D9q+d/Rf9Tyv5P/qOV/Z/9Ry/8u/qOW/139Ry3/u/mPWv539x+1/O/hP2r5H+g/avkf5D/6y/0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwJ/t2G1tnWfhx/O62jrE//2TEBZehySYXCokw2z1kvCBsMrbVQTeexwBHt3Zjo91m12FXwD28mEQID5JMskSJsmUoYSY0EgPBCiIadFETDT4AohBF40QIuiUu1pz2tLTHrvFc9boW5fN50XPu++x3b2vy3X0vMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD479XQuPDI+Jphp8YPPfjg4Za+1zlHV9584Lc9Fw68lj9eNsIlxw096O3t7Z3z3Owd5cNTiqIo/Ww7y8eTKsel6++s/0Jn/1FY0PPSkuNTft545MCa0x+p6z56f23f2dripnUbWls+Nq4owsW1RWfpoK6mKMLi2uK+0kF96WBJbfFI6WB238GpxbdLB+ev3dzaXDqxNPp7Bv8rGhp3FuOHFVsM+9NgaP87679158DrKJccuNqEotz/FV3ff6viswEn6H/g+mFhZf9V/waBE6qu/xcWDLyOcsl/uf9PfmrVKyN9duL+B64fPq5/SGeE5/9hjVY+91c8/88Y4ZKD+6tquo6X+r/0tmdnlk9N+Hee/9+9fri4sv9xw57/S8/xiwae/08pinDJGL8d8J7S0LjryGj3/9H7nzC9YlMztP8z2jfvL/X/+JLvPVE+VVtl/4tGuf+PW1rxawWq09D45d6K+38V/RcfGeGSg/2//cSvHy71/9jvHzhzyGfV9H9JZf+zOtq2zNq6veu8DW1N61vWt2yqmz1/zrz6unkXzJ3V90jQ/3WM3xV4bxjb/b+YXLGpKYqWwf013QeeLvU/98EH55RPTaqy/8Wj3v9nuP/DiD40rpg4sehs6uhor+v/OnBY3/+1/4eN0H8Vf/8/65zyD6stv9YUxbTB/V1n3r2i1P87h57dXT41scr+l4za/4LBnxeIMMb7f3PFZlj/Bw+91Pf8v+zeg2eUT1X79/+lo/b/qvs/jEVDY8X/8PMfVup/V3FZZKehwX//g3Ry9P/YOzf0xK3DJ/QP6eTo/3efO3pu3Dos0z+kk6P/CRsfeD5uHS7VP6STo//lU+eviFuHy/QP6eTof+2r5/45bh0a9Q/p5Oj/nC/t7oxbh+X6h3Ry9P9Q+5xtceuwQv+QTo7+f3raQ6/FrcPl+od0cvR/7Ng9N8atwxX6h3Ry9N+95+wfxK3DlfqHdHL0f/m6hSFuHa7SP6STo//p0/74eNw6XK1/SCdH//P+9PfT4tbhGv1DOjn6v+PzK/bFrcO1+od0cvQ//vpXXoxbh5X6h3Ry9L/07G0L49bhOv1DOjn6b/5Jc2/cOqzSP6STo/9ZX//Rhrh1uF7/kE6O/g8vf3RP3DrcoH9IJ0f/e+qKKXHrcKP+IZ0c/X/tu6cfiluHT+of0snR/2+eenJ+3Dqs1j+kk6P/5z5w+zfi1uEm/UM6Ofq/d82LZ8WtQ5P+IZ0c/T+89/kvxq3DGv1DOjn6f+ONtv+LW4e1+od0cvQ/edKpr8etQ7P+IZ0c/S+89SvtcevQon9IJ0f/bbu7fxi3Duv0D+nk6P/Dx6etiluH9fqHdHL0v3Lu3vfHrcPN+od0cvT/vmUX7opbhw36h3Ry9H9Rz0cviluHjfqHdHL03/HMZ78atw636B/SydH/3pmvLY5bh1b9Qzo5+n959dIfx61Dm/4hnRz9v/XodZvi1mGT/iGdHP0/+bO3j8Wtw2b9Qzo5+v//Cxb9NW4dtugf0snR/+Ilb66NW4dP6R/SydH/xu5/vBy3Du36h3Ry9D/z8NXL4tZhq/4hnRz9f+e8uv1x69Chf0gnR/93XrmvPm4dtukf0snR//6Dd90dtw636h/SydH/m7+YMT1uHT6tf0gnR//3Tzl0bdw6dOof0snR/y831T4Ttw7b9Q/p5Oj/b/um7ohbhy79Qzo5+n/69Z4/xK3DbfqHdHL0v3rCrybGrcPt+od0cvQ/tWvLfXHrcIf+IZ0c/c+/p+n8uHX4jP4hnRz9b/3LC9+MW4cd+od0tm7vuqWptbWl3RtvvPFm8M3J/pMJSO3d6E/2rwQAAAAAAAAAAAAAADiRHP+c6GT/HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUTvBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8BAAD//+8S49Y=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000015c0)='./file1\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
pwrite64(r0, &(0x7f0000000140), 0x0, 0x8000c61)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000002c0)={0x3, 0x4800000000000000, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4040c405})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0)

25.370147467s ago: executing program 1 (id=4212):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="440000001800010000000000fddbdf251d01020008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES32, @ANYBLOB="150004"], 0x44}}, 0x0)

25.167532268s ago: executing program 1 (id=4214):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000300)={[{@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@mode={'mode', 0x3d, 0x8}}, {@dmode={'dmode', 0x3d, 0x4}}, {@adinicb}, {@gid}, {@lastblock={'lastblock', 0x3d, 0x7}}, {@gid_forget}, {@uid}]}, 0x1, 0xc67, &(0x7f0000001dc0)="$eJzs3U9sHNd9B/DfG5LiSm5rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVoEW8zsW3FFkZYskiIlfz429d2deW/mvZnxjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xj13/ETaZEXfHjQGAHgoLox99fjJzZ7/AMBj69JW//8PAAAAAAAAAAAAAADsFymKeCpSzF1YSxPV947a+dbAjZvjI6ObVzuYqpp9Vfnyp3bi5KnTX35h+Ew3z7dmPqT+TvtsvD526Vz9ldnrc/NTCwtTk/XxmdaV2cmp+97CdutvdLQ6APXrb9yYvHp1oX7y+VN3rL459MHgE4eHzg4/e+yZbtnxkdHRsfUitd7y/Q/ckI6tRngciCKORYrnvvuT1IyIIrZ/LGoP99xvdLDqxNGqE+Mjo1VHplvNmcVy5cXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+WnZvbK4537w8PVW/2JxfbC22Zmcupk5ry/7Uo4gzKWI5IlYH797cQBTRHym+/eRaupzf+lEdhy9VA4O3bkexi328D2U76wMRy8UjcM72scEo4rVI8dN3j8SVfJ+p7jVfjHitzO9H3Crz5YhUXhinI97f5Dri0dQfRfxZef7PrqXJ6n7Qva+c/1r9KzNXZ3vKdu8rH/H5cNedYo+eDwc35MOxz+9NtSiiWd3x19KD/2YHAAAAAAAAAAAAAAAAgJ12MIr4TKR49V//oBpXHNW49CfPDv/u0C/2jhl/+h7bKcs+HxFLxf2NyT2QBwZeTBdT2uOxxB9ntSjiD/P4v2/udWMAAAAAAAAAAAAAAAAAAAA+1or4caR46b0jaTl65xRvzVyrX2penu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Z+2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfw8UnzrG2spUkQ0IiaikyuDe906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0mIr4XqSo/17j9rL+iEjVvx1Hyl9OR+NAmZ+MxnCZL0fjXM5mlf2Nb+5B+9megVTEjyLFYO2d2yc8n/+Bzrfbl0Hcenv922f7O9nXXTn0weATh588Ozz6+ae3+pw2a8DR862ZGzfr4yOjo2M9i/vz3j/Zs2wo77fYma4TEQtvvvVGc3p6av7BP5SXwANW757Jbez9YX5I/Y9MU33YiQ/Rvy+asTd9v0NtL25O7Lry+f9+pPjN9/6t+8DvPP9r8Qudb7ef8PGzP1p//r+0cUP3+fzv31gvP//LJ8Fmz/+nepa9lH83MtAfUVu8PjdwOKK28OZbx1rXm9emrk3NnD5+/MXh4RdPHR84EFG72pqe6vm0I4cLAAAAAAAAAAAAAAAA4OFJRfx2pGj+aC3VI+JmNV5r6Ozws8ee6Yu+arzVHeO2Xx+7dK7+yuz1ufmphYWpyfr4TOvK7OTU/e6uVg33Gh8Z3ZXO3NPBXW7/wdors3Nvzreu/f7ipusP1c5dXlicb17ZfHUcjCKi0bvkaNXg8ZHRqtHTreZMVfXipoPpP7qBVMS/R4orp+vpC3lZHv+/cYR/3Hr7xdvXwtLGDe3g+P/PH1of//eJnqLlPlMq4meR4jf+/On4QtXOQ3HXMcvl/jpSHD3zuVwuDpTlum3ovFegMzKwLPvfkeLvf35n2e54yKfWy574SAf3EVCe/ycjxff+9Dvxq3nZne9/6D3/68fv0MYN7dL7Hz7Vs+zQHe8r2HbXyef/WKR4+al34teqJf/7oe//6L6x4Uin8Pr7OXbp/P9yz7KhvN9f36nOAwAAAAAAAAAAPMIGUhF/Eyl+MNqfXsjL7ufv/01u3NAu/f2vT/csm9yZ+Yru+WHbBxUAAAAA9omBVMSPI8W1xXduj6G+c/x3z/jP31of/zmSNqyt/pzvl6r3Buzkn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBfSamIF/J86hPVeP7JLedTX4kUr/7nc7lcOlyW684DP1T9WrswO3Ps3PT0bC0Wm5enp+pjc80rU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2IE2XZT0SK//i7O8vmqanz3NHVdk+WZf8yUnz9Hzcve3i97Kmy7HcixQ+/Xu+WPVSW7b4f9dPrZZ+/MlvswlkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri/fHsuf5/8f6PlaufV2z3z/G9ys5vkfqub/3+rzg8z/X71XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRYq5C2tpZbD83lE735q5cXN8ZHTzagdTVbOvKl/+1E6cPHX6yy8Mn+nmh9ffaZ+J18cunau/Mnt9bn5qYWFqsj4+07oyOzl131vYbv2NjlYHoH79jRuTV68u1E8+f+qO1TeHPhh84vDQ2eFnjz3TLTs+Mjo61lOmf+CB936XtMXyA1HEX0SK5777k/SDwYgitn8s7nHt7LaDVSeOVp0YHxmtOjLdas4slisvdg9EEVHvqdToHqN7nov/a7fbD6srm2hELJXNLxt8tOze2Fxzvnl5eqp+sTm/2Fpszc5cTJ3Wlv2pRxFnUsRyRKwO3r25gSjijUjx7SfX0j8NRvR1j8OXLox99fjJrdtR7GIf70PZzvpAxHJxP+eMrQxGEf8QKX767pH458GI/uj8xBcjXivz+xG3onO+U3lhnI54f5PriEdTfxTxP+X5P7uW3h0s7wfd+8r5r9W/MnN1tqds976yzedDu93+4zL37vnwMO3ze1MtivhhdcdfS//iv2sAAAAAAAAAAAAAAACAfaSIX4kUL713JFXjg2+PKW7NXKtfal6e7gzr6479646Zbrfb7XrqZCPnRM6lnMs5V3Ku5owi18/ZKLPWbk/k70s5l3Ou5FzNGX25fl81XLHdyN8nci7lXM65knM1Z/Tn+jkbOSdyLuVczrmSczVn7JOxewAAAAAAAAAAAAAAAAAAwOOlqP5J8a1vrKX2YGd+6Yno5Ir5QB97/x8AAP//Jhb4VQ==")

24.99428534s ago: executing program 35 (id=4214):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000300)={[{@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@mode={'mode', 0x3d, 0x8}}, {@dmode={'dmode', 0x3d, 0x4}}, {@adinicb}, {@gid}, {@lastblock={'lastblock', 0x3d, 0x7}}, {@gid_forget}, {@uid}]}, 0x1, 0xc67, &(0x7f0000001dc0)="$eJzs3U9sHNd9B/DfG5LiSm5rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVoEW8zsW3FFkZYskiIlfz429d2deW/mvZnxjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xj13/ETaZEXfHjQGAHgoLox99fjJzZ7/AMBj69JW//8PAAAAAAAAAAAAAADsFymKeCpSzF1YSxPV947a+dbAjZvjI6ObVzuYqpp9Vfnyp3bi5KnTX35h+Ew3z7dmPqT+TvtsvD526Vz9ldnrc/NTCwtTk/XxmdaV2cmp+97CdutvdLQ6APXrb9yYvHp1oX7y+VN3rL459MHgE4eHzg4/e+yZbtnxkdHRsfUitd7y/Q/ckI6tRngciCKORYrnvvuT1IyIIrZ/LGoP99xvdLDqxNGqE+Mjo1VHplvNmcVy5cXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+WnZvbK4537w8PVW/2JxfbC22Zmcupk5ry/7Uo4gzKWI5IlYH797cQBTRHym+/eRaupzf+lEdhy9VA4O3bkexi328D2U76wMRy8UjcM72scEo4rVI8dN3j8SVfJ+p7jVfjHitzO9H3Crz5YhUXhinI97f5Dri0dQfRfxZef7PrqXJ6n7Qva+c/1r9KzNXZ3vKdu8rH/H5cNedYo+eDwc35MOxz+9NtSiiWd3x19KD/2YHAAAAAAAAAAAAAAAAgJ12MIr4TKR49V//oBpXHNW49CfPDv/u0C/2jhl/+h7bKcs+HxFLxf2NyT2QBwZeTBdT2uOxxB9ntSjiD/P4v2/udWMAAAAAAAAAAAAAAAAAAAA+1or4caR46b0jaTl65xRvzVyrX2penu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Z+2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfw8UnzrG2spUkQ0IiaikyuDe906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0mIr4XqSo/17j9rL+iEjVvx1Hyl9OR+NAmZ+MxnCZL0fjXM5mlf2Nb+5B+9megVTEjyLFYO2d2yc8n/+Bzrfbl0Hcenv922f7O9nXXTn0weATh588Ozz6+ae3+pw2a8DR862ZGzfr4yOjo2M9i/vz3j/Zs2wo77fYma4TEQtvvvVGc3p6av7BP5SXwANW757Jbez9YX5I/Y9MU33YiQ/Rvy+asTd9v0NtL25O7Lry+f9+pPjN9/6t+8DvPP9r8Qudb7ef8PGzP1p//r+0cUP3+fzv31gvP//LJ8Fmz/+nepa9lH83MtAfUVu8PjdwOKK28OZbx1rXm9emrk3NnD5+/MXh4RdPHR84EFG72pqe6vm0I4cLAAAAAAAAAAAAAAAA4OFJRfx2pGj+aC3VI+JmNV5r6Ozws8ee6Yu+arzVHeO2Xx+7dK7+yuz1ufmphYWpyfr4TOvK7OTU/e6uVg33Gh8Z3ZXO3NPBXW7/wdors3Nvzreu/f7ipusP1c5dXlicb17ZfHUcjCKi0bvkaNXg8ZHRqtHTreZMVfXipoPpP7qBVMS/R4orp+vpC3lZHv+/cYR/3Hr7xdvXwtLGDe3g+P/PH1of//eJnqLlPlMq4meR4jf+/On4QtXOQ3HXMcvl/jpSHD3zuVwuDpTlum3ovFegMzKwLPvfkeLvf35n2e54yKfWy574SAf3EVCe/ycjxff+9Dvxq3nZne9/6D3/68fv0MYN7dL7Hz7Vs+zQHe8r2HbXyef/WKR4+al34teqJf/7oe//6L6x4Uin8Pr7OXbp/P9yz7KhvN9f36nOAwAAAAAAAAAAPMIGUhF/Eyl+MNqfXsjL7ufv/01u3NAu/f2vT/csm9yZ+Yru+WHbBxUAAAAA9omBVMSPI8W1xXduj6G+c/x3z/jP31of/zmSNqyt/pzvl6r3Buzkn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBfSamIF/J86hPVeP7JLedTX4kUr/7nc7lcOlyW684DP1T9WrswO3Ps3PT0bC0Wm5enp+pjc80rU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2IE2XZT0SK//i7O8vmqanz3NHVdk+WZf8yUnz9Hzcve3i97Kmy7HcixQ+/Xu+WPVSW7b4f9dPrZZ+/MlvswlkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri/fHsuf5/8f6PlaufV2z3z/G9ys5vkfqub/3+rzg8z/X71XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRYq5C2tpZbD83lE735q5cXN8ZHTzagdTVbOvKl/+1E6cPHX6yy8Mn+nmh9ffaZ+J18cunau/Mnt9bn5qYWFqsj4+07oyOzl131vYbv2NjlYHoH79jRuTV68u1E8+f+qO1TeHPhh84vDQ2eFnjz3TLTs+Mjo61lOmf+CB936XtMXyA1HEX0SK5777k/SDwYgitn8s7nHt7LaDVSeOVp0YHxmtOjLdas4slisvdg9EEVHvqdToHqN7nov/a7fbD6srm2hELJXNLxt8tOze2Fxzvnl5eqp+sTm/2Fpszc5cTJ3Wlv2pRxFnUsRyRKwO3r25gSjijUjx7SfX0j8NRvR1j8OXLox99fjJrdtR7GIf70PZzvpAxHJxP+eMrQxGEf8QKX767pH458GI/uj8xBcjXivz+xG3onO+U3lhnI54f5PriEdTfxTxP+X5P7uW3h0s7wfd+8r5r9W/MnN1tqds976yzedDu93+4zL37vnwMO3ze1MtivhhdcdfS//iv2sAAAAAAAAAAAAAAACAfaSIX4kUL713JFXjg2+PKW7NXKtfal6e7gzr6479646Zbrfb7XrqZCPnRM6lnMs5V3Ku5owi18/ZKLPWbk/k70s5l3Ou5FzNGX25fl81XLHdyN8nci7lXM65knM1Z/Tn+jkbOSdyLuVczrmSczVn7JOxewAAAAAAAAAAAAAAAAAAwOOlqP5J8a1vrKX2YGd+6Yno5Ir5QB97/x8AAP//Jhb4VQ==")

7.099059747s ago: executing program 5 (id=4357):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c1rHG8dAPDvTPJrktqXpPZQQXDBgqISkp7UCKZp+pK0NVJtERHSTbJtI5tsSTbioYd4EzwJHsRDUfCWk+Tgtf4JXjzquaAHL4IgRnZ3Nt2Z7JK1ZhNbPp/DPjvPe/KdmX3msPukDRFRf7G+XVrfLpU3S7XVZ9s3Sj+qVXc2KpGekq7jf3J649OfQZwnffQ58r/PnG6Wbt35zpMbEX9Y+9Pbg4ODg2gYjq6mO97/4++vVjvTtrTQptFv995Oyvcj4uqReTUMRcT3fh+RRMTNLG8uS8ci4mK0yp68+tnT0gnNZiRL92euL+693u/9tycRv6p+5ivPN/76+aGZv3zphIYHAAAAAAAAAAAAAAAAAOADd/fR0uNvT03HmySG95LW93VHOsuztNf3Yw9OzOdO4a8FAAAAAAAAAAAAAAAAAACA/0/vvv9fSq4kR/frns/S2R7tD745+DkyOAvfWpq/PTWd7f+edJQsXW68fjXL+tvNoZjosu97cf/3m4X+u+//npzY/Nvza487Hkk6mTtO08nJiN9kG79fS86n1dp2/cvPajubayc2jQ9WPv6t3ftz0ck29O83/nOF/ge///+nj5xNjeOnJ3eKfdTy8R/qWW80kr7if6vQ7jTiz/vLx3+4mTfWWWG2dQP47U+S+Pnw8fGfL/Q/qPhfiohS0phrKXcHaKxhGvm91ivk5eP/STMvd+vM/pGN+He7/v9ZiP/tQv9ndf/fLX4Q0VU+/ueaeaO5Gu+u/4n0+Ov/TqH/s4h/Y/67Pv/7ko9/9stvw7kqzf9kv/f/u4X+BxX/x2k2z0tJ7gzYS1r5vX6vjrx8/EePlL97/kv7Wv/dK7Q/ree/9rjt57/27f+LSev5j+7y8R/rWa/f63+h0G7Q9//Z5vqP95WP//lmXn7tPN587Tf+i4X+BxP/c4fvZgvr/3+PtBYAv7b+60s+/p9qZaadNXabr831X3L8+v9+of+zWP815r+bDnbUj0U+/hd61mvE/499fP4/KLQbfPwjpqz131s+/hd71mte/6PHx/9hod2g4/+FQXYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AGYy9LxSNLJ3HGaTk5G3MqOr8X5ZKW8trxSra3+YDtiPssvxZXkebW2Uq4ur2/W1irL5Wq1thpxOyu/GqPJdrVWX94ov7xz2NdY8qJS3qqvVMr1iLib5X82Lrb7Wlmvb5RfRsS9w7LLaW3r5Yvy5vLa+tbXp6ampmLhcA4TSeXH9cpmvTV6qzRi8bDteNIxuWbx/cO5XEh+WNvZ2ixXm/kPOtpUa6vlakebh1nZL2IiqW/tbK6W65Xlau15e7yzNJul8wuPvvvowfSR8qdJK5073WkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8F96M/O1X0bEcOsojYjZ9pukW/3f/bnyjeV/Pfzp/sz1xb3X+2971QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+A87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2KVjlIqBIAzAs2sRK/EYViHpbCOKaGFE8ARaewIPo0fxEt7BwsLWQoS4AclLHmneq76vGdifnR3YAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgncu7/v62aSNSHP5UVbw9vn/8z69LfTmbv3+whxnZnaub/vyiacu/p438tBx9dnlIv7+eH2Kmjl4nezLdpz9D06ejLXMt7dvSfOO7x5FyHRFdyU9SznW9rhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VtH0bcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8CgAA//8tTRpl")

6.112511743s ago: executing program 5 (id=4366):
sched_setaffinity(0x0, 0xfffffffffffffcba, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r1, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb542080005000000000090000880"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)

4.662139368s ago: executing program 5 (id=4371):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r0])
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x18)

4.564393705s ago: executing program 5 (id=4372):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c002, &(0x7f0000000a00)=ANY=[@ANYBLOB='discard,discard=0x0000000000020001,discard,iocharset=cp857,errors=remount-ro,iocharset=iso8859-2,uid=', @ANYRESHEX=0xee00, @ANYRES64=0x0], 0x23, 0x61c3, &(0x7f000000c9c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPz2mfE+k+/uzq5nZp8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKHP/jxuSIirvwq3XAi4nPRj+hFrFT1WkSsrJ2or/NCbDfH8xExXIqo1t/+59mI1yPi4+MR9x/cWa9uPn/Afnz/z//4w0+O/ejvfxqe+e9fbvXfmLTc7du//c9f7z769gIAAEAXlWVZFulj/smIGKTP9gDA0y/v/8sk366eu3pzzvqjVqvV6gWs68rx7taLiNisr1O9Z3A4HgAWzGZ80nYXaJH8O20QEcfa7gQw14q2O8CRuP/gznqR8i3q+4O1nfZ8Lsie/DeL3es7Jk2naZ5jMqvH11b047kJ/VmZUR/mSc6/18z/yk77KC131PnPyqT8RzuXPnVOzr/fzL/h6cm/Nzb/rsr5Dw6Vf1/+AAAAAAAwx/Lf/0+0fPx36fE35UD2O/67NqM+AAAAAAAAAMCTdtjx/waN8f92Gf8PAAAA5lb1Wb3yu+MPb5v0XWzV7ZeLiGcaywMdky6WWW27HwAAAAAAAAAAAADQJYOdc3gvFxHDiHhmdbUsy+qnrlkf1uOuv+i6vv3QZW2/yAMAwI6Pjzeu5S8iliPicvquv+Hq6mpZLq+slqvlylJ+PztaWi5Xap9r87S6bWl0gDfEg1FZ/bLl2np10z4vT2tv/r7qvkZl/wAdm40WAweAiNjZG92ftEf6n/3VYirLZ6PlNzksiH2e/ywoz38Oou3HKQAAAHD0yrIsi/R13ifTMf9e250CAGYi7/+bxwXUarVarVY/fXVdOd7dehERm/V1qvcMhuMHgAWzGZ+03QVaJP9OG0TEC213AphrRdsd4Ejcf3BnvUj5FvX9QRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJY76vxnZVL+1XaeaKE/bcv595v5Nzw9+ffG5t9VOf/BofLvyx8AAAAAAOZY/vv/ibk6/jt61M2Zar/jv2tj1zi6vgAAAAAAAADAk3L/wZ31fN1rPv7/hTHLuf7z6ZTzL+TfSTn/XiP/rzaW69fm7739MP9/P7iz/sdb//p8nh40/6U8U6RHVpEeEUW6p2KQpo+zdZ+1NeyPqnsaFr3+IJ3zUw7fjWtxPTbi7J5le+n/42H7uT3tVU+H2+1lf6f9/J72wW57Xv/CnvZhOruoXMntp2M9fh7X453t9qptacr2L09pL6e05/z7nv+dlPMf1H6q/FdTe9GYVu591PvM874+HXc/b1374m/OHv3mTLUV/d1tq6u276UW+rP9f3JsFL+8uXHj9O2rt27dOBdpsufW85EmT1jOf5h+dl//X95pz6/79efrvY9Gh86/Nf295VYMJub/cm2+2t5XZtG/luX8R+kn5/9Oah///F+g/Bv2e/6/2kJ/AAAAAAAAAAAAAAAAYD9lWW5fIvpWRFxM1/+0dW0mADBbef9fJvn2WdX9Gd+fWr3gdTFn/Zlp/Wk5X/1RqxexrivHe7NeRMTf6utU7xl+Pe6XAQDz7NOI+GfbnaA18u+w/H1/1fRU250BZurmBx/+9Or16xs3brbdEwAAAAAAAADgUeXxP9dq4z+fKsvybmO5PeO/vh1rjzv+5yDP7A4wOmGg6v7ht2k/W71Rv1cbbvzFmDT+93B3br/xvwdT7m84pX00pX1pSvvylPaxF3rU5PxfrI13fioiTjaGX+/C+K/NMe+7IOf/Uu3xXOX/lcZy9fzL3y9y/r09+Z+59f4vztz84MPXrr1/9b2N9zZ+duHcubMXLl68dOnSmXevXd84u/Nviz0+Wjn/PPa180C7JeefM5d/t+T8v5Rq+XdLzv/LqZZ/t+T88/s9+XdLzj9/9pF/t+T8X0m1/Lsl5/+1VMu/W3L+r6Za/t2S8/96quXfLTn/11It/27J+Z9Otfy7Jed/JtUHzH/lqPvFbOT88xEuz/9uyfnnMxvk3y05//Opln+35PwvpFr+3ZLzfz3V8u+WnP83Ui3/bsn5X0y1/Lsl5//NVMu/W3L+l1It/27J+X8r1fLvlpz/t1Mt/27J+b+Ravl3S87/O6mWf7fk/L+bavl3S87/e6mWf7fk/N9Mtfy75eH3/5sxY8ZMnmn7lQkAAAAAAAAAAAAAaJrF6cRtbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9nBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYu7cYue76DuBnr147kBgIqZMaWDvGGGeTXV/iC62LCdeGWwmEQi/YrndtFnyL1y5JGsmOAiUSRkUVbcNDW0BRm5cKP+SBVgHlAbVCqkTaB/qCqFB5iCqDEqRKaQXZas75//87Mzs7s2tP1jPnfD5S/PPOnJlz5syZs/td5zsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1Nv0zpkvDmRZVvsv/2N9lr2q9ve14+vzy952vbcQAAAAuFa/yv984aZ0wcFl3KhumX954w+enp+fn88+MfQXI1+dn09XjGfZyJosy6+LLv/kkwP1ywSPZWMDg3VfD3ZY/VCH64c7XD/S4frRDtev6XD9WIfrF+2ARdYWv4/J72xL/tf1xS7Nbs5G8uu2tLjVYwNrBgfj73JyA/lt5keOZbPZiWwmm2pYvlh2IF/+mU21db0vi+sarFvXxtoR8uIjR+M2DIR9vKVhXQv3Gf3sHdn4L1585Ojfnbtya6vZcTc03F+xnds217bz8+GSYlsHsjVpn8TtHKzbzo0tnpOhhu0cyG9X+3vzdr6wzO0cWtjMVdX8nI9lg/nfn8v303D9r/XSftoYLnvp9izLLi5sdvMyi9aVDWbrGi4ZXHh+xoojsnYftUPptdnwio7TTcs4Tmtzekvjcdr8mojP/6Zwu+EltqH+afrZo6N1z/sv56/mOI1qj3qp10rzMdjt10qvHIPxuHguf9CPtzwGt4TH/8jWpY/BlsdOi2MwPe66Y3Bzp2NwcHQo3+b0JAzkt1k4Bnc0LD+Ur2kgn89vbX8MTp47eWZy7qGH75w9eeT4zPGZU7t27JjatWfPvn37Jo/NnpiZKv68yr3d+9Zlg+k1sDnsu/gaeEvTsvWH6vw3Rhedf6/2dTjW5nW4vmnZbr8Oh5sf3MDqvCAXH9PFa+NjtZ0+dmkwW+I1lj8/26/9dZged93rcLjuddjye0qL1+HwMl6HtWXObF/ezyzDdf+12oalvxdc2zG4vu4YbP55pPkY7PbPI71yDI6F4+JH25f+XrAxbO/jEyv9eWRo0TGYHm4499QuST/vj+3LR6vj8rbaFTeMZufnZs7e9eCRc+fO7sjCWBWvqztWmo/XdXWPKVt0vA6u+Hg9OPvGx29rcfn6sK/G7qz9Mbbkc1VbZvdd7Z+r/Ltb6/3ZcOnOLIwuW+392eq7eW1/jmbZ17736H3feeRr71xyf9by5ucnr/1n8ZRL686/I0ucf2Puf7lYX7qrx4ZGhovX71DaOyMN5+PGp2o4P3cN5Ot+YXJ55+OR8N9qn49vbnM+3tC0bLfPxyPNDy6ejwc6/bbj2jQ/n2PhODkx1f58XFtmw86VHpPDbc/Ht4c5EPb/W0NSSLmo7thZ6rhN6xoeHgmPaziuofE43dWw/EjIZrV1PbXzKo7TF7Ns2+3FfQ2lR7dgtY7T8aZlu32cpt99LXWcDnT67dvVaX4+x8JxcfOu9sdpbZlnd1/7uXNt/GvduXO00zE4MjRa2+aRdBDm5/tsfm08Bu/KjmansxPZdH7taH48DeTrmrh7ecfgaPhvtc+VG9ocg9ualu32MZi+jy117A0ML37wXdD8fI6F4+KJu9sfg7Vl3rW3uz+7bguXpGXqfnZt/v3aUr/zuq1pN71Sx8pw2M7v7W3/u9naMif2rTRntt9Pd4RLbmixn5pfv0u9pqaz1dlPG8J2Xtm39H6qbU9tma/uX+bxdDDLsgsP3JP/vjf8+8qF8z98uuHfXVr9m86FB+75+auP/fNKth+A/vdyMdYV3+vq/mVqOf/+DwAAAPSFmPsHw0zkfwAAACiNmPvj/xWeyP8AAABQGjH3D4eZVCT/b3jXldmXL2SpmT8fxOvTbri3WC52XKfC1+PzC2qX3/PkzP/804XlrXswy7Jf3vsnLZffcG/crsJ42M7L7268fJGn71zWug/ffyGtt76//vVw//HxLPcwaFXBncqy7JmbvpyvZ/yTl/L57L2H83nfxccfqy3zwv7i63j7519XLP/Xofx78NiRhts/H/bDT8Ocen/r/RFv961Lb9249+ML64u3G9h8Y/6wn/hUcb/xfXK+8lixfNzPS23/d7701Ldqyz/45tbbf2Gw9fY/Fe73yTD/9w3F8vXPQe3reLsvhO2P64u3u+ub3225/Ze/WCx/5j3FcofDjOvfFr7e8p4rs/X768GBIw2PK3tvsVxc/9QP/yy/Pt5fvP/m7R87dKlhfzQfH8/+e3E/k03Lx8vjeqJ/bFp/7X7qj8+4/qf+9HDDfu60/sv3Pf+G2v02r/+OpuXOPLA9X//C/TW+Y9PffOHLLdcXt+fgP5xpeDwHPxJex2H9T3wqHI/h+v+7XNxf87srHP5I4/knLv/19RcaHk/0vl8U67/89uP5XDO2dt0Nr3r1jRffVNt3WfbcmuL+Oq3/+N+ebtj+b9xS7I94fezoN69/KXH9Zz83cer03PnZ6bRXH7kpf++cDxTbE7f3pnBubf760Olzn545Oz41PpVl4+V9C72r9s0wf16Mi+2Xnl90Bt1+f3g+b/urZ9Zt/bcvxcv/42PF5ZfeX3zfektY7ivh8vXh+VvZ+hd7YtMt+et74NmwhfOL3y/4Wmzc8t/7lrVgePzNPxfE4/3M6z+d74fadfn3jfi6vsbt//F0cT/fDvt1Prwz8+ZbFtZXv3x8b4RLHy1e79e8/8JpLj6vfx+e7w/+tLj/uF3x8f44/Bzz3Q2N57t4fHz7wmDz/efv4nExnE+yi8X1cam4vy+9cEvLzYvvQ5JdvDX/+s/T/dy6ooe5lLmH5iZPzJ46/+DkuZm5c5NzDz186OTp86fOHcrfy/PQZzrdfuH8tC4/P03P7Nmd5Wer08V4hV3v7T9z/9HpvVNbp2eOHTl/7Nz9Z2bOHj86N3d0Znpu65Fjx2Y+1+n2s9MHduzcv2vvzonjs9MH9u3fv2v/xOyp07XNKDaqgz1Tn504dfZQfpO5A7v377j77t1TEydPT88c2Ds1NXG+0+3z700TtVv/8cTZmRNHzs2enJmYm3145sCO/Xv27Oz4boAnzxybG588e/7U5Pm5mbOTxWMZP5dfXPve1+n2lNPcfxY/zzYbKN6IL/vwHXvS+7PWPPnokndVLNL0BqJXwnvRfP81Z/Yt5+uY+0fCTCqS/wEAAKAKYu4fDTOR/wEAAKA0Yu5fE2Yi/wMAAEBpxNw/Fmb6XwIqkv9L1//fcGFZ69f/1/+v31/6/xXr/3+01/r/xflC/787rrV/r/8f6P/r/+v/6//r/9MFvdb/j7l/bZb5938AAAAoqZj714WZyP8AAABQGjH33xBmIv8DAABAacTc/6owk4rkf/1//X/9/1L2/8farV//X/+/zPT/29P/70D/fzKrVv//Yje3X/9f/5/Feq3/H3P/q8NMKpL/AQAAoApi7r8xzET+BwAAgNKIuf+mMBP5HwAAAEoj5v71YSYVyf/6//r/+v+l7P+3Xb/+v/5/men/t6f/34H+v8//1//X/6ereq3/H3P/a8JMKpL/AQAAoApi7n9tmIn8DwAAAL1n+OpuFnP/68JMFuX/q1wBAAAAcN3F3H9z1lQEr8i//+v/6//r/+v/6/+3Xv/y+/9Dmf5/79D/b0//vwP9/xX150eavtb/1//X/6dZr/X/89yfjWWvDzOpSP4HAACAKoi5/5YwE/kfAAAASiPm/l8LM5H/AQAAoDRi7t8QZlKR/K//X5r+/0v1T53+/5XZl19a6OsP6f83rF//3+f/l5n+f3v6/x3o//v8f/1//X+6qtf6/zH33xpmUpH8DwAAAFUQc/9tYSbyPwAAAPSJwY5LxNz/62Em8j8AAACURsz9G8NMKpL/9f97vP8fm6M+/9/n/+v/92T/f0z/v+fo/7en/9+B/r/+v/6//j9d1Wv9/5j73xBmUpH8DwAAAFUQc/8bw0zkfwAAACiNmPvfFGYi/wMAAEBpxNw/HmZSkfyv/9/j/f+iBz+6jM//b6D/r//fbv36/z7/v8z0/9vT/+9A/1//X/9f/5+u6rX+f8z9m8JMKpL/AQAAoApi7t8cZiL/AwAAQGnE3H97mIn8DwAAAKURc/+WMJOK5H/9/77o/2f6//r/+v/6//r/y6P/357+fwf6//r/+v/6/3RVr/X/Y+5/c5hJRfI/AAAAVEHM/VvDTOR/AAAAKI2Y+98SZiL/AwAAQGnE3L8tzKQi+V//X/9f/1//X/+/9fr1//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/61hJhXJ/wAAAFAFMfdvDzOR/wEAAKA0Yu6/I8xE/gcAAIDSiLl/IsykIvlf/1//X/9f/1//v/X69f/7k/5/e/r/Hej/6//r/+v/01W91v+Puf/OMJOK5H8AAACogpj77wozkf8BAACgNGLunwwzkf8BAACgNGLunwozqUj+1//X/9f/1/9fUf//TQv3q/9f0P/vLfr/7en/d6D/r/9/3fv/I/r/lEqv9f9j7t8RZlKR/A8AAABVEHP/zjAT+R8AAABKI+b+XWEm8j8AAACURsz9u8NMKpL/9f/1//X/9f99/n/r9ev/9yf9//a63/+PD1H/X/9f/9/n/+v/s1iv9f9j7r87zKQi+R8AAACqIOb+PWEm8j8AAACURsz9e8NM5H8AAAAojZj794WZVCT/6//r/+v/6//r/7dev/5/f9L/b8/n/3eg/6//38f9/9qxpf9Pr+m1/n/M/fvDTCqS/wEAAKAKYu5/W5iJ/A8AAAClEXP/b4SZyP8AAABQGjH3/2aYSUXyv/6//n+v9/+LS0fzP/X/q9n/H9X/1/9fAf3/9vT/O9D/1//v4/6/z/+nF/Va/z/m/gNhJhXJ/wAAAFAFMff/VpiJ/A8AAAClEXP/28NM5H8AAAAojZj7D4aZVCT/6/+vUv8/Xqj/7/P/K9X/X9Nwuc//1/9fDfr/7en/d6D/r/+v/6//T1f1Wv8/5v53hJlUJP8DAABAFcTcf0+YifwPAAAApRFz/zvDTOR/AAAAKI2Y+98VZlKR/K//7/P/r3//f6Rh2/X/F27X//3/7nz+v/6//v9K6P+3p//fgf6//r/+v/4/XdVr/f+Y+98dZlKR/A8AAABVEHP/e8JM5H8AAAAojZj73xtmIv8DAABAacTc/74wk4rkf/1//f/r3//3+f/6/wX9f/3/btD/b0//vwP9f/1//X/9f7pqFfv/a7Nl9P9j7v/tMJOK5H8AAACogpj77w0zkf8BAACgNGLuf3+YifwPAAAApRFz/wfCTCqS//X/9f/1//X/9f9br1//vz/p/7fXZ/3/X90YLtf/L+j/9/b2r7T/P9z09SvS///JUv3/+TXNt9f/55Wwiv3/ln3/5q9j7v9gmElF8j8AAABUQcz9Hwozkf8BAACgNGLu/3CYifwPAAAApRFz/++EmVQk/+v/17Zjob2s/6//n1+g/6//r//ft/T/2+uz/r/P/2+i/9/b2+/z//X/WazX+v8x938kzKQi+R8AAACqIOb++8JM5H8AAAAojZj7PxpmIv8DAABAacTc/7Ewk4rkf/1/n/+v/6//r//fev36//1J/789/f8O9P/1/3ut//9f+v/0t17r/8fcf3+YSUXyPwAAAFRBzP0fDzOR/wEAAKA0Yu7/3TAT+R8AAABKI+b+T4SZVCT/6//3S/9/XP9f/1//v+nx6P/r/7ei/9+e/n8H+v/6/73W//f5//S5Xuv/x9z/yTCT5ef/sWUvCQAAAFwXMff/XphJRf79HwAAAKog5v7fDzOR/wEAAKA0Yu7/gzCTiuR//f9+6f/7/P9M/1//v+nx6P/r/7eyev3/eObR/9f/1/+P9P/1//X/adZr/f+Y+/8wzKQi+R8AAACqIOb+T4WZyP8AAADQF1r9P9nNYu4/FGYi/wMAAEBpxNx/OMykIvlf/1//X/+/R/v/f7n5X3/0gw8d3qH/r/+v/78iq/r5/7UXv8//1//X/0/0/1fe/6//Hqr/Txn1Wv8/5v4jYSYLwe8DPuAfAAAA+lvM/X8UZlKRf/8HAACAKoi5/2iYifwPAAAApRFz/3SYSUXyv/6//r/+f4/2//v48//j/uin/v/Emj7q/8eTrv5/S6va///4Qk9c/3+l/f/RlpdWqP8/kOn/d12L7f9+lmU93f+vp/9PGfVa/z/m/pkwk4rkfwAAAKiCkPsHjxVz4Qr5HwAAAEoj5v7jYSbyPwAAAJRGzP2fDjOpSP7X/9f/1//X//f5/63X37P9f5//35b+f3u90/9vrUL9f5///wq43tuv/6//z2K91v+PuX82zKQi+R8AAACqIOb+z4SZyP8AAABQGjH3fzbMRP4HAACA0oi5/0SYSUXyv/6//r/+v/6//n/r9ev/9yf9//b0/zvQ/9f/1//X/6ereq3/H3P/yTCTiuR/AAD+n737aLKsPu84fgcPxUyx8c4LL+y9XwILe22/AC+88cZVLi9wwDkxOEecowLKQgEFkBBKKAdACQllIQnlHFBGUo1K9PM80z19+tzumdvd5/6fz2ehBzWMzpVqCvjR89UBoIPc/TfGLfY/AAAADCN3/2/GLfY/AAAADCN3/2/FLU32v/5f/z9s///z+v+Dnq//1/+PTP8/T/+/hv5f/6//1/+zUUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+2+KW+x/AAAAGEbu/t+NW5rs/8v6/zOrnv1/Zrz6/5H6f+//P/D5+n/9/8hOtv+/5cd/5tP/6//1/0H/r//X/3O5pfX/uft/L25psv8BAACgg9z9vx+32P8AAAAwjNz9fxC32P8AAAAwjNz9fxi3NNn/3v/v/f/6f/2//n/6+fr/7eT9//M69f83PXT9jY/e/dP3HOX5+n/9v/5f/89mLa3/z93/R3FLk/0PAAAAHeTu/+O4xf4HAACAYeTu/5O4xf4HAACALXR+8qu5+/80bmmy//X/+n/9v/5f/z/9fP3/dtL/z+vU/1/J8/X/+n/9v/6fzVpa/5+7/8/ilib7HwAAADrI3f/ncYv9DwAAAMPI3X9z3GL/AwAAwDBy91+IW5rsf/3/8ff/P9T/6//j6v/1//r/46f/n6f/X0P/r//X/+v/2ail9f+5+2+JW5rsfwAAAOggd/9fxC32PwAAAAwjd/9fxi32PwAAAAwjd/9fxS1N9r/+3/v/9f/6f/3/9PP1/9tJ/z9P/7+G/v9q+/lr9f/6f/0/ux2x/39s5k/bG+n/c/f/ddzSZP8DAABAB7n7/yZusf8BAABgGLn7/zZusf8BAABgGLn7/y5uabL/9f/6f/2//v+K+//9P/Uep/+fpv8/GZvs/3f/uUn/v2Nj/f+Zs5Nf1v9vff/v/f/6f/0/eyzt/f+5+/8+bmmy/wEAAKCD3P3/ELfM7P8j/8N8AAAA4FTl7v/HuMX3/wEAAGDrZXWWu/+f4pYm+1//r//X/+v/vf9/+vlz/f89uz6f/n9ZvP9/3rH0/+dXq5X3/+v/9f/6f/0/E5bW/+fu/+e4pcn+BwAAgA5y998at9j/AAAAMIzc/f8St9j/AAAAMIzc/f8atzTZ/9P9/6Xfr/8/HP3/3s+v/5/++bGp/j//E6+2/19d9vXB+v9f8P7/nvT/8xbz/v8D6P/1/9v8+Qfv/8+v+/H6f6Ysrf/P3f9vcUuT/Q8AAAAd5O7/97jF/gcAAIBh5O7/j7jF/gcAAIBh5O7/z7ilyf73/n/9v/5/+/p/7//fcZrv/1+deP9/Vv9/SPr/efr/NfT/+n/9//z7/2f+XwD0/0xZWv+fu/+/4pYm+x8AAAA6yN3/33GL/Q8AAADbYfevHbj8F5SG3P3/E7fY/wAAADCM3P3/G7c02f/6f/2//l//r/+ffv6y+n/v/z8s/f88/f8a+v/j6OfPDtb/33bQj19C/3/zcff/M/T/TNnT/9976eun1f/n7v+/uKXJ/gcAAIAOcvf/f9xi/wMAAMAwcvc/IW6x/wEAAGAYufufGLc02f/H3v/PvCNU/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9dTqv/z93/pLilyf4HAACADnL3Pzlusf8BAABgGLn7b4ubrjm1TwQAAABsWu7+p8QtTb7/7/3/+n/9v/5f/z/9fP3/dtL/z9P/r6H/1//r//X/bNTS+v/c/U+NW5rsfwAAAOggd//T4hb7HwAAAIaRu//pcYv9DwAAAMPI3f+MuKXJ/tf/H2//n1/X/+v/V/p//b/+/0S07f/PTP2VaL8D+v8Hfv3CL+39iv5f/6//1//r/zmkn5z5fYvo/y9e+rvL3P3PjFua7H8AAADoIHf/s+IW+x8AAACGkbv/2XGL/Q8AAADDyN1/e9xyxP0/1zwsmf7f+//1//p//f/08/X/26lt/39I3v+/hv5f/6//1/+zUYvo/3f9+9z9z4lbfP8fAAAAhpG7/7lxi/0PAAAAw8jd/7y4xf4HAACAYeTuf37c0mT/6//1//p//b/+f/r5+v/tpP+fp/9fY5v6/9v1/1f4+e87rs+v/9f/s9/S+v/c/XfELU32PwAAAHSQu/8FcYv9DwAAAMPI3f/CuMX+BwAAgGHk7n9R3NJk/+v/9f/6f/2//n/6+fr/7aT/nzdA/39u9x9/Rf3/nTMfYKr/v3jdMvt/7/9f3OfX/+v/2W9p/X/u/hfHLU32PwAAAHSQu//OuMX+BwAAgGHk7r8rbrH/AQAAYBi5+18StzTZ//p//b/+X/+v/59+vv5/O+n/5w3Q/3v//0r/v9TPr//X/7Pf0vr/3P0vjVua7H8AAADoIHf/3XGL/Q8AAADDyN3/srjF/gcAAIBh5O6/J25psv/1//p//b/+X/8//Xz9/3Y6vv5/pf/X/+v/19D/6//1/1xuaf1/7v6Xxy1N9j8AAAB0kLv/FXGL/Q8AAADDyN3/yrjF/gcAAIBh5O5/VdzSZP/r//X/+n/9v/5/+vn6/+3k/f/z9P9r6P/1//p//T8bNd3/33xq/X/u/lfHLU32PwAAAHSQu//euMX+BwAAgGHk7n9N3GL/AwAAwDBy9782bmmy//X/+v+9/f9qpf/X/+v/d5xA/39upf/fOP3/PP3/Gvr/Mfv/a1YD9f/nD/zx+n+WaGnv/8/d/7q4pcn+BwAAgA5y978+brH/AQAAYBi5+98Qt9j/AAAAMIzc/W+MW5rsf/2//t/7//X/+v/p53v//3bS/8/T/6+h/x+z//f+f/0/p2Zp/X/u/jfFLU32PwAAAHSQu//NcYv9DwAAAMPI3f+WuMX+BwAAgGHk7n9r3NJk/+v/9f/6f/2//n/6+fr/7aT/n6f/X0P/r//X/+v/2ail9f+5+++LW5rsfwAAAOggd//9cYv9DwAAAMPI3f9A3GL/AwAAwDBy978tbmmy//X/+n/9/3b2/+f0//p//f+kpfT/N9zwiw/q//X/+n/9v/5f/9/d0vr/3P1vj1ua7H8AAADoIHf/O+IW+x8AAACGkbv/nXGL/Q8AAADDyN3/rrilyf7f3/9fu9opVHdM9f/RqOn/d9H/7/38+v/pnx/e/6//1/8fv6X0/97/f2WfX/+v/9/mz3+k/v9n9/94/T8jWlr/n7v/wbilyf4HAACADnL3vztusf8BAABgGLn73xO32P8AAAAwjNz9D8UtTfa/9//r//X/+n/9//Tz9f/b6fj6/52/R9D/6//1/wfT/w/y/v+f0P+zOUvr/3P3vzduabL/AQAAoIPc/e+LW+x/AAAAGEbu/vfHLfY/AAAADCN3/wfilib7X/+v/9f/6//1/9PP1/9vJ+//n6f/X6NP/39u6oun3c9frdP+/MP0/97/zwYtrf/P3f/BuKXJ/gcAAIAOcvd/KG6x/wEAAGAYufs/HLfY/wAAADCM3P0fiVua7H/9v/5//P7/V/X/lz1f/6//H5n+P/+KPk3/v0af/n/Saffz2/759f/6f/ZbWv+fu//huKXJ/gcAAIAOcvd/NG6x/wEAAGAYufs/FrfY/wAAADCM3P0fj1ua7H/9f6/+/8yqY//v/f/6f/1/J/r/efr/NfT/+n/9v/6fjVpa/5+7/5EzZ1vufwAAANhWv/xzv/HwYf/YRx7/13OrT8Qt9j8AAAAMI3f/J+MW+x8AAACGkbv/U3FLk/2v/+/V//d8/7/+X/+v/+9E/z9P/7+G/l//r//X/7NRS+v/c/d/Om7ZNfzOHvm/JQAAALAkufs/E7c0+f4/AAAAdJC7/7Nxy779f/GQv6odAAAAWJrc/Z+LW5p8/1//v/D+f3VM/X/8cfr/Hfp//f/U8/X/20n/P+8q+/+LZ/T/+v8Z+n/9v/6fyy2t/8/d//m4pcn+BwAAgEHt+ScKufu/ELfY/wAAADCM3P1fjFvsfwAAABhG7v4vxS1N9r/+/8T7/0zVj/H9/+frt7z/v3n/f+u5yefr//X/I9P/z/P+/zX0/6P0/9fp//X/LMPS+v/c/V+OW5rsfwAAAOggd/9X4hb7HwAAAIaRu/+rcYv9DwAAAMPI3f+1uKXJ/tf/L/z9/1fU/x/i/f/6/x79/wHPH6f//6nrL9z/K7921x36fy45yf4/fy7o//X/+v8dC+r/vf9f/89CbL7/P7vni0ft/3P3fz1uabL/AQAAoIPc/Y/GLfY/AAAADCN3/zfiFvsfAAAAhpG7/5txS5P9r//X/y+l/8//rU+h/7+wff1/NsXd+3/v/9f/7+f9//P0/2vo//X/+n/9Pxu1+f5/7xeP2v/n7v9W3NJk/wMAAEAHufu/Hbfk/j9z5H90DwAAACxM7v7vxC2+/w8AAADDyN3/3bilyf7X/+v/l9L/J+//v/TjvP9/xxj9/8/Ub+n/j9eV9Pe7fw7r/4P+X/+v/9f/6//ZgKX1/7n7vxe3NNn/AAAA0EHu/sfiFvsfAAAAhpG7//txi/0PAAAAw8jd/4O4pcn+1/+P2v9nEa//1//r/5fR/3v//0nx/v95+v819P/6f/2//p+NWlr/n7v/RwEAAP//auBn+g==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

3.912559706s ago: executing program 6 (id=4381):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, 0x0)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x20000000000001)

3.912139955s ago: executing program 5 (id=4382):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000000)="259a53f271a76d2688a24c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50)

3.813258729s ago: executing program 6 (id=4384):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb01002900000000000000240000002400008169d900020000000000000000008004002000030000000000000009000000000000007b0000000d020d6d270000d5645c82e80e16bc734534898d9b6765bfe47680a43e8ab79963510e81"], 0xffffffffffffffff, 0x3e, 0xb1, 0x2}, 0x20)

3.699502469s ago: executing program 6 (id=4385):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
socket$inet6(0xa, 0x80000, 0x10000)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={0x0, 0x2, 0xffffffffffffffff, 0xfffffffe})

3.699324429s ago: executing program 5 (id=4386):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000600)="001a0000000000", 0x7)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r2, 0x20, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000001640)=""/142, 0x8e}}, 0x10)

3.451154777s ago: executing program 36 (id=4386):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000600)="001a0000000000", 0x7)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r2, 0x20, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000001640)=""/142, 0x8e}}, 0x10)

2.677387201s ago: executing program 6 (id=4396):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_CMD(r0, 0x80506409, &(0x7f0000000100)={0x1, 0x30000, 0x40, 0x6dd, 0x20, 0x1, 0x2, 0x801, 0xffffff6f, 0x9, 0x100, 0x8, &(0x7f0000000000)=[0x8, 0x6, 0x1, 0x1, 0x2, 0x6, 0x808, 0x7, 0x7], 0x9, 0x0})

2.5453174s ago: executing program 6 (id=4398):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x11, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0)

2.502455505s ago: executing program 6 (id=4399):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x10}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, &(0x7f0000000000)={0x40, 0x1, 0x9, "ec0b0b4a65177e3a49"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

995.024362ms ago: executing program 2 (id=4406):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008132, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)

994.526933ms ago: executing program 2 (id=4407):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001900)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000000c0)="5bdbd57a0e656889964df9937f561de9b944d1e381fed329742e239cb13cf2af711d48d2f15b3118abd8fd087f117830209a631f9dfbec5cbbbb2216a2d87dfb0d7dd906c594125a10053c8e288ac4445ff0e999d423cc250e31e8650d248e49ba5fb3be8db01db38acf5a4455630ecb10f753530ada6598a1ff4805370a5cebf05e199368871b2751c242633419d13a6b05a390d21ab1d44be1254385b3d882c646f9762bf3480e05e98c9cc655adb7caa279e66709794e3b93cda0b9a14794e6d020cc68ea70e71a083e1a2b375591203ce218e8d244cf32f5dd7af0ee", 0xde}], 0x1, 0x0, 0x0, 0x2}], 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000078000000090a010400000000000000000100fffd08000a40000000000900020073797a31000000000900010073797a300000000008000540000000253c0011800a0001006c696d69740000002c0002800c000240000000000000000308000440000000010c000140"], 0xc0}, 0x1, 0x0, 0x0, 0x40c0}, 0xc4)

873.356941ms ago: executing program 2 (id=4408):
syz_usb_connect(0x2, 0x43, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3233910daa65874452d010203010902310001080010000904df0003080662ff"], 0x0)

245.616842ms ago: executing program 2 (id=4409):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2c, 0x1, 0x9, 0x3, 0x0, 0x0, {0x3}, [@NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @loopback}}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc090}, 0x8040)

138.424553ms ago: executing program 2 (id=4410):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

0s ago: executing program 2 (id=4411):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000200)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)

kernel console output (not intermixed with test programs):

any interfaces: 92, using maximum allowed: 32
[  293.694547][  T791] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  293.700030][  T791] usb 2-1: config 1 has no interface number 0
[  293.704712][  T791] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  293.714846][  T791] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  293.720269][  T791] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  293.722936][  T791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.735166][  T791] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  293.785207][T12285] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  293.894681][T12289] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2503'.
[  294.304522][  T791] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  294.515846][  T791] usb 2-1: USB disconnect, device number 32
[  294.518848][  T791] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  294.935105][T12324] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  295.301735][T12347] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  295.308250][T12347] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  295.311139][T12347] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  296.165005][T12359] program syz.1.2536 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  296.485097][T12370] loop1: detected capacity change from 0 to 512
[  296.499558][T12370] EXT4-fs: Ignoring removed nomblk_io_submit option
[  296.510931][T12370] EXT4-fs: old and new quota format mixing
[  297.220675][T12372] loop1: detected capacity change from 0 to 40427
[  297.226363][T12372] F2FS-fs: heap/no_heap options were deprecated
[  297.237537][T12372] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  297.240245][T12372] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  297.243375][T12372] F2FS-fs (loop1): build fault injection type: 0x0
[  297.265183][T12372] F2FS-fs (loop1): invalid crc value
[  297.355092][T12372] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  297.360744][T12372] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  297.363796][T12372] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  297.410083][T12380] loop4: detected capacity change from 0 to 256
[  297.414688][T12380] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  297.683487][T12394] netlink: 'syz.4.2553': attribute type 4 has an invalid length.
[  297.893893][T12403] trusted_key: encrypted_key: master key parameter is missing
[  297.924928][   T33] audit: type=1326 audit(1755119921.779:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12404 comm="syz.2.2557" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff59e38ebe9 code=0x0
[  299.140637][T12421] netlink: 'syz.2.2563': attribute type 9 has an invalid length.
[  299.147264][T12421] netlink: 147436 bytes leftover after parsing attributes in process `syz.2.2563'.
[  299.269874][T12427] 9pnet_virtio: no channels available for device syz
[  299.452152][T12419] loop4: detected capacity change from 0 to 40427
[  299.479295][T12419] F2FS-fs (loop4): invalid crc value
[  299.599566][T12419] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  299.623351][T12419] F2FS-fs (loop4): Start checkpoint disabled!
[  299.661200][T12419] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  299.722458][   T84] kworker/u9:3: attempt to access beyond end of device
[  299.722458][   T84] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  299.732151][   T84] CPU: 1 UID: 0 PID: 84 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  299.732177][   T84] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  299.732187][   T84] Workqueue: writeback wb_workfn (flush-7:4)
[  299.732213][   T84] Call Trace:
[  299.732219][   T84]  <TASK>
[  299.732226][   T84]  dump_stack_lvl+0x189/0x250
[  299.732251][   T84]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.732268][   T84]  ? __pfx_queue_work_on+0x10/0x10
[  299.732282][   T84]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  299.732300][   T84]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  299.732327][   T84]  f2fs_handle_critical_error+0x37c/0x540
[  299.732353][   T84]  f2fs_write_end_io+0x886/0xb60
[  299.732391][   T84]  __submit_merged_bio+0x27a/0x6a0
[  299.732415][   T84]  __submit_merged_write_cond+0x255/0x530
[  299.732440][   T84]  f2fs_write_data_pages+0x261d/0x3000
[  299.732492][   T84]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  299.732523][   T84]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  299.732577][   T84]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  299.732615][   T84]  ? look_up_lock_class+0x74/0x170
[  299.732644][   T84]  ? trace_f2fs_writepages+0x7f/0x200
[  299.732663][   T84]  ? f2fs_write_node_pages+0x478/0x6e0
[  299.732685][   T84]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  299.732716][   T84]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  299.732736][   T84]  do_writepages+0x32e/0x550
[  299.732761][   T84]  ? reacquire_held_locks+0x127/0x1d0
[  299.732780][   T84]  ? writeback_sb_inodes+0x384/0x1010
[  299.732808][   T84]  __writeback_single_inode+0x145/0xff0
[  299.732826][   T84]  ? do_raw_spin_unlock+0x4d/0x240
[  299.732848][   T84]  writeback_sb_inodes+0x6c7/0x1010
[  299.732892][   T84]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  299.732951][   T84]  ? rcu_is_watching+0x15/0xb0
[  299.732975][   T84]  wb_writeback+0x43b/0xaf0
[  299.733001][   T84]  ? queue_io+0x351/0x590
[  299.733021][   T84]  ? __pfx_wb_writeback+0x10/0x10
[  299.733048][   T84]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.733069][   T84]  wb_workfn+0x409/0xef0
[  299.733128][   T84]  ? __pfx_wb_workfn+0x10/0x10
[  299.733148][   T84]  ? __lock_acquire+0xab9/0xd20
[  299.733181][   T84]  ? process_scheduled_works+0x9ef/0x17b0
[  299.733202][   T84]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.733215][   T84]  ? process_scheduled_works+0x9ef/0x17b0
[  299.733228][   T84]  ? process_scheduled_works+0x9ef/0x17b0
[  299.733244][   T84]  process_scheduled_works+0xae1/0x17b0
[  299.733288][   T84]  ? __pfx_process_scheduled_works+0x10/0x10
[  299.733327][   T84]  worker_thread+0x8a0/0xda0
[  299.733345][   T84]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  299.733369][   T84]  ? __kthread_parkme+0x7b/0x200
[  299.733396][   T84]  kthread+0x711/0x8a0
[  299.733416][   T84]  ? __pfx_worker_thread+0x10/0x10
[  299.733430][   T84]  ? __pfx_kthread+0x10/0x10
[  299.733449][   T84]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.733464][   T84]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.733479][   T84]  ? __pfx_kthread+0x10/0x10
[  299.733498][   T84]  ret_from_fork+0x3fc/0x770
[  299.733516][   T84]  ? __pfx_ret_from_fork+0x10/0x10
[  299.733536][   T84]  ? __switch_to_asm+0x39/0x70
[  299.733553][   T84]  ? __switch_to_asm+0x33/0x70
[  299.733569][   T84]  ? __pfx_kthread+0x10/0x10
[  299.733588][   T84]  ret_from_fork_asm+0x1a/0x30
[  299.733622][   T84]  </TASK>
[  299.748135][T12442] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.2572'.
[  299.752350][   T84] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  299.966809][T12450] loop1: detected capacity change from 0 to 47
[  300.272848][T12461] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.2581' resets device
[  300.457101][T12470] loop4: detected capacity change from 0 to 256
[  300.467311][T12470] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  300.744419][T12484] tipc: Started in network mode
[  300.746702][T12484] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  300.753010][T12484] tipc: Enabled bearer <eth:vlan0>, priority 10
[  300.830363][ T1273] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  301.986761][ T1911] tipc: Node number set to 10005162
[  302.005773][ T1273] usb 5-1: Using ep0 maxpacket: 32
[  302.009785][ T1273] usb 5-1: unable to get BOS descriptor or descriptor too short
[  302.014112][ T1273] usb 5-1: config 0 has an invalid interface number: 223 but max is 0
[  302.018237][ T1273] usb 5-1: config 0 has no interface number 0
[  302.020783][ T1273] usb 5-1: config 0 interface 223 altsetting 2 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  302.027565][ T1273] usb 5-1: config 0 interface 223 altsetting 2 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  302.035263][ T1273] usb 5-1: config 0 interface 223 has no altsetting 0
[  302.047930][ T1273] usb 5-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=86.21
[  302.053964][ T1273] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.058064][ T1273] usb 5-1: Product: syz
[  302.059595][ T1273] usb 5-1: Manufacturer: syz
[  302.061383][ T1273] usb 5-1: SerialNumber: syz
[  302.127729][ T1273] usb 5-1: config 0 descriptor??
[  302.137754][ T1273] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  302.219110][T12499] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.220438][ T6033] udevd[6033]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.223/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  302.221943][T12499] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.344439][ T5984] usb 5-1: USB disconnect, device number 21
[  302.388391][T12499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.400227][T12499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.461154][T12499] tipc: Resetting bearer <eth:vlan0>
[  302.534727][T12499] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  302.537579][T12499] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  302.562650][T12499] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  302.581571][T12499] xfrm1: left promiscuous mode
[  302.583656][T12499] xfrm1: left allmulticast mode
[  302.586941][T12499] vti0: left promiscuous mode
[  302.598391][   T13] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.606292][   T13] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.611405][   T13] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.614981][   T13] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.830117][T12513] netlink: 'syz.2.2604': attribute type 4 has an invalid length.
[  302.833220][T12513] netlink: 14345 bytes leftover after parsing attributes in process `syz.2.2604'.
[  302.907160][  T791] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  303.056702][  T791] usb 2-1: Using ep0 maxpacket: 16
[  303.061594][  T791] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  303.064929][  T791] usb 2-1: config 0 has no interface number 0
[  303.072230][  T791] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[  303.085892][  T791] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  303.099741][  T791] usb 2-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c
[  303.114035][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.124178][  T791] usb 2-1: Product: syz
[  303.135810][  T791] usb 2-1: Manufacturer: syz
[  303.137670][  T791] usb 2-1: SerialNumber: syz
[  303.157560][  T791] usb 2-1: config 0 descriptor??
[  303.165990][  T791] cypress_m8 2-1:0.35: Nokia CA-42 V2 Adapter converter detected
[  303.390146][  T791] usb 2-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0
[  303.400027][  T791] usb 2-1: USB disconnect, device number 33
[  303.418679][  T791] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0
[  303.429201][  T791] cypress_m8 2-1:0.35: device disconnected
[  303.523575][T12540] loop4: detected capacity change from 0 to 32768
[  303.598722][T12540] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  303.598739][T12540]   allowing incompatible features above 0.0: (unknown version)
[  303.598745][T12540]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  303.611130][T12540] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  303.614236][T12540] bcachefs (loop4): initializing new filesystem
[  303.622484][T12540] bcachefs (loop4): going read-write
[  303.632110][T12540] bcachefs (loop4): marking superblocks
[  303.638173][T12540] bcachefs (loop4): initializing freespace
[  303.641939][T12540] bcachefs (loop4): done initializing freespace
[  303.645190][T12540] bcachefs (loop4): reading snapshots table
[  303.647502][T12540] bcachefs (loop4): reading snapshots done
[  303.691624][T12540] bcachefs (loop4): done starting filesystem
[  303.714758][   T33] audit: type=1800 audit(1755119927.569:56): pid=12540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2616" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  303.899412][T12555] bcachefs (loop4): requested incompat feature 1.16: reflink_p_may_update_opts currently not enabled, allowed up to 1.16: reflink_p_may_update_opts
[  303.899412][T12555]   set version_upgrade=incompat to enable
[  304.215880][   T33] audit: type=1800 audit(1755119928.069:57): pid=12554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2616" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  304.418114][ T8301] bcachefs (loop4): shutting down
[  304.420254][ T8301] bcachefs (loop4): going read-only
[  304.422409][ T8301] bcachefs (loop4): finished waiting for writes to stop
[  304.429647][ T8301] bcachefs (loop4): flushing journal and stopping allocators, journal seq 93
[  304.478818][ T8301] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 93
[  304.486940][ T8301] bcachefs (loop4): clean shutdown complete, journal seq 94
[  304.535477][ T8301] bcachefs (loop4): marking filesystem clean
[  304.770101][ T8301] bcachefs (loop4): shutdown complete
[  305.366677][T12570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2624'.
[  306.008586][T12588] bridge1: entered promiscuous mode
[  306.325948][ T1273] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  306.488469][ T1273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.498988][ T1273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.504853][T12602] netlink: 'syz.2.2637': attribute type 4 has an invalid length.
[  306.508374][ T1273] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  306.511994][ T1273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.538743][ T1273] usb 5-1: config 0 descriptor??
[  306.964333][ T1273] playstation 0003:054C:0DF2.0011: unknown main item tag 0x0
[  306.967483][ T1273] playstation 0003:054C:0DF2.0011: unknown main item tag 0x0
[  306.970500][ T1273] playstation 0003:054C:0DF2.0011: unknown main item tag 0x0
[  306.973693][ T1273] playstation 0003:054C:0DF2.0011: unknown main item tag 0x0
[  306.977482][ T1273] playstation 0003:054C:0DF2.0011: unknown main item tag 0x0
[  306.997354][ T1273] playstation 0003:054C:0DF2.0011: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0
[  307.158431][ T1273] playstation 0003:054C:0DF2.0011: Invalid reportID received, expected 9 got 0
[  307.161258][ T1273] playstation 0003:054C:0DF2.0011: Failed to retrieve DualSense pairing info: -22
[  307.166222][ T1273] playstation 0003:054C:0DF2.0011: Failed to get MAC address from DualSense
[  307.169433][ T1273] playstation 0003:054C:0DF2.0011: Failed to create dualsense.
[  307.179049][ T1273] playstation 0003:054C:0DF2.0011: probe with driver playstation failed with error -22
[  307.391496][  T791] usb 5-1: USB disconnect, device number 22
[  307.475226][T12625] overlayfs: failed to clone upperpath
[  309.179776][T12648] tipc: Failed to remove unknown binding: 66,1,1/10005162:171609408/171609410
[  310.685213][T12680] loop4: detected capacity change from 0 to 256
[  310.744349][T12680] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  310.764398][T12680] FAT-fs (loop4): Filesystem has been set read-only
[  310.772869][T12680] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  310.779098][T12680] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  311.001360][ T1273] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  311.034863][T12696] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2677'.
[  311.172393][ T1273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.176617][ T1273] usb 2-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  311.180192][ T1273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.198353][ T1273] usb 2-1: config 0 descriptor??
[  311.566019][T12698] loop4: detected capacity change from 0 to 32768
[  311.632648][ T1273] itetech 0003:258A:6A88.0012: ignoring exceeding usage max
[  311.652360][T12698] JBD2: Ignoring recovery information on journal
[  311.717587][ T1273] itetech 0003:258A:6A88.0012: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.1-1/input0
[  311.751556][T12698] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  311.855313][ T1273] usb 2-1: USB disconnect, device number 34
[  311.927796][ T8301] ocfs2: Unmounting device (7,4) on (node local)
[  312.277761][T12732] netlink: 200 bytes leftover after parsing attributes in process `syz.4.2690'.
[  312.636142][ T5964] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  312.761107][T12743] loop1: detected capacity change from 0 to 32768
[  312.793589][T12743] JBD2: Ignoring recovery information on journal
[  312.801576][ T5964] usb 5-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  312.813611][ T5964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.830444][ T5964] usb 5-1: config 0 descriptor??
[  312.840318][ T5964] gspca_main: sunplus-2.14.0 probing 055f:c420
[  312.862986][T12743] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  312.963134][ T5938] ocfs2: Unmounting device (7,1) on (node local)
[  313.510674][T12771] openvswitch: netlink: Multiple metadata blocks provided
[  313.979155][ T5964] gspca_sunplus: reg_w_riv err -71
[  313.981275][ T5964] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  313.994444][ T5964] usb 5-1: USB disconnect, device number 23
[  314.456755][ T5964] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  314.614810][ T5964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.619449][ T5964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.622692][ T5964] usb 5-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  314.625349][ T5964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.631443][ T5964] usb 5-1: config 0 descriptor??
[  314.905853][  T791] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  315.041597][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.044709][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.047880][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.050640][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.053331][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.056746][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.059265][ T5964] elo 0003:04E7:0030.0013: unknown main item tag 0x0
[  315.063685][ T5964] elo 0003:04E7:0030.0013: hidraw0: USB HID v0.00 Device [HID 04e7:0030] on usb-dummy_hcd.4-1/input0
[  315.075766][  T791] usb 2-1: Using ep0 maxpacket: 8
[  315.079197][  T791] usb 2-1: config 8 has an invalid interface number: 125 but max is 0
[  315.081718][  T791] usb 2-1: config 8 has no interface number 0
[  315.085676][  T791] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=26.ec
[  315.088928][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.091442][  T791] usb 2-1: Product: syz
[  315.092782][  T791] usb 2-1: Manufacturer: syz
[  315.094232][  T791] usb 2-1: SerialNumber: syz
[  315.102540][  T791] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[  315.250035][ T5964] usb 5-1: USB disconnect, device number 24
[  315.308211][  T791] gspca_m5602: Failed to find a sensor
[  315.312359][  T791] ALi m5602 2-1:8.125: ALi m5602 webcam failed
[  315.317302][  T791] usb 2-1: USB disconnect, device number 35
[  315.445066][   T33] audit: type=1326 audit(1755119939.299:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12789 comm="syz.2.2716" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7fc00000
[  315.969876][T12809] loop1: detected capacity change from 0 to 512
[  315.979737][T12809] EXT4-fs warning (device loop1): ext4_multi_mount_protect:329: MMP interval 2680 higher than expected, please wait.
[  315.979737][T12809] 
[  315.994495][T12809] EXT4-fs warning (device loop1): ext4_multi_mount_protect:332: MMP startup interrupted, failing mount
[  315.994495][T12809] 
[  316.419709][T12840] tc_dump_action: action bad kind
[  316.714435][T12848] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2737'.
[  316.721488][T12848] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2737'.
[  316.824995][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  316.827853][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  317.025833][  T791] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  317.180853][  T791] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  317.184381][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.195870][  T791] usb 2-1: Product: syz
[  317.197200][  T791] usb 2-1: Manufacturer: syz
[  317.199199][  T791] usb 2-1: SerialNumber: syz
[  317.208367][  T791] usb 2-1: config 0 descriptor??
[  317.648018][  T791] usb 2-1: Firmware: major: 0, minor: 101, hardware type: UNKNOWN (114)
[  317.847916][  T791] usb 2-1: failed to fetch extended address, random address set
[  317.852824][  T791] usb 2-1: atusb_probe: initialization failed, error = -524
[  317.862249][  T791] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  317.874742][  T791] usb 2-1: USB disconnect, device number 36
[  318.411798][T12878] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2750'.
[  318.421688][T12878] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  318.957225][T12892] loop4: detected capacity change from 0 to 40427
[  318.986884][T12892] F2FS-fs (loop4): invalid crc value
[  319.066965][T12892] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  319.075658][T12892] F2FS-fs (loop4): Start checkpoint disabled!
[  319.082296][T12892] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  319.194899][T12916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  319.207501][T12916] IPVS: Unknown mcast interface: vcan0
[  319.577742][T12932] loop1: detected capacity change from 0 to 1764
[  319.622610][T12932] iso9660: Corrupted directory entry in block 2 of inode 1920
[  319.758970][T12935] loop1: detected capacity change from 0 to 512
[  319.941993][T12935] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  319.961910][T12935] System zones: 1-12
[  320.016878][T12935] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 3: comm syz.1.2778: lblock 0 mapped to illegal pblock 3 (length 1)
[  320.052626][T12935] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.2778: error -117 reading directory block
[  320.062388][T12935] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  320.074194][T12935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.080482][T12935] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #2: comm syz.1.2778: corrupted xattr block 255: invalid header
[  320.107702][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.126694][T12942] overlayfs: failed to clone upperpath
[  320.141154][T12942] overlayfs: failed to clone upperpath
[  320.230415][   T33] audit: type=1326 audit(1755119944.089:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12947 comm="syz.2.2783" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x0
[  320.369503][T12946] loop1: detected capacity change from 0 to 32768
[  320.372287][T12946] btrfs: Deprecated parameter 'usebackuproot'
[  320.374212][T12946] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  320.381457][T12946] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2782 (12946)
[  320.405816][T12946] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  320.413928][T12946] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  320.418421][T12946] BTRFS info (device loop1): using free-space-tree
[  320.461960][ T1087] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  320.476824][T12946] BTRFS warning (device loop1): couldn't read tree root
[  320.479408][T12946] BTRFS warning (device loop1): try to load backup roots slot 1
[  320.483621][   T28] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  320.492626][T12946] BTRFS warning (device loop1): couldn't read tree root
[  320.495944][T12946] BTRFS warning (device loop1): try to load backup roots slot 2
[  320.498879][   T28] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  320.502744][T12946] BTRFS warning (device loop1): couldn't read tree root
[  320.505224][T12946] BTRFS warning (device loop1): try to load backup roots slot 3
[  320.527737][T12946] BTRFS info (device loop1): rebuilding free space tree
[  320.541479][T12946] BTRFS info (device loop1): checking UUID tree
[  321.208184][ T5938] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  321.842169][T12997] loop1: detected capacity change from 0 to 4096
[  322.265695][ T1273] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  322.523022][ T1273] usb 2-1: unable to get BOS descriptor or descriptor too short
[  322.533692][ T1273] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  322.538122][ T1273] usb 2-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  322.543082][ T1273] usb 2-1: config 1 interface 0 has no altsetting 1
[  322.549477][ T1273] usb 2-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  322.554242][ T1273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.557514][ T1273] usb 2-1: Product: syz
[  322.559152][ T1273] usb 2-1: Manufacturer: syz
[  322.560994][ T1273] usb 2-1: SerialNumber: syz
[  322.571416][ T1273] smsusb:smsusb_probe: board id=8, interface number 0
[  322.765922][ T5984] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  322.773518][ T1273] smsusb:smsusb_probe: Device initialized with return code -19
[  322.918479][ T5984] usb 5-1: config 6 has an invalid interface number: 2 but max is 0
[  322.922136][ T5984] usb 5-1: config 6 has no interface number 0
[  322.924906][ T5984] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  322.930947][ T5984] usb 5-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  322.936256][ T5984] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  322.942812][ T5984] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  322.946991][ T5984] usb 5-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3
[  322.950294][ T5984] usb 5-1: Product: syz
[  322.952027][ T5984] usb 5-1: Manufacturer: syz
[  322.953943][ T5984] usb 5-1: SerialNumber: syz
[  322.964528][ T5984] hso 5-1:6.2: Failed to find INT IN ep
[  322.986022][  T791] usb 2-1: USB disconnect, device number 37
[  323.173155][ T1273] usb 5-1: USB disconnect, device number 25
[  323.522033][T13036] loop1: detected capacity change from 0 to 512
[  323.526194][T13036] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  323.545882][T13036] EXT4-fs (loop1): 1 truncate cleaned up
[  323.553765][T13036] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.595009][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.849944][T13051] netdevsim netdevsim4: Firmware load for '../file0/../file0/../file0' refused, path contains '..' component
[  323.875858][ T5984] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  323.917423][T13055] loop4: detected capacity change from 0 to 4096
[  323.936355][T13058] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  323.953118][T13055] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  323.964461][T13055] Remounting filesystem read-only
[  324.058989][ T5984] usb 2-1: Using ep0 maxpacket: 16
[  324.061286][T13068] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2828'.
[  324.066335][ T5984] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  324.069473][ T5984] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  324.085358][ T5984] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  324.092465][ T5984] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.095385][ T5984] usb 2-1: Product: syz
[  324.099976][ T5984] usb 2-1: Manufacturer: syz
[  324.101677][ T5984] usb 2-1: SerialNumber: syz
[  324.119345][ T5984] usb 2-1: selecting invalid altsetting 1
[  324.301563][T13087] netlink: 9280 bytes leftover after parsing attributes in process `syz.2.2837'.
[  324.533896][T13092] loop4: detected capacity change from 0 to 32768
[  324.645860][T13092] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  324.645876][T13092]   allowing incompatible features above 0.0: (unknown version)
[  324.645882][T13092]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  324.660858][T13092] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  324.663459][T13092] bcachefs (loop4): initializing new filesystem
[  324.671589][T13092] bcachefs (loop4): going read-write
[  324.678334][T13092] bcachefs (loop4): marking superblocks
[  324.685236][T13092] bcachefs (loop4): initializing freespace
[  324.689664][T13092] bcachefs (loop4): done initializing freespace
[  324.692951][T13092] bcachefs (loop4): reading snapshots table
[  324.695230][T13092] bcachefs (loop4): reading snapshots done
[  324.735789][T13092] bcachefs (loop4): done starting filesystem
[  324.765778][ T5984] usb 2-1: selecting invalid altsetting 1
[  324.768197][ T5984] cdc_ncm 2-1:1.0: bind() failure
[  324.768476][T13111] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2844'.
[  324.845236][ T8301] bcachefs (loop4): shutting down
[  324.853515][ T8301] bcachefs (loop4): going read-only
[  324.856586][ T8301] bcachefs (loop4): finished waiting for writes to stop
[  324.863766][ T8301] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  324.919256][ T8301] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  324.929758][ T8301] bcachefs (loop4): clean shutdown complete, journal seq 4
[  324.933169][ T8301] bcachefs (loop4): marking filesystem clean
[  324.957842][ T1273] usb 2-1: USB disconnect, device number 38
[  324.989370][ T8301] bcachefs (loop4): shutdown complete
[  325.838978][T13132] loop1: detected capacity change from 0 to 32768
[  326.038170][T13133] [U] ^C
[  326.328755][ T5984] libceph: connect (1)[c::]:6789 error -101
[  326.331840][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[  326.395179][T13145] ceph: No mds server is up or the cluster is laggy
[  326.481341][T13155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2863'.
[  326.516120][T13155] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2863'.
[  328.652490][T13214] netlink: 'syz.1.2887': attribute type 1 has an invalid length.
[  328.658544][T13214] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2887'.
[  328.724259][T13218] netlink: 'syz.1.2889': attribute type 14 has an invalid length.
[  328.776998][   T33] audit: type=1326 audit(1755119952.639:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.784401][   T33] audit: type=1326 audit(1755119952.639:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.793224][   T33] audit: type=1326 audit(1755119952.649:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.800634][   T33] audit: type=1326 audit(1755119952.649:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.809437][   T33] audit: type=1326 audit(1755119952.649:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.835693][   T33] audit: type=1326 audit(1755119952.659:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.849535][   T33] audit: type=1326 audit(1755119952.659:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.860175][T13224] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[  328.864938][   T33] audit: type=1326 audit(1755119952.659:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.1.2891" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a818ebe9 code=0x7ffc0000
[  328.882229][T13226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2893'.
[  328.908512][T13226] vlan2: entered allmulticast mode
[  329.185840][ T1911] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  329.335697][ T1911] usb 2-1: Using ep0 maxpacket: 16
[  329.344165][ T1911] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  329.352046][ T1911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.358107][ T1911] usb 2-1: config 0 descriptor??
[  329.368336][ T1911] gspca_main: sonixj-2.14.0 probing 0471:0327
[  329.534719][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  329.546076][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  329.553969][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  329.560606][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  329.564047][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  329.781936][T13238] chnl_net:caif_netlink_parms(): no params data found
[  329.930145][T13238] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.933292][T13238] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.939779][T13238] bridge_slave_0: entered allmulticast mode
[  329.944033][T13238] bridge_slave_0: entered promiscuous mode
[  329.954287][T13238] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.959754][T13238] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.962777][T13238] bridge_slave_1: entered allmulticast mode
[  329.969424][T13238] bridge_slave_1: entered promiscuous mode
[  330.028149][T13238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.035134][T13238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.089064][T13238] team0: Port device team_slave_0 added
[  330.094697][T13238] team0: Port device team_slave_1 added
[  330.154121][T13238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.162905][T13238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.174817][T13238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.181659][T13238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.184530][T13238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.195741][T13238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.251980][T13238] hsr_slave_0: entered promiscuous mode
[  330.255490][T13238] hsr_slave_1: entered promiscuous mode
[  330.534832][T13238] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  330.553025][T13238] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  330.568874][T13238] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  330.585059][T13238] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  330.737301][T13238] 8021q: adding VLAN 0 to HW filter on device bond0
[  330.780184][T13238] 8021q: adding VLAN 0 to HW filter on device team0
[  330.801173][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.804199][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.821433][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.824399][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.975725][ T1911] gspca_sonixj: i2c_w8 err -71
[  330.995863][ T1911] sonixj 2-1:0.0: probe with driver sonixj failed with error -71
[  331.001056][ T1911] usb 2-1: USB disconnect, device number 39
[  331.095846][T13272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2909'.
[  331.481730][T13238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  331.616016][ T5941] Bluetooth: hci1: command tx timeout
[  331.752991][T13238] veth0_vlan: entered promiscuous mode
[  331.769661][T13238] veth1_vlan: entered promiscuous mode
[  331.779051][T13289] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2913'.
[  331.826549][T13238] veth0_macvtap: entered promiscuous mode
[  331.841082][T13238] veth1_macvtap: entered promiscuous mode
[  331.856345][T13238] batman_adv: batadv0: Interface activated: batadv_slave_0
[  331.867247][T13238] batman_adv: batadv0: Interface activated: batadv_slave_1
[  331.878792][ T5963] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.887879][ T5963] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.920050][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.946848][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.049886][T12974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.060279][T12974] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.093572][T12974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.100638][T12974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.018044][T13372] loop1: detected capacity change from 0 to 16
[  333.048241][T13372] erofs (device loop1): mounted with root inode @ nid 36.
[  333.606251][T13399] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2925'.
[  333.696349][ T5941] Bluetooth: hci1: command tx timeout
[  334.025938][    T9] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  334.045835][  T791] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  334.185744][    T9] usb 2-1: Using ep0 maxpacket: 16
[  334.192586][    T9] usb 2-1: config 0 has an invalid interface number: 68 but max is 0
[  334.221059][  T791] usb 6-1: Using ep0 maxpacket: 16
[  334.226322][    T9] usb 2-1: config 0 has no interface number 0
[  334.228576][    T9] usb 2-1: config 0 interface 68 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.233653][  T791] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  334.240188][  T791] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  334.244372][  T791] usb 6-1: config 0 has no interface number 0
[  334.249906][    T9] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[  334.253428][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.258310][    T9] usb 2-1: Product: syz
[  334.259660][    T9] usb 2-1: Manufacturer: syz
[  334.261153][    T9] usb 2-1: SerialNumber: syz
[  334.263536][  T791] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  334.267792][  T791] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.270724][    T9] usb 2-1: config 0 descriptor??
[  334.281758][  T791] usb 6-1: Product: syz
[  334.283937][  T791] usb 6-1: Manufacturer: syz
[  334.287957][  T791] usb 6-1: SerialNumber: syz
[  334.298364][  T791] usb 6-1: config 0 descriptor??
[  334.306625][  T791] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[  334.309921][  T791] usb 6-1: No valid video chain found.
[  334.316029][    T9] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  334.478914][ T1273] usb 2-1: USB disconnect, device number 40
[  334.481434][ T5945] usb 2-1: Failed to submit usb control message: -71
[  334.484893][ T5945] usb 2-1: unable to send the bmi data to the device: -71
[  334.489082][ T5945] usb 2-1: unable to get target info from device
[  334.491966][ T5945] usb 2-1: could not get target info (-71)
[  334.494691][ T5945] usb 2-1: could not probe fw (-71)
[  334.506860][    T9] usb 6-1: USB disconnect, device number 2
[  335.104678][T13427] loop5: detected capacity change from 0 to 2048
[  335.177596][T13427] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.181844][T13432] netlink: 384 bytes leftover after parsing attributes in process `syz.1.2940'.
[  335.244773][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.251093][T13435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2941'.
[  335.776962][ T5941] Bluetooth: hci1: command tx timeout
[  335.925935][ T5984] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  335.999939][T13461] loop1: detected capacity change from 0 to 32768
[  336.003191][T13461] XFS: noikeep mount option is deprecated.
[  336.031981][T13461] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  336.052891][T13461] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  336.064874][T13461] XFS (loop1): Starting recovery (logdev: internal)
[  336.077799][ T5984] usb 6-1: Using ep0 maxpacket: 32
[  336.078504][T13461] XFS (loop1): Ending recovery (logdev: internal)
[  336.081983][ T5984] usb 6-1: config 4 has an invalid interface number: 10 but max is 0
[  336.085067][ T5984] usb 6-1: config 4 has no interface number 0
[  336.087411][ T5984] usb 6-1: config 4 interface 10 has no altsetting 0
[  336.099829][ T5984] usb 6-1: New USB device found, idVendor=0979, idProduct=0280, bcdDevice=98.4c
[  336.102774][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.105307][ T5984] usb 6-1: Product: syz
[  336.109232][ T5984] usb 6-1: Manufacturer: syz
[  336.111195][ T5984] usb 6-1: SerialNumber: syz
[  336.114787][ T5938] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  336.341442][ T5984] gspca_main: jeilinj-2.14.0 probing 0979:0280
[  336.374167][ T5984] usb 6-1: USB disconnect, device number 3
[  336.479312][T13481] loop1: detected capacity change from 0 to 256
[  336.482955][T13481] exfat: Deprecated parameter 'namecase'
[  336.485299][T13481] exfat: Deprecated parameter 'utf8'
[  336.500757][T13481] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  336.521961][T13481] overlay: filesystem on ./file0 not supported
[  337.265162][T13509] openvswitch: netlink: IP tunnel TTL not specified.
[  337.858734][   T84] Bluetooth: hci3: Frame reassembly failed (-84)
[  337.867839][ T5238] Bluetooth: hci1: command tx timeout
[  338.711672][T13547] futex_wake_op: syz.1.2990 tries to shift op by -1; fix this program
[  338.800322][T13548] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2989'.
[  339.100614][T13550] loop1: detected capacity change from 0 to 32768
[  339.125137][T13550] (syz.1.2991,13550,0):ocfs2_load_local_alloc:320 ERROR: Local alloc size is invalid (la_size = 33328)
[  339.141054][T13550] (syz.1.2991,13550,0):ocfs2_load_local_alloc:356 ERROR: status = -22
[  339.143644][T13550] (syz.1.2991,13550,0):ocfs2_check_volume:2404 ERROR: status = -22
[  339.148155][T13550] (syz.1.2991,13550,0):ocfs2_check_volume:2432 ERROR: status = -22
[  339.150663][T13550] (syz.1.2991,13550,0):ocfs2_mount_volume:1764 ERROR: status = -22
[  339.163985][T13550] (syz.1.2991,13550,0):ocfs2_fill_super:1177 ERROR: status = -22
[  339.337090][T13558] binder: 13557:13558 ioctl c00c6211 0 returned -14
[  339.422864][T13564] loop1: detected capacity change from 0 to 128
[  339.432616][T13564] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  339.445961][T13564] ext4 filesystem being mounted at /960/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  339.489311][ T5938] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  339.855889][ T5941] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  340.527678][T13579] loop5: detected capacity change from 0 to 32768
[  340.531708][T13579] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3003 (13579)
[  340.552853][T13579] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  340.556007][T13579] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  340.558720][T13579] BTRFS info (device loop5): using free-space-tree
[  340.839680][T13238] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  340.898796][T13592] loop1: detected capacity change from 0 to 32768
[  340.999640][T13592] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  341.110044][T13592] XFS (loop1): Ending clean mount
[  341.138039][T13592] XFS (loop1): Quotacheck needed: Please wait.
[  341.188467][T13592] XFS (loop1): Quotacheck: Done.
[  341.340775][    C0] vkms_vblank_simulate: vblank timer overrun
[  341.350707][ T5938] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  341.410926][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  341.566765][   T24] usb 6-1: Using ep0 maxpacket: 32
[  341.571118][   T24] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[  341.574572][   T24] usb 6-1: config 0 has no interface number 0
[  341.583000][   T24] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  341.590856][   T24] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  341.597096][   T24] usb 6-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[  341.599870][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.602585][   T24] usb 6-1: Product: syz
[  341.604148][   T24] usb 6-1: Manufacturer: syz
[  341.607956][   T24] usb 6-1: SerialNumber: syz
[  341.611137][   T24] usb 6-1: config 0 descriptor??
[  341.613648][T13630] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  341.619793][T13630] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  341.627876][   T24] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  341.819347][T13632] loop1: detected capacity change from 0 to 40427
[  341.858819][ T5964] usb 6-1: USB disconnect, device number 4
[  341.943410][T13632] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  341.949114][T13632] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  341.982226][T13632] F2FS-fs (loop1): Inconsistent error blkaddr:5633, sit bitmap:0
[  341.989953][T13632] CPU: 0 UID: 0 PID: 13632 Comm: syz.1.3016 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  341.989982][T13632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  341.989993][T13632] Call Trace:
[  341.990000][T13632]  <TASK>
[  341.990009][T13632]  dump_stack_lvl+0x189/0x250
[  341.990075][T13632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.990095][T13632]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  341.990134][T13632]  __f2fs_is_valid_blkaddr+0xd84/0x14f0
[  341.990161][T13632]  f2fs_map_blocks+0xd84/0x4130
[  341.990191][T13632]  ? __page_table_check_zero+0x406/0x530
[  341.990234][T13632]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  341.990254][T13632]  ? xa_load+0x60/0x210
[  341.990285][T13632]  ? xa_load+0x1ea/0x210
[  341.990310][T13632]  f2fs_mpage_readpages+0xcb2/0x1ac0
[  341.990352][T13632]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  341.990379][T13632]  ? __folio_batch_add_and_move+0x20a/0xd20
[  341.990412][T13632]  ? f2fs_readahead+0x177/0x330
[  341.990457][T13632]  read_pages+0x17a/0x580
[  341.990486][T13632]  ? __pfx_read_pages+0x10/0x10
[  341.990513][T13632]  ? filemap_add_folio+0x1af/0x270
[  341.990538][T13632]  page_cache_ra_unbounded+0x6b0/0x7b0
[  341.990574][T13632]  f2fs_readdir+0x49b/0xa60
[  341.990621][T13632]  ? __pfx_f2fs_readdir+0x10/0x10
[  341.990656][T13632]  ? down_read_killable+0x1d1/0x350
[  341.990681][T13632]  iterate_dir+0x399/0x570
[  341.990705][T13632]  __se_sys_getdents64+0xe4/0x260
[  341.990728][T13632]  ? __pfx___se_sys_getdents64+0x10/0x10
[  341.990746][T13632]  ? __pfx_filldir64+0x10/0x10
[  341.990765][T13632]  ? rcu_is_watching+0x15/0xb0
[  341.990784][T13632]  ? do_syscall_64+0xbe/0x3b0
[  341.990807][T13632]  do_syscall_64+0xfa/0x3b0
[  341.990825][T13632]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.990840][T13632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.990857][T13632]  ? exc_page_fault+0x9f/0xf0
[  341.990876][T13632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.990890][T13632] RIP: 0033:0x7f17a818ebe9
[  341.990906][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.990920][T13632] RSP: 002b:00007f17a9035038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  341.990938][T13632] RAX: ffffffffffffffda RBX: 00007f17a83b5fa0 RCX: 00007f17a818ebe9
[  341.990949][T13632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  341.990958][T13632] RBP: 00007f17a8211e19 R08: 0000000000000000 R09: 0000000000000000
[  341.990967][T13632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  341.990974][T13632] R13: 00007f17a83b6038 R14: 00007f17a83b5fa0 R15: 00007ffdef609f58
[  341.991000][T13632]  </TASK>
[  342.088512][    C0] vkms_vblank_simulate: vblank timer overrun
[  342.166490][T13643] F2FS-fs (loop1): Inconsistent error blkaddr:5633, sit bitmap:0
[  342.170154][T13643] CPU: 1 UID: 0 PID: 13643 Comm: syz.1.3016 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  342.170178][T13643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  342.170188][T13643] Call Trace:
[  342.170196][T13643]  <TASK>
[  342.170204][T13643]  dump_stack_lvl+0x189/0x250
[  342.170233][T13643]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.170251][T13643]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  342.170281][T13643]  ? __filemap_get_folio+0x79f/0xaf0
[  342.170298][T13643]  ? __pfx_f2fs_lookup_read_extent_cache_block+0x10/0x10
[  342.170324][T13643]  __f2fs_is_valid_blkaddr+0xd84/0x14f0
[  342.170349][T13643]  f2fs_get_read_data_folio+0x3d2/0x7d0
[  342.170366][T13643]  ? __pfx_folio_mark_accessed+0x10/0x10
[  342.170384][T13643]  ? __pfx_f2fs_get_read_data_folio+0x10/0x10
[  342.170415][T13643]  ? __filemap_get_folio+0x79f/0xaf0
[  342.170437][T13643]  f2fs_find_data_folio+0x195/0x3c0
[  342.170458][T13643]  f2fs_readdir+0x4b0/0xa60
[  342.170498][T13643]  ? __pfx_f2fs_readdir+0x10/0x10
[  342.170532][T13643]  ? down_read_killable+0x1d1/0x350
[  342.170558][T13643]  iterate_dir+0x399/0x570
[  342.170578][T13643]  ? 0xffffffff81000000
[  342.170593][T13643]  __se_sys_getdents+0xe4/0x250
[  342.170614][T13643]  ? __pfx___se_sys_getdents+0x10/0x10
[  342.170631][T13643]  ? exc_page_fault+0x76/0xf0
[  342.170646][T13643]  ? __pfx_filldir+0x10/0x10
[  342.170664][T13643]  ? 0xffffffff81000000
[  342.170682][T13643]  ? do_syscall_64+0xbe/0x3b0
[  342.170703][T13643]  do_syscall_64+0xfa/0x3b0
[  342.170720][T13643]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.170736][T13643]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.170750][T13643]  ? exc_page_fault+0x9f/0xf0
[  342.170768][T13643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.170782][T13643] RIP: 0033:0x7f17a818ebe9
[  342.170797][T13643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.170811][T13643] RSP: 002b:00007f17a9014038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  342.170827][T13643] RAX: ffffffffffffffda RBX: 00007f17a83b6090 RCX: 00007f17a818ebe9
[  342.170838][T13643] RDX: 0000000000000058 RSI: ffffffff81000000 RDI: 0000000000000006
[  342.170848][T13643] RBP: 00007f17a8211e19 R08: 0000000000000000 R09: 0000000000000000
[  342.170858][T13643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.170868][T13643] R13: 00007f17a83b6128 R14: 00007f17a83b6090 R15: 00007ffdef609f58
[  342.170887][T13643]  ? 0xffffffff81000000
[  342.170903][T13643]  </TASK>
[  342.172615][T13632] F2FS-fs (loop1): Inconsistent error blkaddr:5633, sit bitmap:0
[  342.314400][T13632] CPU: 1 UID: 0 PID: 13632 Comm: syz.1.3016 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  342.314419][T13632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  342.314424][T13632] Call Trace:
[  342.314429][T13632]  <TASK>
[  342.314434][T13632]  dump_stack_lvl+0x189/0x250
[  342.314453][T13632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.314464][T13632]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  342.314482][T13632]  ? __filemap_get_folio+0x79f/0xaf0
[  342.314494][T13632]  ? __pfx_f2fs_lookup_read_extent_cache_block+0x10/0x10
[  342.314508][T13632]  __f2fs_is_valid_blkaddr+0xd84/0x14f0
[  342.314525][T13632]  f2fs_get_read_data_folio+0x3d2/0x7d0
[  342.314536][T13632]  ? __pfx_folio_mark_accessed+0x10/0x10
[  342.314549][T13632]  ? __pfx_f2fs_get_read_data_folio+0x10/0x10
[  342.314562][T13632]  ? __filemap_get_folio+0x79f/0xaf0
[  342.314574][T13632]  f2fs_find_data_folio+0x195/0x3c0
[  342.314585][T13632]  f2fs_readdir+0x4b0/0xa60
[  342.314608][T13632]  ? __pfx_f2fs_readdir+0x10/0x10
[  342.314626][T13632]  ? down_read_killable+0x1d1/0x350
[  342.314640][T13632]  iterate_dir+0x399/0x570
[  342.314654][T13632]  __se_sys_getdents64+0xe4/0x260
[  342.314667][T13632]  ? __pfx___se_sys_getdents64+0x10/0x10
[  342.314678][T13632]  ? __pfx_filldir64+0x10/0x10
[  342.314691][T13632]  ? rcu_is_watching+0x15/0xb0
[  342.314703][T13632]  ? do_syscall_64+0xbe/0x3b0
[  342.314716][T13632]  do_syscall_64+0xfa/0x3b0
[  342.314725][T13632]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.314733][T13632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.314742][T13632]  ? exc_page_fault+0x9f/0xf0
[  342.314753][T13632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.314762][T13632] RIP: 0033:0x7f17a818ebe9
[  342.314772][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.314780][T13632] RSP: 002b:00007f17a9035038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  342.314790][T13632] RAX: ffffffffffffffda RBX: 00007f17a83b5fa0 RCX: 00007f17a818ebe9
[  342.314796][T13632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  342.314801][T13632] RBP: 00007f17a8211e19 R08: 0000000000000000 R09: 0000000000000000
[  342.314805][T13632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.314810][T13632] R13: 00007f17a83b6038 R14: 00007f17a83b5fa0 R15: 00007ffdef609f58
[  342.314824][T13632]  </TASK>
[  342.472784][ T5938] syz-executor: attempt to access beyond end of device
[  342.472784][ T5938] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  342.504822][ T5938] CPU: 1 UID: 0 PID: 5938 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  342.504849][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  342.504858][ T5938] Call Trace:
[  342.504864][ T5938]  <TASK>
[  342.504871][ T5938]  dump_stack_lvl+0x189/0x250
[  342.504900][ T5938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.504918][ T5938]  ? __pfx_queue_work_on+0x10/0x10
[  342.504933][ T5938]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  342.504950][ T5938]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  342.505002][ T5938]  f2fs_handle_critical_error+0x37c/0x540
[  342.505029][ T5938]  f2fs_write_end_io+0x886/0xb60
[  342.505062][ T5938]  __submit_merged_bio+0x27a/0x6a0
[  342.505086][ T5938]  __submit_merged_write_cond+0x255/0x530
[  342.505109][ T5938]  f2fs_write_data_pages+0x261d/0x3000
[  342.505127][ T5938]  ? __pfx_usage_match+0x10/0x10
[  342.505141][ T5938]  ? __bfs+0x154/0x2a0
[  342.505176][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  342.505193][ T5938]  ? __switch_to+0xdae/0x1670
[  342.505247][ T5938]  ? check_path+0x21/0x40
[  342.505262][ T5938]  ? check_noncircular+0xe0/0x160
[  342.505311][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  342.505331][ T5938]  do_writepages+0x32e/0x550
[  342.505360][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  342.505383][ T5938]  filemap_fdatawrite+0x199/0x240
[  342.505404][ T5938]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  342.505459][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  342.505479][ T5938]  f2fs_sync_dirty_inodes+0x31f/0x830
[  342.505513][ T5938]  f2fs_write_checkpoint+0x95a/0x1df0
[  342.505577][ T5938]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  342.505633][ T5938]  ? kill_f2fs_super+0x298/0x6c0
[  342.505657][ T5938]  kill_f2fs_super+0x2c3/0x6c0
[  342.505683][ T5938]  ? __pfx_kill_f2fs_super+0x10/0x10
[  342.505701][ T5938]  ? radix_tree_delete_item+0x2b6/0x400
[  342.505724][ T5938]  ? shrinker_free+0x2ce/0x3e0
[  342.505742][ T5938]  deactivate_locked_super+0xbc/0x130
[  342.505762][ T5938]  cleanup_mnt+0x425/0x4c0
[  342.505780][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.505800][ T5938]  task_work_run+0x1d4/0x260
[  342.505823][ T5938]  ? __pfx_task_work_run+0x10/0x10
[  342.505838][ T5938]  ? __x64_sys_umount+0x122/0x160
[  342.505862][ T5938]  ? exit_to_user_mode_loop+0x40/0x110
[  342.505886][ T5938]  exit_to_user_mode_loop+0xec/0x110
[  342.505905][ T5938]  do_syscall_64+0x2bd/0x3b0
[  342.505922][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.505937][ T5938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.505952][ T5938]  ? exc_page_fault+0x9f/0xf0
[  342.505970][ T5938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.506009][ T5938] RIP: 0033:0x7f17a818ff17
[  342.506024][ T5938] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  342.506038][ T5938] RSP: 002b:00007ffdef6091e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  342.506055][ T5938] RAX: 0000000000000000 RBX: 00007f17a8211c05 RCX: 00007f17a818ff17
[  342.506065][ T5938] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdef6092a0
[  342.506073][ T5938] RBP: 00007ffdef6092a0 R08: 0000000000000000 R09: 0000000000000000
[  342.506082][ T5938] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdef60a330
[  342.506092][ T5938] R13: 00007f17a8211c05 R14: 0000000000053904 R15: 00007ffdef60a370
[  342.506115][ T5938]  </TASK>
[  342.657645][ T5938] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  343.318501][T13656] loop5: detected capacity change from 0 to 131072
[  343.326335][T13656] F2FS-fs (loop5): Test dummy encryption mode enabled
[  343.339885][T13656] F2FS-fs (loop5): invalid crc value
[  343.380484][T13656] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  343.385088][T13656] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  343.568256][T13667] loop1: detected capacity change from 0 to 4096
[  343.615810][T13668] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  343.627827][   T33] audit: type=1800 audit(1755119967.479:68): pid=13667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3022" name="file1" dev="loop1" ino=15 res=0 errno=0
[  343.659449][   T33] audit: type=1800 audit(1755119967.489:69): pid=13667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3022" name="file1" dev="loop1" ino=15 res=0 errno=0
[  344.174067][   T33] audit: type=1326 audit(1755119968.029:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.204475][   T33] audit: type=1326 audit(1755119968.029:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.218105][   T33] audit: type=1326 audit(1755119968.039:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.238297][   T33] audit: type=1326 audit(1755119968.039:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.245378][   T33] audit: type=1326 audit(1755119968.039:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.274257][   T33] audit: type=1326 audit(1755119968.039:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.288361][   T33] audit: type=1326 audit(1755119968.039:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.305981][   T33] audit: type=1326 audit(1755119968.039:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.2.3037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  344.447651][T13695] netlink: 'syz.2.3040': attribute type 4 has an invalid length.
[  344.494224][T13697] 9pnet: p9_errstr2errno: server reported unknown error 6G)Do')=0O]|[
[  344.575473][T13674] loop1: detected capacity change from 0 to 32768
[  344.633528][T13674] ERROR: (device loop1): xtTruncate_pmap: xt_getpage: xtree page corrupt
[  344.633528][T13674] 
[  344.644191][T13674] ERROR: (device loop1): remounting filesystem as read-only
[  344.648681][T13674] ERROR: (device loop1): jfs_rename: 
[  344.648681][T13674] 
[  344.686037][ T5938] ERROR: (device loop1): xtTruncate: xt_getpage: xtree page corrupt
[  344.686037][ T5938] 
[  346.186738][T13730] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3057'.
[  346.193135][T13730] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3057'.
[  346.415972][ T1911] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  346.491707][T13737] loop1: detected capacity change from 0 to 40427
[  346.544987][T13737] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  346.550721][T13737] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  346.568169][ T1911] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  346.580556][ T1911] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  346.585043][ T1911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.589613][ T1911] usb 6-1: Product: syz
[  346.591980][ T1911] usb 6-1: Manufacturer: syz
[  346.594110][ T1911] usb 6-1: SerialNumber: syz
[  346.600791][ T1911] usb 6-1: config 0 descriptor??
[  346.609371][ T1911] yurex 6-1:0.0: Could not find endpoints
[  346.618734][ T5938] syz-executor: attempt to access beyond end of device
[  346.618734][ T5938] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  346.623428][ T5938] CPU: 0 UID: 0 PID: 5938 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  346.623442][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  346.623448][ T5938] Call Trace:
[  346.623452][ T5938]  <TASK>
[  346.623456][ T5938]  dump_stack_lvl+0x189/0x250
[  346.623475][ T5938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.623485][ T5938]  ? __pfx_queue_work_on+0x10/0x10
[  346.623494][ T5938]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  346.623506][ T5938]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  346.623520][ T5938]  f2fs_handle_critical_error+0x37c/0x540
[  346.623538][ T5938]  f2fs_write_end_io+0x886/0xb60
[  346.623560][ T5938]  __submit_merged_bio+0x27a/0x6a0
[  346.623573][ T5938]  __submit_merged_write_cond+0x255/0x530
[  346.623612][ T5938]  f2fs_write_data_pages+0x261d/0x3000
[  346.623641][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  346.623675][ T5938]  ? __mod_zone_page_state+0xd7/0x140
[  346.623693][ T5938]  ? folios_put_refs+0x560/0x640
[  346.623710][ T5938]  ? __lock_acquire+0xab9/0xd20
[  346.623728][ T5938]  ? do_raw_spin_lock+0x121/0x290
[  346.623744][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  346.623754][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  346.623765][ T5938]  do_writepages+0x32e/0x550
[  346.623782][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  346.623794][ T5938]  filemap_fdatawrite+0x199/0x240
[  346.623806][ T5938]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  346.623842][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  346.623854][ T5938]  f2fs_sync_dirty_inodes+0x31f/0x830
[  346.623875][ T5938]  f2fs_write_checkpoint+0x95a/0x1df0
[  346.623900][ T5938]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  346.623936][ T5938]  ? kill_f2fs_super+0x298/0x6c0
[  346.623951][ T5938]  kill_f2fs_super+0x2c3/0x6c0
[  346.623965][ T5938]  ? __pfx_kill_f2fs_super+0x10/0x10
[  346.623975][ T5938]  ? radix_tree_delete_item+0x2b6/0x400
[  346.623989][ T5938]  ? shrinker_free+0x2ce/0x3e0
[  346.623999][ T5938]  deactivate_locked_super+0xbc/0x130
[  346.624011][ T5938]  cleanup_mnt+0x425/0x4c0
[  346.624020][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  346.624031][ T5938]  task_work_run+0x1d4/0x260
[  346.624050][ T5938]  ? __pfx_task_work_run+0x10/0x10
[  346.624059][ T5938]  ? __x64_sys_umount+0x122/0x160
[  346.624072][ T5938]  ? exit_to_user_mode_loop+0x40/0x110
[  346.624088][ T5938]  exit_to_user_mode_loop+0xec/0x110
[  346.624099][ T5938]  do_syscall_64+0x2bd/0x3b0
[  346.624109][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  346.624118][ T5938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.624127][ T5938]  ? exc_page_fault+0x9f/0xf0
[  346.624137][ T5938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.624144][ T5938] RIP: 0033:0x7f17a818ff17
[  346.624154][ T5938] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  346.624161][ T5938] RSP: 002b:00007ffdef6091e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  346.624170][ T5938] RAX: 0000000000000000 RBX: 00007f17a8211c05 RCX: 00007f17a818ff17
[  346.624176][ T5938] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdef6092a0
[  346.624181][ T5938] RBP: 00007ffdef6092a0 R08: 0000000000000000 R09: 0000000000000000
[  346.624186][ T5938] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdef60a330
[  346.624191][ T5938] R13: 00007f17a8211c05 R14: 000000000005497e R15: 00007ffdef60a370
[  346.624206][ T5938]  </TASK>
[  346.624210][ T5938] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  346.812806][  T791] usb 6-1: USB disconnect, device number 5
[  347.029187][T13743] loop1: detected capacity change from 0 to 16
[  347.033655][T13743] erofs (device loop1): mounted with root inode @ nid 36.
[  347.044459][T13743] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[  347.059198][T13743] erofs (device loop1): read error -117 @ 43 of nid 36
[  348.030249][T13783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3077'.
[  348.291473][T13789] loop5: detected capacity change from 0 to 2048
[  348.305152][T13789] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  348.317774][T13789] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  350.026163][ T5984] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  350.176310][ T5984] usb 2-1: Using ep0 maxpacket: 8
[  350.193750][ T5984] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  350.206151][ T5984] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.209002][ T5984] usb 2-1: Product: syz
[  350.210395][ T5984] usb 2-1: Manufacturer: syz
[  350.212083][ T5984] usb 2-1: SerialNumber: syz
[  350.230575][ T5984] usb 2-1: config 0 descriptor??
[  350.387483][T13846] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  350.433394][T13848] loop5: detected capacity change from 0 to 16
[  350.449840][ T5984] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  350.915897][  T791] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  351.070072][  T791] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  351.073510][  T791] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.080085][  T791] usb 6-1: Product: syz
[  351.081523][  T791] usb 6-1: Manufacturer: syz
[  351.082943][  T791] usb 6-1: SerialNumber: syz
[  351.087917][  T791] usb 6-1: config 0 descriptor??
[  351.094910][  T791] gspca_main: sunplus-2.14.0 probing 055f:c230
[  351.345320][T13872] @: renamed from bond_slave_0 (while UP)
[  351.852108][T13894] overlayfs: failed to resolve './file0/../file0': -2
[  351.871541][ T5984] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  351.877881][ T5984] usb 2-1: USB disconnect, device number 41
[  352.107284][ T1911] usb 6-1: USB disconnect, device number 6
[  352.520898][T13932] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3145'.
[  352.672331][T13942] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3149'.
[  352.806545][T13949] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3151'.
[  352.809337][T13949] netlink: 35 bytes leftover after parsing attributes in process `syz.5.3151'.
[  353.245077][T13953] loop5: detected capacity change from 0 to 32768
[  353.269240][T13953] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3154 (13953)
[  353.320833][T13953] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  353.323882][T13953] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  353.335836][T13953] BTRFS info (device loop5): disk space caching is enabled
[  353.338054][T13953] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  353.439654][T13953] BTRFS info (device loop5): rebuilding free space tree
[  353.468894][T13953] BTRFS info (device loop5): disabling free space tree
[  353.471737][T13953] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  353.475387][T13953] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  353.624198][T13238] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  353.645973][T13982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3161'.
[  354.334684][T13986] loop1: detected capacity change from 0 to 32768
[  354.412792][T13986] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  354.447402][T13994] netlink: 'syz.5.3160': attribute type 4 has an invalid length.
[  354.703977][ T5938] ocfs2: Unmounting device (7,1) on (node local)
[  354.819942][T14007] netlink: 'syz.5.3171': attribute type 10 has an invalid length.
[  354.842750][T14007] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  354.855917][T14007] team0: Failed to send options change via netlink (err -105)
[  354.858192][T14007] team0: Port device netdevsim0 added
[  355.058912][T14023] loop5: detected capacity change from 0 to 512
[  355.089455][T14023] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  355.092944][T14023] EXT4-fs (loop5): orphan cleanup on readonly fs
[  355.099839][T14013] loop1: detected capacity change from 0 to 32768
[  355.103916][T14023] Quota error (device loop5): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[  355.112865][T14013] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3169 (14013)
[  355.125913][T14023] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  355.135994][T14023] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  355.140838][T14023] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3178: bg 0: block 40: padding at end of block bitmap is not set
[  355.147659][T14023] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  355.151822][T14023] EXT4-fs (loop5): 1 truncate cleaned up
[  355.157152][T14023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  355.162851][T14013] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  355.179541][T14013] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  355.213608][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.272741][T14013] BTRFS info (device loop1): rebuilding free space tree
[  355.293586][T14013] BTRFS info (device loop1): disabling free space tree
[  355.300643][T14013] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  355.303547][T14013] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  355.367238][ T5938] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  355.785089][T14060] overlayfs: failed to clone upperpath
[  356.205405][   T33] audit: type=1326 audit(1755119980.059:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.5.3188" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  356.219309][   T33] audit: type=1326 audit(1755119980.069:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.5.3188" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  356.231344][   T33] audit: type=1326 audit(1755119980.079:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.5.3188" exe="/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  356.241249][   T33] audit: type=1326 audit(1755119980.079:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.5.3188" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  357.245811][  T791] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  357.407469][  T791] usb 2-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  357.410461][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.418261][  T791] usb 2-1: Product: syz
[  357.420195][  T791] usb 2-1: Manufacturer: syz
[  357.421675][  T791] usb 2-1: SerialNumber: syz
[  357.430941][  T791] usb 2-1: config 0 descriptor??
[  357.660170][T14115] fuse: Bad value for 'fd'
[  357.692304][  T791] int51x1 2-1:0.0: probe with driver int51x1 failed with error -22
[  357.907494][   T24] usb 2-1: USB disconnect, device number 42
[  358.497136][T13358] wlan1: Trigger new scan to find an IBSS to join
[  359.219232][ T5984] IPVS: starting estimator thread 0...
[  359.349483][T14134] IPVS: using max 39 ests per chain, 93600 per kthread
[  360.493912][T14158] loop1: detected capacity change from 0 to 16
[  360.965915][  T791] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  361.126478][  T791] usb 2-1: Using ep0 maxpacket: 8
[  361.133176][  T791] usb 2-1: config 1 has an invalid interface number: 117 but max is 1
[  361.142781][  T791] usb 2-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  361.154147][  T791] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  361.164445][  T791] usb 2-1: config 1 has no interface number 0
[  361.170620][  T791] usb 2-1: too many endpoints for config 1 interface 117 altsetting 115: 101, using maximum allowed: 30
[  361.177064][  T791] usb 2-1: config 1 interface 117 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 101
[  361.183711][  T791] usb 2-1: config 1 interface 117 has no altsetting 0
[  361.187711][  T791] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  361.192015][  T791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.414337][  T791] usb 2-1: string descriptor 0 read error: -71
[  361.423282][  T791] hub 2-1:1.117: bad descriptor, ignoring hub
[  361.438760][  T791] hub 2-1:1.117: probe with driver hub failed with error -5
[  361.538482][T14194] netlink: 'syz.2.3235': attribute type 27 has an invalid length.
[  361.541585][T14194] netlink: 'syz.2.3235': attribute type 3 has an invalid length.
[  361.544851][T14194] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3235'.
[  361.619621][T14198] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3237'.
[  361.722857][  T791] usb 2-1: reset high-speed USB device number 43 using dummy_hcd
[  361.792342][T14207] macvlan1: entered promiscuous mode
[  361.804741][T14207] ipvlan0: entered promiscuous mode
[  361.813701][T14207] ipvlan0: left promiscuous mode
[  361.816261][T14207] macvlan1: left promiscuous mode
[  362.013159][T14214] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3244'.
[  362.102687][   T33] audit: type=1804 audit(1755119985.959:82): pid=14218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3246" name="file0" dev="tmpfs" ino=6828 res=1 errno=0
[  362.446012][  T791] usb 2-1: USB disconnect, device number 43
[  362.599636][T14242] netlink: 'syz.2.3257': attribute type 3 has an invalid length.
[  362.602827][T14242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3257'.
[  362.607266][T14242] netlink: 'syz.2.3257': attribute type 1 has an invalid length.
[  362.929442][T14253] loop1: detected capacity change from 0 to 4096
[  362.948797][T14253] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  362.951971][T14253] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  362.983348][   T33] audit: type=1800 audit(1755119986.839:83): pid=14253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3262" name="file1" dev="loop1" ino=34 res=0 errno=0
[  362.999833][T14249] loop5: detected capacity change from 0 to 40427
[  363.021686][T14249] F2FS-fs (loop5): invalid crc value
[  363.079416][T14249] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  363.083627][T14249] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  363.162554][T14262] RDS: rds_bind could not find a transport for fe88::2, load rds_tcp or rds_rdma?
[  363.178693][T13238] syz-executor: attempt to access beyond end of device
[  363.178693][T13238] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  363.185424][T13238] CPU: 1 UID: 0 PID: 13238 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  363.185438][T13238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.185443][T13238] Call Trace:
[  363.185447][T13238]  <TASK>
[  363.185451][T13238]  dump_stack_lvl+0x189/0x250
[  363.185467][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.185476][T13238]  ? __pfx_queue_work_on+0x10/0x10
[  363.185485][T13238]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  363.185494][T13238]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  363.185509][T13238]  f2fs_handle_critical_error+0x37c/0x540
[  363.185541][T13238]  f2fs_write_end_io+0x886/0xb60
[  363.185563][T13238]  __submit_merged_bio+0x27a/0x6a0
[  363.185577][T13238]  __submit_merged_write_cond+0x255/0x530
[  363.185590][T13238]  f2fs_write_data_pages+0x261d/0x3000
[  363.185619][T13238]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  363.185652][T13238]  ? __mod_zone_page_state+0xd7/0x140
[  363.185669][T13238]  ? folios_put_refs+0x560/0x640
[  363.185683][T13238]  ? __pfx_folios_put_refs+0x10/0x10
[  363.185691][T13238]  ? rcu_is_watching+0x15/0xb0
[  363.185705][T13238]  ? __lock_acquire+0xab9/0xd20
[  363.185725][T13238]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  363.185736][T13238]  do_writepages+0x32e/0x550
[  363.185753][T13238]  ? do_raw_spin_unlock+0x4d/0x240
[  363.185765][T13238]  filemap_fdatawrite+0x199/0x240
[  363.185777][T13238]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  363.185812][T13238]  ? do_raw_spin_unlock+0x4d/0x240
[  363.185824][T13238]  f2fs_sync_dirty_inodes+0x31f/0x830
[  363.185844][T13238]  f2fs_write_checkpoint+0x95a/0x1df0
[  363.185868][T13238]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  363.185904][T13238]  ? kill_f2fs_super+0x298/0x6c0
[  363.185917][T13238]  kill_f2fs_super+0x2c3/0x6c0
[  363.185932][T13238]  ? __pfx_kill_f2fs_super+0x10/0x10
[  363.185941][T13238]  ? radix_tree_delete_item+0x2b6/0x400
[  363.185954][T13238]  ? shrinker_free+0x2ce/0x3e0
[  363.185964][T13238]  deactivate_locked_super+0xbc/0x130
[  363.185975][T13238]  cleanup_mnt+0x425/0x4c0
[  363.185984][T13238]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.186016][T13238]  task_work_run+0x1d4/0x260
[  363.186029][T13238]  ? __pfx_task_work_run+0x10/0x10
[  363.186038][T13238]  ? __x64_sys_umount+0x122/0x160
[  363.186051][T13238]  ? exit_to_user_mode_loop+0x40/0x110
[  363.186064][T13238]  exit_to_user_mode_loop+0xec/0x110
[  363.186076][T13238]  do_syscall_64+0x2bd/0x3b0
[  363.186085][T13238]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.186094][T13238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.186102][T13238]  ? exc_page_fault+0x9f/0xf0
[  363.186112][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.186120][T13238] RIP: 0033:0x7f105b38ff17
[  363.186129][T13238] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  363.186136][T13238] RSP: 002b:00007fff39cb2628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  363.186146][T13238] RAX: 0000000000000000 RBX: 00007f105b411c05 RCX: 00007f105b38ff17
[  363.186152][T13238] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff39cb26e0
[  363.186157][T13238] RBP: 00007fff39cb26e0 R08: 0000000000000000 R09: 0000000000000000
[  363.186161][T13238] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff39cb3770
[  363.186166][T13238] R13: 00007f105b411c05 R14: 0000000000058a2d R15: 00007fff39cb37b0
[  363.186181][T13238]  </TASK>
[  363.316389][T13238] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  363.327530][T13238] syz-executor: attempt to access beyond end of device
[  363.327530][T13238] loop5: rw=2051, sector=36920, nr_sectors = 8144 limit=40427
[  363.348208][T13238] syz-executor: attempt to access beyond end of device
[  363.348208][T13238] loop5: rw=2051, sector=45104, nr_sectors = 85968 limit=40427
[  363.370490][T13238] F2FS-fs (loop5): Issue discard(4615, 4615, 1018) failed, ret: -5
[  363.373601][T13238] F2FS-fs (loop5): Issue discard(5638, 5638, 10746) failed, ret: -5
[  363.548344][T13358] wlan1: Trigger new scan to find an IBSS to join
[  363.703656][T14270] loop1: detected capacity change from 0 to 40427
[  363.703903][T14276] netlink: 'syz.5.3270': attribute type 10 has an invalid length.
[  363.708063][T14270] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  363.715414][T14270] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  363.723188][T14276] macvlan1: entered allmulticast mode
[  363.729587][T14276] veth1_vlan: entered allmulticast mode
[  363.741886][T14276] team0: Port device macvlan1 added
[  363.742715][T14270] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  363.793860][T14270] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  363.805413][T14270] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  363.808081][T14270] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  363.959324][T14287] syz.1.3268: attempt to access beyond end of device
[  363.959324][T14287] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  363.981904][T14287] syz.1.3268: attempt to access beyond end of device
[  363.981904][T14287] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  363.994403][T14270] syz.1.3268: attempt to access beyond end of device
[  363.994403][T14270] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  364.184394][T14297] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  364.335939][   T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  364.491570][T14301] loop1: detected capacity change from 0 to 32768
[  364.495223][T14301] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3276 (14301)
[  364.505821][   T24] usb 6-1: Using ep0 maxpacket: 8
[  364.511016][T14301] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  364.512921][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.515207][T14301] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  364.523100][T14301] BTRFS info (device loop1): disk space caching is enabled
[  364.526349][T14301] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  364.530450][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.534686][T13358] wlan1: Creating new IBSS network, BSSID b6:e7:72:89:b8:8b
[  364.541405][   T24] usb 6-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  364.547176][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.552210][   T24] usb 6-1: config 0 descriptor??
[  364.624171][T14301] BTRFS info (device loop1): rebuilding free space tree
[  364.644634][T14301] BTRFS info (device loop1): disabling free space tree
[  364.647758][T14301] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  364.651667][T14301] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  364.825512][ T5938] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  364.983368][   T24] cherry 0003:046A:0027.0014: fixing up Cherry Cymotion report descriptor
[  364.987084][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x0
[  364.989272][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x0
[  364.991386][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x0
[  364.993514][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x6
[  365.015102][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x5
[  365.025634][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x4
[  365.028525][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x0
[  365.032966][   T24] cherry 0003:046A:0027.0014: unknown main item tag 0x0
[  365.056755][   T24] cherry 0003:046A:0027.0014: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.5-1/input0
[  365.188607][  T791] usb 6-1: USB disconnect, device number 7
[  365.515036][T14336] loop1: detected capacity change from 0 to 32768
[  365.525830][T14336] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3285 (14336)
[  365.537676][T14336] BTRFS info (device loop1): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  365.540959][T14336] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  365.544150][T14336] BTRFS info (device loop1): using free-space-tree
[  365.626172][ T5938] BTRFS info (device loop1): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  365.646168][T14357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3287'.
[  366.561304][T14398] netlink: 'syz.2.3304': attribute type 10 has an invalid length.
[  366.564022][T14398] openvswitch: netlink: Flow key attr not present in new flow.
[  366.621337][   T33] audit: type=1326 audit(1755119990.479:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.634057][   T33] audit: type=1326 audit(1755119990.479:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.644867][   T33] audit: type=1326 audit(1755119990.479:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.679498][   T33] audit: type=1326 audit(1755119990.479:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.690040][   T33] audit: type=1326 audit(1755119990.479:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.697179][   T33] audit: type=1326 audit(1755119990.479:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.725803][   T33] audit: type=1326 audit(1755119990.479:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  366.739683][   T33] audit: type=1326 audit(1755119990.479:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14362 comm="syz.5.3289" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7fc00000
[  367.170227][T14423] loop1: detected capacity change from 0 to 16
[  367.182962][T14423] erofs (device loop1): mounted with root inode @ nid 36.
[  367.210492][T14423] evm: overlay not supported
[  369.840831][T14448] netlink: 'syz.2.3326': attribute type 3 has an invalid length.
[  369.875985][T14452] loop1: detected capacity change from 0 to 512
[  369.882128][T14452] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  369.898690][T14452] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  369.901223][T14452] System zones: 0-2, 18-18, 34-34
[  369.907458][T14452] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.914546][T14452] ext4 filesystem being mounted at /1026/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.962027][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.595075][T14484] loop1: detected capacity change from 0 to 256
[  370.603182][T14484] exfat: Deprecated parameter 'utf8'
[  370.621514][T14484] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d)
[  371.335129][T14489] loop5: detected capacity change from 0 to 1024
[  371.419509][T14489] hfsplus: bad catalog entry type
[  371.505306][   T53] hfsplus: b-tree write err: -5, ino 4
[  372.701203][T14510] loop5: detected capacity change from 0 to 32768
[  372.704266][T14510] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3351 (14510)
[  372.715994][T14510] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  372.719065][T14510] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  372.722018][T14510] BTRFS info (device loop5): disk space caching is enabled
[  372.724420][T14510] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  372.773685][T14510] BTRFS info (device loop5): rebuilding free space tree
[  372.801918][T14510] BTRFS info (device loop5): disabling free space tree
[  372.804331][T14510] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  372.810357][T14510] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  372.871213][   T33] kauditd_printk_skb: 6 callbacks suppressed
[  372.871226][   T33] audit: type=1800 audit(1755119996.729:98): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3351" name="bus" dev="loop5" ino=263 res=0 errno=0
[  372.883553][   T33] audit: type=1800 audit(1755119996.739:99): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3351" name="bus" dev="loop5" ino=263 res=0 errno=0
[  373.053866][   T33] audit: type=1800 audit(1755119996.909:100): pid=14541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3351" name="bus" dev="loop5" ino=263 res=0 errno=0
[  373.146086][T14546] hugetlbfs: syz.1.3359 (14546): Using mlock ulimits for SHM_HUGETLB is obsolete
[  373.480661][T13238] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  373.928041][T14559] netlink: 96 bytes leftover after parsing attributes in process `syz.5.3362'.
[  373.937941][T14556] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3365'.
[  374.030223][T14562] loop5: detected capacity change from 0 to 256
[  374.505149][T14576] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3373'.
[  374.812306][T14590] IPv6: NLM_F_REPLACE set, but no existing node found!
[  374.902228][T14595] loop1: detected capacity change from 0 to 512
[  374.924603][T14595] EXT4-fs: Ignoring removed oldalloc option
[  374.950427][T14595] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.3383: error while reading EA inode 32 err=-116
[  374.969284][T14595] EXT4-fs (loop1): Remounting filesystem read-only
[  374.971418][T14595] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  374.974463][T14595] EXT4-fs (loop1): 1 orphan inode deleted
[  375.037746][T14595] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.064189][T14602] loop5: detected capacity change from 0 to 512
[  375.078297][T14602] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  375.197600][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.649630][T14624] loop1: detected capacity change from 0 to 512
[  375.672899][T14624] EXT4-fs (loop1): orphan cleanup on readonly fs
[  375.688366][T14624] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  375.692175][T14624] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  375.696720][   T24] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  375.707755][T14624] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.3394: attempt to clear invalid blocks 2 len 1
[  375.712934][T14624] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.3394: invalid indirect mapped block 1819239214 (level 0)
[  375.724717][T14624] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.3394: invalid indirect mapped block 1819239214 (level 1)
[  375.744409][T14624] EXT4-fs (loop1): 1 truncate cleaned up
[  375.752180][T14624] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  375.765150][T14624] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.3394: Abort forced by user
[  375.771973][T14624] EXT4-fs (loop1): Remounting filesystem read-only
[  375.774445][T14624] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  375.807516][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.877061][   T24] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  375.880348][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  375.900008][   T24] usb 6-1: config 0 has no interface number 0
[  375.908414][   T24] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  375.912122][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.924021][   T24] usb 6-1: Product: syz
[  375.926723][   T24] usb 6-1: Manufacturer: syz
[  375.935155][   T24] usb 6-1: SerialNumber: syz
[  375.953070][   T24] usb 6-1: config 0 descriptor??
[  375.958482][   T24] hub 6-1:0.31: bad descriptor, ignoring hub
[  375.961196][   T24] hub 6-1:0.31: probe with driver hub failed with error -5
[  375.966410][   T24] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[  375.969098][   T24] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[  375.973333][   T24] usb 6-1: Failed to create links for entity 6
[  375.977104][   T24] usb 6-1: Failed to register entities (-22).
[  376.276279][   T24] usb 6-1: USB disconnect, device number 8
[  376.699806][T14656] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  377.024057][T14671] loop5: detected capacity change from 0 to 1024
[  377.030498][T14671] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  377.038385][T14671] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  377.063915][T14671] EXT4-fs (loop5): invalid journal inode
[  377.070627][T14671] EXT4-fs (loop5): can't get journal size
[  377.081474][T14671] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 17104912: comm syz.5.3416: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  377.108002][T14671] EXT4-fs (loop5): failed to initialize system zone (-117)
[  377.110432][T14671] EXT4-fs (loop5): mount failed
[  377.361049][T14685] loop1: detected capacity change from 0 to 4096
[  377.369010][T14685] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  377.385693][T14685] ntfs3(loop1): ino=1a, mi_enum_attr
[  377.390316][T14685] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  377.392810][T14685] ntfs3(loop1): ino=1a, mi_enum_attr
[  377.394499][T14685] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  377.435337][T14685] ntfs3(loop1): ino=5, "/" ntfs_readdir
[  377.765147][T14701] loop1: detected capacity change from 0 to 512
[  377.910568][T14701] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  377.917412][T14701] EXT4-fs (loop1): 1 truncate cleaned up
[  377.920346][T14701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  377.930820][T14701] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.1.3428: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  377.943746][T14701] EXT4-fs (loop1): Remounting filesystem read-only
[  377.972046][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.259902][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  378.262792][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  378.359742][T14709] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3429'.
[  378.363305][T14709] netlink: 'syz.1.3429': attribute type 7 has an invalid length.
[  378.369594][T14709] netlink: 'syz.1.3429': attribute type 8 has an invalid length.
[  378.372673][T14709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3429'.
[  378.423813][T14709] gretap0: entered promiscuous mode
[  378.446929][T14709] batadv_slave_1: entered promiscuous mode
[  378.449995][T14709] erspan0: entered promiscuous mode
[  378.453287][T14709] hsr1: Slave A (gretap0) is not up; please bring it up to get a fully working HSR network
[  378.475143][T14709] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  378.484245][T14709] hsr1: Interlink (erspan0) is not up; please bring it up to get a fully working HSR network
[  378.915646][ T5984] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  379.086260][ T5984] usb 6-1: Using ep0 maxpacket: 32
[  379.099400][ T5984] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[  379.104072][ T5984] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  379.106234][   T33] audit: type=1326 audit(1755120002.969:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.110378][ T5984] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92
[  379.120331][ T5984] usb 6-1: config 1 has no interface number 0
[  379.123013][ T5984] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  379.131185][ T5984] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  379.136324][   T33] audit: type=1326 audit(1755120002.979:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.136869][ T5984] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  379.148743][   T33] audit: type=1326 audit(1755120002.979:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.155083][ T5984] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  379.163010][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.171233][   T33] audit: type=1326 audit(1755120002.979:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.184831][   T33] audit: type=1326 audit(1755120002.979:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.192031][   T33] audit: type=1326 audit(1755120002.979:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.201233][ T5984] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found
[  379.202619][   T33] audit: type=1326 audit(1755120002.979:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14744 comm="syz.2.3446" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  379.389102][ T5984] snd_usb_pod 6-1:1.1: cannot start listening: -90
[  379.391987][ T5984] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected
[  379.395190][ T5984] snd_usb_pod 6-1:1.1: probe with driver snd_usb_pod failed with error -90
[  379.463349][T14759] netlink: 'syz.2.3453': attribute type 1 has an invalid length.
[  379.469904][T14759] netlink: 'syz.2.3453': attribute type 2 has an invalid length.
[  379.611281][T14767] wg1 speed is unknown, defaulting to 1000
[  379.622903][T14767] wg1 speed is unknown, defaulting to 1000
[  379.629981][T14767] wg1 speed is unknown, defaulting to 1000
[  379.650554][T14767] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  379.683191][T14767] wg1 speed is unknown, defaulting to 1000
[  379.693573][T14767] wg1 speed is unknown, defaulting to 1000
[  379.707733][T14767] wg1 speed is unknown, defaulting to 1000
[  379.712266][T14767] wg1 speed is unknown, defaulting to 1000
[  379.771745][T14771] hpfs: Bad magic ... probably not HPFS
[  380.017155][T14779] loop1: detected capacity change from 0 to 164
[  380.051318][T14779] Unable to read rock-ridge attributes
[  380.064401][T14779] Unable to read rock-ridge attributes
[  380.683173][T14784] loop1: detected capacity change from 0 to 32768
[  380.699976][T14784] read_mapping_page failed!
[  381.757744][   T24] usb 6-1: USB disconnect, device number 9
[  382.068529][T14823] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3480'.
[  382.207707][  T791] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  382.367981][  T791] usb 2-1: config 0 has an invalid interface number: 117 but max is 0
[  382.371182][  T791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  382.377350][  T791] usb 2-1: config 0 has no interface number 0
[  382.377390][  T791] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  382.377407][  T791] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  382.381176][  T791] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  382.381199][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.381213][  T791] usb 2-1: Product: syz
[  382.381225][  T791] usb 2-1: Manufacturer: syz
[  382.381236][  T791] usb 2-1: SerialNumber: syz
[  382.384313][  T791] usb 2-1: config 0 descriptor??
[  383.073687][  T791] usb 2-1: USB disconnect, device number 44
[  383.410190][T14899] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  383.442172][T14891] loop5: detected capacity change from 0 to 32768
[  383.474414][T14891] read_mapping_page failed!
[  383.485342][T14891] ialloc: diAlloc returned -5!
[  383.576254][T14903] netlink: 'syz.2.3517': attribute type 12 has an invalid length.
[  383.578651][T14903] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.3517'.
[  383.627371][T14905] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3518'.
[  384.003206][   T24] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  384.214048][   T24] usb 6-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  384.222247][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  384.231095][   T24] usb 6-1: Product: syz
[  384.233827][   T24] usb 6-1: Manufacturer: syz
[  384.237948][   T24] usb 6-1: SerialNumber: syz
[  384.246925][   T24] usb 6-1: config 0 descriptor??
[  384.337109][T14915] loop1: detected capacity change from 0 to 40427
[  384.346689][T14915] F2FS-fs (loop1): build fault injection rate: 771
[  384.357483][T14915] F2FS-fs (loop1): invalid crc value
[  384.419030][T14915] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  384.422908][T14915] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  384.441700][ T5938] syz-executor: attempt to access beyond end of device
[  384.441700][ T5938] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  384.447656][ T5938] CPU: 0 UID: 0 PID: 5938 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  384.447681][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  384.447690][ T5938] Call Trace:
[  384.447697][ T5938]  <TASK>
[  384.447704][ T5938]  dump_stack_lvl+0x189/0x250
[  384.447726][ T5938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.447741][ T5938]  ? __pfx_queue_work_on+0x10/0x10
[  384.447756][ T5938]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  384.447774][ T5938]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  384.447797][ T5938]  f2fs_handle_critical_error+0x37c/0x540
[  384.447820][ T5938]  f2fs_write_end_io+0x886/0xb60
[  384.447849][ T5938]  __submit_merged_bio+0x27a/0x6a0
[  384.447866][ T5938]  __submit_merged_write_cond+0x255/0x530
[  384.447885][ T5938]  f2fs_write_data_pages+0x261d/0x3000
[  384.447926][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  384.448006][ T5938]  ? __mod_zone_page_state+0xd7/0x140
[  384.448034][ T5938]  ? folios_put_refs+0x560/0x640
[  384.448062][ T5938]  ? __lock_acquire+0xab9/0xd20
[  384.448093][ T5938]  ? do_raw_spin_lock+0x121/0x290
[  384.448119][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  384.448129][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  384.448140][ T5938]  do_writepages+0x32e/0x550
[  384.448158][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  384.448170][ T5938]  filemap_fdatawrite+0x199/0x240
[  384.448182][ T5938]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  384.448218][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  384.448230][ T5938]  f2fs_sync_dirty_inodes+0x31f/0x830
[  384.448251][ T5938]  f2fs_write_checkpoint+0x95a/0x1df0
[  384.448276][ T5938]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  384.448313][ T5938]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  384.448327][ T5938]  ? kfree+0x18e/0x440
[  384.448339][ T5938]  ? kill_f2fs_super+0x298/0x6c0
[  384.448355][ T5938]  kill_f2fs_super+0x2c3/0x6c0
[  384.448369][ T5938]  ? __pfx_kill_f2fs_super+0x10/0x10
[  384.448379][ T5938]  ? radix_tree_delete_item+0x2b6/0x400
[  384.448393][ T5938]  ? shrinker_free+0x2ce/0x3e0
[  384.448405][ T5938]  deactivate_locked_super+0xbc/0x130
[  384.448417][ T5938]  cleanup_mnt+0x425/0x4c0
[  384.448430][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.448441][ T5938]  task_work_run+0x1d4/0x260
[  384.448455][ T5938]  ? __pfx_task_work_run+0x10/0x10
[  384.448464][ T5938]  ? __x64_sys_umount+0x122/0x160
[  384.448479][ T5938]  ? exit_to_user_mode_loop+0x40/0x110
[  384.448494][ T5938]  exit_to_user_mode_loop+0xec/0x110
[  384.448505][ T5938]  do_syscall_64+0x2bd/0x3b0
[  384.448515][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.448524][ T5938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.448532][ T5938]  ? exc_page_fault+0x9f/0xf0
[  384.448545][ T5938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.448565][ T5938] RIP: 0033:0x7f17a818ff17
[  384.448579][ T5938] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  384.448588][ T5938] RSP: 002b:00007ffdef6091e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  384.448598][ T5938] RAX: 0000000000000000 RBX: 00007f17a8211c05 RCX: 00007f17a818ff17
[  384.448603][ T5938] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdef6092a0
[  384.448608][ T5938] RBP: 00007ffdef6092a0 R08: 0000000000000000 R09: 0000000000000000
[  384.448613][ T5938] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdef60a330
[  384.448618][ T5938] R13: 00007f17a8211c05 R14: 000000000005dd44 R15: 00007ffdef60a370
[  384.448634][ T5938]  </TASK>
[  384.448638][ T5938] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  384.504928][   T24] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  384.651715][   T24] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  384.656341][   T24] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  384.659750][   T24] usb 6-1: media controller created
[  384.663721][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  384.689433][   T24] DVB: Unable to find symbol dib7000p_attach()
[  384.691478][   T24] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  384.694508][   T24] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  384.700422][   T24] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  384.703193][   T24] usb 6-1: media controller created
[  384.714589][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  384.758678][   T24] dib0700: the master dib7090 has to be initialized first
[  384.760819][   T24] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  384.807318][   T24] rc_core: IR keymap rc-dib0700-rc5 not found
[  384.809520][   T24] Registered IR keymap rc-empty
[  384.811381][   T24] dvb-usb: could not initialize remote control.
[  384.813611][   T24] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  384.839089][   T24] usb 6-1: USB disconnect, device number 10
[  384.879203][   T24] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  385.216827][  T791] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  385.354134][T14947] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3534'.
[  385.360058][T14947] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3534'.
[  385.368153][  T791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  385.374940][  T791] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  385.381746][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.387513][  T791] usb 2-1: Product: syz
[  385.390756][  T791] usb 2-1: Manufacturer: syz
[  385.393972][  T791] usb 2-1: SerialNumber: syz
[  385.410549][  T791] usb 2-1: config 0 descriptor??
[  385.447153][  T791] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  385.497565][ T7408] udevd[7408]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  385.612355][T14957] loop5: detected capacity change from 0 to 128
[  385.628512][T14957] affs: Bad value for 'setgid'
[  385.638210][T14957] affs: Bad value for 'setgid'
[  385.645028][ T1273] usb 2-1: USB disconnect, device number 45
[  385.713393][   T24] IPVS: starting estimator thread 0...
[  385.815889][T14960] IPVS: using max 61 ests per chain, 146400 per kthread
[  385.894269][T14968] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3544'.
[  386.049176][T14975] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3547'.
[  386.060780][T14975] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3547'.
[  386.250869][T14984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3551'.
[  386.254061][T14984] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  386.262684][T14984] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  387.962340][T15024] netlink: 'syz.2.3567': attribute type 2 has an invalid length.
[  389.081931][T15041] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  389.173410][T15044] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  389.305983][ T1273] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  389.465734][ T1273] usb 2-1: Using ep0 maxpacket: 32
[  389.478613][ T1273] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  389.482889][ T1273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.501763][ T1273] usb 2-1: config 0 descriptor??
[  389.516085][ T1273] as10x_usb: device has been detected
[  389.518907][ T1273] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  389.533255][ T1273] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  389.596023][ T1273] as10x_usb: error during firmware upload part1
[  389.599133][ T1273] Registered device nBox DVB-T Dongle
[  389.723890][  T791] usb 2-1: USB disconnect, device number 46
[  389.765131][  T791] Unregistered device nBox DVB-T Dongle
[  389.769818][  T791] as10x_usb: device has been disconnected
[  389.955725][ T5984] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  389.991994][T15075] netlink: 'syz.2.3587': attribute type 5 has an invalid length.
[  390.105779][ T5984] usb 6-1: Using ep0 maxpacket: 8
[  390.111627][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  390.120449][ T5984] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  390.124028][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.130911][ T5984] usb 6-1: config 0 descriptor??
[  390.353923][ T5984] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  390.392631][T15088] loop1: detected capacity change from 0 to 512
[  390.396546][T15088] EXT4-fs: Ignoring removed i_version option
[  390.400326][T15088] EXT4-fs: Ignoring removed nobh option
[  390.408677][T15088] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  390.425194][T15088] EXT4-fs (loop1): 1 truncate cleaned up
[  390.447074][T15088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.659284][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.767624][  T791] usb 6-1: USB disconnect, device number 11
[  391.467193][T15124] loop5: detected capacity change from 0 to 256
[  391.481833][T15124] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x9aa2f194, utbl_chksum : 0xe619d30d)
[  391.942721][T15147] loop5: detected capacity change from 0 to 8
[  391.951890][T15147] SQUASHFS error: lzo decompression failed, data probably corrupt
[  391.951928][T15147] SQUASHFS error: Failed to read block 0x91: -5
[  391.951935][T15147] SQUASHFS error: Unable to read metadata cache entry [8f]
[  391.951941][T15147] SQUASHFS error: Unable to read inode 0x11f
[  392.064022][T15153] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3621'.
[  392.116680][T15157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3623'.
[  392.122436][T15159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3624'.
[  392.473021][T15178] loop1: detected capacity change from 0 to 4096
[  392.481305][T15182] netlink: 'syz.5.3635': attribute type 14 has an invalid length.
[  392.525515][T15178] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  392.541102][T15178] ntfs3(loop1): Failed to load $Extend (-22).
[  392.549293][T15178] ntfs3(loop1): Failed to initialize $Extend.
[  393.199695][T15195] raw_sendmsg: syz.5.3640 forgot to set AF_INET. Fix it!
[  394.568513][   T53] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  394.808113][T15258] loop5: detected capacity change from 0 to 512
[  394.828462][T15258] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.832610][T15258] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.883444][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.979908][   T33] audit: type=1326 audit(1755120018.839:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  394.998522][   T33] audit: type=1326 audit(1755120018.839:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.019904][   T33] audit: type=1326 audit(1755120018.849:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.031024][   T33] audit: type=1326 audit(1755120018.849:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.038767][   T33] audit: type=1326 audit(1755120018.879:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.047278][   T33] audit: type=1326 audit(1755120018.879:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.057408][   T33] audit: type=1326 audit(1755120018.889:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.069600][   T33] audit: type=1326 audit(1755120018.889:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15270 comm="syz.5.3675" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x7ffc0000
[  395.253118][T15275] loop5: detected capacity change from 0 to 32768
[  395.260616][T15275] (syz.5.3676,15275,1):ocfs2_get_clusters:616 ERROR: status = -34
[  395.262991][T15275] (syz.5.3676,15275,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -34
[  395.265521][T15275] (syz.5.3676,15275,1):ocfs2_map_slot_buffers:378 ERROR: status = -34
[  395.271375][T15275] (syz.5.3676,15275,1):ocfs2_init_slot_info:426 ERROR: status = -34
[  395.277449][T15275] (syz.5.3676,15275,1):ocfs2_initialize_super:2222 ERROR: status = -34
[  395.280874][T15275] (syz.5.3676,15275,1):ocfs2_fill_super:1177 ERROR: status = -34
[  395.391123][T15281] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3679'.
[  395.405340][T15281] vlan2: entered allmulticast mode
[  395.408696][T15281] macvlan0: entered allmulticast mode
[  395.468758][T15283] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3680'.
[  395.587544][T15284] block nbd5: shutting down sockets
[  395.839007][T15301] netlink: 'syz.5.3689': attribute type 21 has an invalid length.
[  396.010599][ T5941] Bluetooth: hci1: link tx timeout
[  396.013042][ T5941] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  397.025717][ T5984] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  397.051907][T15320] loop5: detected capacity change from 0 to 32768
[  397.056388][T15320] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value
[  397.195959][ T5984] usb 2-1: Using ep0 maxpacket: 16
[  397.200634][ T5984] usb 2-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=6c.de
[  397.200662][ T5984] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.200679][ T5984] usb 2-1: Product: syz
[  397.200693][ T5984] usb 2-1: Manufacturer: syz
[  397.200707][ T5984] usb 2-1: SerialNumber: syz
[  397.203903][ T5984] usb 2-1: config 0 descriptor??
[  397.212254][ T5984] ems_usb 2-1:0.0 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[  397.237274][ T5984] ems_usb 2-1:0.0: probe with driver ems_usb failed with error -22
[  397.432130][T15334] loop5: detected capacity change from 0 to 1024
[  397.435174][ T5984] usb 2-1: USB disconnect, device number 47
[  397.440128][T15334] EXT4-fs: inline encryption not supported
[  397.442637][T15334] EXT4-fs: Ignoring removed i_version option
[  397.446743][T15334] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  397.468984][T15334] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.3702: lblock 2 mapped to illegal pblock 2 (length 1)
[  397.475524][T15334] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  397.480572][T15334] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3702: lblock 0 mapped to illegal pblock 48 (length 1)
[  397.489080][T15334] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  397.497198][T15334] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3702: Failed to acquire dquot type 0
[  397.502142][T15334] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  397.510349][T15334] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.3702: mark_inode_dirty error
[  397.515157][T15334] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  397.521302][T15334] EXT4-fs (loop5): 1 orphan inode deleted
[  397.525040][T15334] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  397.534521][T15334] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm syz.5.3702: lblock 1 mapped to illegal pblock 1 (length 1)
[  397.552054][ T1088] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  397.562459][ T1088] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u9:5: Failed to release dquot type 0
[  397.579355][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.582889][T13238] EXT4-fs error (device loop5): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  397.592046][T13238] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  397.598548][T13238] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  397.644813][T15338] netlink: 'syz.5.3703': attribute type 2 has an invalid length.
[  397.647546][T15338] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3703'.
[  397.681116][T15340] loop5: detected capacity change from 0 to 1024
[  398.014435][T15349] loop5: detected capacity change from 0 to 256
[  398.082696][T15349] FAT-fs (loop5): Directory bread(block 64) failed
[  398.085212][T15349] FAT-fs (loop5): Directory bread(block 65) failed
[  398.088352][T15349] FAT-fs (loop5): Directory bread(block 66) failed
[  398.090865][T15349] FAT-fs (loop5): Directory bread(block 67) failed
[  398.093305][T15349] FAT-fs (loop5): Directory bread(block 68) failed
[  398.096269][T15309] Bluetooth: hci1: command 0x0406 tx timeout
[  398.097251][T15349] FAT-fs (loop5): Directory bread(block 69) failed
[  398.102964][T15349] FAT-fs (loop5): Directory bread(block 70) failed
[  398.105456][T15349] FAT-fs (loop5): Directory bread(block 71) failed
[  398.108750][T15349] FAT-fs (loop5): Directory bread(block 72) failed
[  398.117673][T15349] FAT-fs (loop5): Directory bread(block 73) failed
[  398.736156][T15359] kernel read not supported for file / 7âW)s!Qfsl{Tr)rO2:"T+͟v|ղADvc֠6xc: (pid: 15359 comm: syz.1.3711)
[  399.116307][  T791] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  399.285777][  T791] usb 2-1: Using ep0 maxpacket: 32
[  399.293066][  T791] usb 2-1: config 2 has an invalid interface number: 1 but max is 0
[  399.296890][  T791] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  399.300762][  T791] usb 2-1: config 2 has 2 interfaces, different from the descriptor's value: 1
[  399.324809][  T791] usb 2-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64
[  399.329927][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.346103][  T791] usb 2-1: Product: syz
[  399.347830][  T791] usb 2-1: Manufacturer: syz
[  399.360964][  T791] usb 2-1: SerialNumber: syz
[  399.379439][  T791] cdc_acm 2-1:2.1: probe with driver cdc_acm failed with error -22
[  399.388497][  T791] cdc_acm 2-1:2.0: probe with driver cdc_acm failed with error -22
[  399.436670][T15387] loop5: detected capacity change from 0 to 4096
[  399.465157][T15387] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.523436][T15387] EXT4-fs error (device loop5): ext4_get_first_dir_block:3553: inode #12: block 80: comm syz.5.3724: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  399.537625][T15387] EXT4-fs (loop5): Remounting filesystem read-only
[  399.569167][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.591942][  T791] usb 2-1: USB disconnect, device number 48
[  399.668905][T15393] kAFS: No cell specified
[  400.105888][ T1273] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  400.334065][ T1273] usb 6-1: config 0 has an invalid interface number: 57 but max is 0
[  400.343902][ T1273] usb 6-1: config 0 has no interface number 0
[  400.348256][ T1273] usb 6-1: New USB device found, idVendor=093a, idProduct=010f, bcdDevice=c6.63
[  400.351885][ T1273] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.360017][ T1273] usb 6-1: config 0 descriptor??
[  400.364849][ T1273] gspca_main: mr97310a-2.14.0 probing 093a:010f
[  400.375820][ T1273] gspca_mr97310a: reg write [21] error -22
[  400.389226][ T1273] mr97310a 6-1:0.57: probe with driver mr97310a failed with error -22
[  400.569175][ T1273] usb 6-1: USB disconnect, device number 12
[  400.999223][T15432] bond0: Removing last ns target with arp_interval on
[  400.999671][ T5963] bond0: (slave 1@): interface is now down
[  401.012384][ T5963] bond0: (slave bond_slave_1): interface is now down
[  401.022397][ T5963] bond0: now running without any active interface!
[  401.209881][T15440] loop5: detected capacity change from 0 to 256
[  401.231169][T15440] FAT-fs (loop5): Directory bread(block 64) failed
[  401.233873][T15440] FAT-fs (loop5): Directory bread(block 65) failed
[  401.245875][ T1273] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  401.249143][T15440] FAT-fs (loop5): Directory bread(block 66) failed
[  401.251561][T15440] FAT-fs (loop5): Directory bread(block 67) failed
[  401.254065][T15440] FAT-fs (loop5): Directory bread(block 68) failed
[  401.263989][T15440] FAT-fs (loop5): Directory bread(block 69) failed
[  401.267319][T15440] FAT-fs (loop5): Directory bread(block 70) failed
[  401.270052][T15440] FAT-fs (loop5): Directory bread(block 71) failed
[  401.272529][T15440] FAT-fs (loop5): Directory bread(block 72) failed
[  401.275093][T15440] FAT-fs (loop5): Directory bread(block 73) failed
[  401.620128][ T1273] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  401.627281][ T1273] usb 2-1: config 220 has an invalid descriptor of length 201, skipping remainder of the config
[  401.632488][ T1273] usb 2-1: config 220 has no interface number 2
[  401.635194][ T1273] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  401.639969][ T1273] usb 2-1: config 220 interface 0 has no altsetting 0
[  401.642469][ T1273] usb 2-1: config 220 interface 76 has no altsetting 0
[  401.645225][ T1273] usb 2-1: config 220 interface 1 has no altsetting 0
[  401.650895][ T1273] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  401.654579][ T1273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.660550][ T1273] usb 2-1: Product: syz
[  401.666922][ T1273] usb 2-1: Manufacturer: syz
[  401.670689][ T1273] usb 2-1: SerialNumber: syz
[  401.815794][T15452] bridge0: entered allmulticast mode
[  401.820108][T15452] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3753'.
[  401.824024][T15452] bridge_slave_1: left allmulticast mode
[  401.825885][T15452] bridge_slave_1: left promiscuous mode
[  401.828541][T15452] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.836837][T15452] bridge_slave_0: left allmulticast mode
[  401.838744][T15452] bridge_slave_0: left promiscuous mode
[  401.841311][T15452] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.872433][T15452] bridge0 (unregistering): left allmulticast mode
[  401.900831][ T1273] usb 2-1: selecting invalid altsetting 0
[  401.903903][ T1273] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  401.906563][ T1273] usb 2-1: No valid video chain found.
[  401.913211][ T1273] usb 2-1: selecting invalid altsetting 0
[  401.915760][ T1273] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  401.924858][ T1273] usb 2-1: USB disconnect, device number 49
[  402.101146][T15455] loop5: detected capacity change from 0 to 1024
[  402.165731][T15459] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3755'.
[  402.269414][   T33] kauditd_printk_skb: 3 callbacks suppressed
[  402.269425][   T33] audit: type=1326 audit(1755120026.086:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15466 comm="syz.5.3759" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f105b38ebe9 code=0x0
[  402.482904][T15482] loop1: detected capacity change from 0 to 1024
[  402.487130][T15482] EXT4-fs: inline encryption not supported
[  402.488986][T15482] EXT4-fs: Ignoring removed i_version option
[  402.501010][T15482] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  402.720112][T15487] loop1: detected capacity change from 0 to 32768
[  402.724407][T15487] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt
[  402.724407][T15487] 
[  402.728443][T15487] ERROR: (device loop1): remounting filesystem as read-only
[  402.731582][T15487] xtLookup: xtSearch returned -5
[  402.733222][T15487] read_mapping_page failed!
[  402.734762][T15487] jfs_mount: diMount(ipaimap2) failed, rc = -5
[  402.736952][T15487] Mount JFS Failure: -5
[  402.738606][T15487] jfs_mount failed w/return code = -5
[  402.770518][T15491] loop1: detected capacity change from 0 to 512
[  402.784253][T15491] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3770: bg 0: block 393: padding at end of block bitmap is not set
[  402.789322][T15491] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  402.792503][T15491] EXT4-fs (loop1): 2 truncates cleaned up
[  402.797387][T15491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.814176][T15491] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  402.817989][T15491] EXT4-fs (loop1): can't disable delalloc during remount
[  402.843303][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.261380][T15505] loop1: detected capacity change from 0 to 64
[  403.301126][T15505] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  403.590541][T15521] : entered promiscuous mode
[  403.796865][T15511] loop5: detected capacity change from 0 to 32768
[  403.803972][T15511] XFS: noikeep mount option is deprecated.
[  404.177352][T15511] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  404.292156][T15511] XFS (loop5): Ending clean mount
[  404.305660][T15511] XFS (loop5): Quotacheck needed: Please wait.
[  404.380113][T15511] XFS (loop5): Quotacheck: Done.
[  404.407297][   T33] audit: type=1800 audit(1755120028.087:118): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3779" name="file1" dev="loop5" ino=9286 res=0 errno=0
[  404.437188][T15511] Direct I/O collision with buffered writes! File: /file1 Comm: syz.5.3779
[  404.614101][T13238] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  405.172455][T15555] loop5: detected capacity change from 0 to 1764
[  405.253766][T15559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3795'.
[  405.419353][T15557] loop5: detected capacity change from 0 to 32768
[  405.440890][T15557] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  405.480186][ T5963] OCFS2: ERROR (device loop5): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #72: signature = 
[  405.499557][ T5963] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  405.505082][ T5963] OCFS2: File system is now read-only.
[  405.508700][ T5963] (kworker/u8:4,5963,1):ocfs2_dir_foreach_blk_id:1773 ERROR: Unable to read inode block for dir 72
[  405.519426][T13238] ocfs2: Unmounting device (7,5) on (node local)
[  405.905374][ T5984] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  405.944803][T15595] loop1: detected capacity change from 0 to 256
[  405.967539][T15595] FAT-fs (loop1): Directory bread(block 64) failed
[  405.974789][T15595] FAT-fs (loop1): Directory bread(block 65) failed
[  405.980501][T15595] FAT-fs (loop1): Directory bread(block 66) failed
[  405.983982][T15595] FAT-fs (loop1): Directory bread(block 67) failed
[  405.986997][T15595] FAT-fs (loop1): Directory bread(block 68) failed
[  405.989101][T15595] FAT-fs (loop1): Directory bread(block 69) failed
[  405.993171][T15595] FAT-fs (loop1): Directory bread(block 70) failed
[  405.995328][T15595] FAT-fs (loop1): Directory bread(block 71) failed
[  405.997908][T15595] FAT-fs (loop1): Directory bread(block 72) failed
[  406.000423][T15595] FAT-fs (loop1): Directory bread(block 73) failed
[  406.067016][ T5984] usb 6-1: Using ep0 maxpacket: 32
[  406.071822][ T5984] usb 6-1: config 0 has an invalid interface number: 58 but max is 27
[  406.074575][ T5984] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.083388][ T5984] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 28
[  406.086381][ T5984] usb 6-1: config 0 has no interface number 0
[  406.091720][ T5984] usb 6-1: config 0 interface 58 altsetting 0 endpoint 0x6 has invalid maxpacket 56166, setting to 64
[  406.096325][ T5984] usb 6-1: config 0 interface 58 altsetting 0 endpoint 0x7 has invalid maxpacket 64800, setting to 64
[  406.104608][ T5984] usb 6-1: config 0 interface 58 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  406.107763][ T5984] usb 6-1: config 0 interface 58 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  406.112219][ T5984] usb 6-1: config 0 interface 58 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  406.121917][ T5984] usb 6-1: config 0 interface 58 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 6
[  406.130501][ T5984] usb 6-1: New USB device found, idVendor=05ac, idProduct=021c, bcdDevice=5c.24
[  406.133403][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.143521][ T5984] usb 6-1: Product: syz
[  406.145275][ T5984] usb 6-1: Manufacturer: syz
[  406.146982][ T5984] usb 6-1: SerialNumber: syz
[  406.153325][ T5984] usb 6-1: config 0 descriptor??
[  406.400955][ T5984] appletouch 6-1:0.58: Could not find int-in endpoint
[  406.404832][ T5984] appletouch 6-1:0.58: probe with driver appletouch failed with error -5
[  406.419876][ T5984] usbhid 6-1:0.58: couldn't find an input interrupt endpoint
[  406.430408][ T5984] usb 6-1: USB disconnect, device number 13
[  406.823764][   T33] audit: type=1326 audit(1755120030.351:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.838243][   T33] audit: type=1326 audit(1755120030.351:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.852753][   T33] audit: type=1326 audit(1755120030.361:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.862089][   T33] audit: type=1326 audit(1755120030.370:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.874133][   T33] audit: type=1326 audit(1755120030.370:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.885893][   T33] audit: type=1326 audit(1755120030.379:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.902984][   T33] audit: type=1326 audit(1755120030.379:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  406.910022][   T33] audit: type=1326 audit(1755120030.379:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15603 comm="syz.2.3816" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  407.326583][T15611] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  407.327026][T15610] overlayfs: failed to clone upperpath
[  407.476507][T15615] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3821'.
[  407.481054][T15615] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3821'.
[  407.500294][T15615] vlan0: entered promiscuous mode
[  407.770803][T15635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3830'.
[  407.788496][T15633] loop1: detected capacity change from 0 to 8192
[  407.858915][T15625] loop5: detected capacity change from 0 to 32768
[  407.907655][T15625] ERROR: (device loop5): dbAlloc: unable to allocate blocks
[  407.907655][T15625] 
[  407.915842][T15625] jfs_create: dtInsert returned -EIO
[  407.917795][T15625] ERROR: (device loop5): jfs_create: 
[  407.917795][T15625] 
[  408.092681][T15654] loop1: detected capacity change from 0 to 256
[  408.109401][T15654] exfat: Deprecated parameter 'utf8'
[  408.129120][T15654] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  408.135071][T15656] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3840'.
[  408.139465][T15656] unsupported nlmsg_type 40
[  408.274264][T15666] loop1: detected capacity change from 0 to 1024
[  408.281306][T15666] EXT4-fs: Ignoring removed oldalloc option
[  408.283892][T15666] EXT4-fs: Ignoring removed bh option
[  408.308841][T15666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.329472][ T5938] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.486208][T15678] loop1: detected capacity change from 0 to 128
[  408.510885][T15678] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  408.516520][T15678] ext4 filesystem being mounted at /1164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.544387][ T5938] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  408.877746][ T1273] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  409.048697][ T1273] usb 2-1: Using ep0 maxpacket: 32
[  409.056137][ T1273] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.064906][ T1273] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.075091][ T1273] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  409.079272][ T1273] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  409.083513][ T1273] usb 2-1: Product: syz
[  409.085451][ T1273] usb 2-1: Manufacturer: syz
[  409.097913][ T1273] hub 2-1:4.0: USB hub found
[  409.495255][ T1273] hub 2-1:4.0: 2 ports detected
[  410.114732][ T1273] hub 2-1:4.0: set hub depth failed
[  410.126650][ T1273] usb 2-1: USB disconnect, device number 50
[  410.371783][T15717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3865'.
[  410.384193][T15717] team0: entered promiscuous mode
[  410.390241][T15717] team_slave_0: entered promiscuous mode
[  410.393700][T15717] team_slave_1: entered promiscuous mode
[  410.398257][T15717] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  410.402617][T15717] team0: left promiscuous mode
[  410.404756][T15717] team_slave_0: left promiscuous mode
[  410.407856][T15717] team_slave_1: left promiscuous mode
[  410.527750][T15719] loop5: detected capacity change from 0 to 2048
[  410.532533][T15719] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  410.540628][T15719] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  412.601450][T15771] loop5: detected capacity change from 0 to 1024
[  412.620093][T15771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  412.641847][T15771] EXT4-fs warning (device loop5): ext4_empty_dir:3103: inode #11: comm syz.5.3888: directory missing '..'
[  412.711978][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.054082][T15794] netlink: 'syz.5.3898': attribute type 32 has an invalid length.
[  413.056555][T15794] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3898'.
[  413.060688][T15794] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  413.083961][T15799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3899'.
[  413.087673][T15799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3899'.
[  413.103948][T15799] netlink: 'syz.2.3899': attribute type 12 has an invalid length.
[  413.106421][T15799] netlink: 'syz.2.3899': attribute type 11 has an invalid length.
[  413.233409][T15805] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3902'.
[  413.346793][T15810] loop5: detected capacity change from 0 to 512
[  413.355175][T15810] EXT4-fs: Ignoring removed bh option
[  413.392538][T15810] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  413.413139][T15810] EXT4-fs (loop5): 1 truncate cleaned up
[  413.417277][T15810] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.442468][   T24] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  413.522647][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.637966][   T24] usb 2-1: Using ep0 maxpacket: 8
[  413.650592][   T24] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  413.679541][   T24] usb 2-1: config 0 has no interface number 0
[  413.691186][   T24] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  413.694755][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.697948][   T24] usb 2-1: Product: syz
[  413.709973][   T24] usb 2-1: Manufacturer: syz
[  413.711854][   T24] usb 2-1: SerialNumber: syz
[  413.716899][   T24] usb 2-1: config 0 descriptor??
[  413.916825][T15828] loop5: detected capacity change from 0 to 256
[  413.972144][   T24] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[  413.975318][   T24] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[  413.980200][   T24] usb 2-1: Failed to create links for entity 5
[  413.982318][   T24] usb 2-1: Failed to register entities (-22).
[  414.000191][   T24] usb 2-1: USB disconnect, device number 51
[  414.576944][T15853] cgroup: noprefix used incorrectly
[  414.666654][T15860] netlink: 'syz.2.3929': attribute type 29 has an invalid length.
[  415.106436][T15876] loop1: detected capacity change from 0 to 40427
[  415.116871][T15876] F2FS-fs (loop1): build fault injection rate: 19
[  415.119264][T15876] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  415.137716][T15876] F2FS-fs (loop1): invalid crc value
[  415.146284][T15876] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  415.189590][T15876] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  415.199169][T15876] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  415.203501][T15876] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  415.220366][T15876] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  415.231939][T15876] syz.1.3936: attempt to access beyond end of device
[  415.231939][T15876] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  415.236989][T15876] F2FS-fs (loop1): inject write IO error in f2fs_write_end_io of __submit_merged_bio+0x27a/0x6a0
[  415.245278][T15876] CPU: 1 UID: 0 PID: 15876 Comm: syz.1.3936 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  415.245296][T15876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  415.245303][T15876] Call Trace:
[  415.245309][T15876]  <TASK>
[  415.245315][T15876]  dump_stack_lvl+0x189/0x250
[  415.245335][T15876]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.245346][T15876]  ? __pfx_queue_work_on+0x10/0x10
[  415.245357][T15876]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  415.245370][T15876]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  415.245386][T15876]  f2fs_handle_critical_error+0x37c/0x540
[  415.245404][T15876]  f2fs_write_end_io+0x886/0xb60
[  415.245427][T15876]  __submit_merged_bio+0x27a/0x6a0
[  415.245440][T15876]  __submit_merged_write_cond+0x255/0x530
[  415.245454][T15876]  f2fs_write_data_pages+0x261d/0x3000
[  415.245486][T15876]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  415.245546][T15876]  ? __lock_acquire+0xab9/0xd20
[  415.245568][T15876]  ? do_raw_spin_lock+0x121/0x290
[  415.245585][T15876]  ? do_raw_spin_unlock+0x4d/0x240
[  415.245596][T15876]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  415.245609][T15876]  do_writepages+0x32e/0x550
[  415.245629][T15876]  ? do_raw_spin_unlock+0x4d/0x240
[  415.245642][T15876]  filemap_fdatawrite+0x199/0x240
[  415.245654][T15876]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  415.245692][T15876]  ? do_raw_spin_unlock+0x4d/0x240
[  415.245704][T15876]  f2fs_sync_dirty_inodes+0x31f/0x830
[  415.245725][T15876]  f2fs_write_checkpoint+0x95a/0x1df0
[  415.245750][T15876]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  415.245783][T15876]  ? down_write+0x162/0x1f0
[  415.245794][T15876]  ? __pfx_down_write+0x10/0x10
[  415.245811][T15876]  f2fs_issue_checkpoint+0x3ac/0x570
[  415.245825][T15876]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  415.245836][T15876]  ? __lock_acquire+0xab9/0xd20
[  415.245858][T15876]  ? __up_read+0x280/0x680
[  415.245872][T15876]  ? f2fs_sync_fs+0x200/0x3d0
[  415.245883][T15876]  f2fs_do_sync_file+0x869/0x1860
[  415.245901][T15876]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  415.245934][T15876]  ? down_write+0x162/0x1f0
[  415.245944][T15876]  ? __pfx_down_write+0x10/0x10
[  415.245955][T15876]  ? sb_start_write+0x114/0x1c0
[  415.245965][T15876]  ? mnt_want_write_file+0x164/0x200
[  415.245976][T15876]  __f2fs_ioctl+0x3a51/0xb610
[  415.246023][T15876]  ? file_ioctl+0x22d/0x780
[  415.246039][T15876]  ? __pfx_file_ioctl+0x10/0x10
[  415.246056][T15876]  ? kasan_quarantine_put+0xdd/0x220
[  415.246071][T15876]  ? __pfx___f2fs_ioctl+0x10/0x10
[  415.246085][T15876]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  415.246097][T15876]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  415.246109][T15876]  ? do_vfs_ioctl+0xb33/0x1430
[  415.246120][T15876]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  415.246138][T15876]  ? __lock_acquire+0xab9/0xd20
[  415.246161][T15876]  ? __fget_files+0x2a/0x420
[  415.246175][T15876]  ? __fget_files+0x2a/0x420
[  415.246186][T15876]  ? __fget_files+0x3a0/0x420
[  415.246198][T15876]  ? __fget_files+0x2a/0x420
[  415.246212][T15876]  ? f2fs_ioctl+0x135/0x250
[  415.246225][T15876]  ? __pfx_f2fs_ioctl+0x10/0x10
[  415.246237][T15876]  __se_sys_ioctl+0xfc/0x170
[  415.246249][T15876]  do_syscall_64+0xfa/0x3b0
[  415.246259][T15876]  ? lockdep_hardirqs_on+0x9c/0x150
[  415.246268][T15876]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.246277][T15876]  ? exc_page_fault+0x9f/0xf0
[  415.246288][T15876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.246296][T15876] RIP: 0033:0x7f17a818ebe9
[  415.246307][T15876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.246315][T15876] RSP: 002b:00007f17a9035038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  415.246325][T15876] RAX: ffffffffffffffda RBX: 00007f17a83b5fa0 RCX: 00007f17a818ebe9
[  415.246332][T15876] RDX: 0000000000000000 RSI: 000000000000f502 RDI: 0000000000000005
[  415.246337][T15876] RBP: 00007f17a8211e19 R08: 0000000000000000 R09: 0000000000000000
[  415.246342][T15876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  415.246347][T15876] R13: 00007f17a83b6038 R14: 00007f17a83b5fa0 R15: 00007ffdef609f58
[  415.246364][T15876]  </TASK>
[  415.246369][T15876] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  415.676134][T15887] loop5: detected capacity change from 0 to 512
[  415.697240][T15887] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  415.707865][T15887] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  415.712230][T15887] System zones: 1-12
[  415.718811][T15887] EXT4-fs (loop5): 1 truncate cleaned up
[  415.726092][T15887] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.798186][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.833636][T15893] overlayfs: failed to clone upperpath
[  416.122854][T15895] loop5: detected capacity change from 0 to 32768
[  416.127322][T15895] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3941 (15895)
[  416.146898][T15895] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  416.151107][T15895] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  416.154486][T15895] BTRFS info (device loop5): disk space caching is enabled
[  416.157345][T15895] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  416.224680][T15885] loop1: detected capacity change from 0 to 32768
[  416.252149][T15895] BTRFS info (device loop5): rebuilding free space tree
[  416.273428][T15885] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  416.275405][T15895] BTRFS info (device loop5): disabling free space tree
[  416.279628][T15895] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  416.284767][T15895] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  416.336846][T15895] BTRFS info (device loop5): scrub: started on devid 1
[  416.346333][T15895] BTRFS info (device loop5): scrub: finished on devid 1 with status: 0
[  416.410317][T15885] XFS (loop1): Ending clean mount
[  416.443037][T13238] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  416.516381][ T5938] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  417.133278][T15943] bond2: entered promiscuous mode
[  417.135493][T15943] bond2: entered allmulticast mode
[  417.138697][T15943] 8021q: adding VLAN 0 to HW filter on device bond2
[  417.266783][T15946] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  417.781840][T15958] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3961'.
[  417.845005][T15960] syz.5.3960: attempt to access beyond end of device
[  417.845005][T15960] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[  417.858462][T15960] syz.5.3960: attempt to access beyond end of device
[  417.858462][T15960] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[  418.644183][T15976] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3969'.
[  418.684023][T15966] loop5: detected capacity change from 0 to 32768
[  418.708522][T15966] XFS (loop5): Mounting V5 Filesystem 6b3d8c96-b8b2-4f73-8344-2893082bca0b
[  418.774057][T15966] XFS (loop5): Ending clean mount
[  418.800199][T13238] XFS (loop5): Unmounting Filesystem 6b3d8c96-b8b2-4f73-8344-2893082bca0b
[  418.905707][T15988] loop1: detected capacity change from 0 to 4096
[  419.217362][T16000] 9pnet_fd: Insufficient options for proto=fd
[  419.328732][T15990] loop5: detected capacity change from 0 to 32768
[  419.342465][T15990] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3971 (15990)
[  419.429815][T15990] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  419.433289][T15990] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  419.436483][T15990] BTRFS info (device loop5): using free-space-tree
[  419.676885][  T791] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  419.847598][  T791] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  419.851322][  T791] usb 2-1: config 0 has no interface number 0
[  419.874807][  T791] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  419.878452][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.888979][  T791] usb 2-1: Product: syz
[  419.890321][  T791] usb 2-1: Manufacturer: syz
[  419.891863][  T791] usb 2-1: SerialNumber: syz
[  419.896055][  T791] usb 2-1: config 0 descriptor??
[  419.919437][T13238] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  420.117256][  T791] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  420.146571][  T791] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  420.149945][  T791] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  420.152786][  T791] usb 2-1: media controller created
[  420.176687][  T791] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  420.337227][  T791] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[  420.390400][  T791] usb 2-1: USB disconnect, device number 52
[  420.523015][T16029] loop5: detected capacity change from 0 to 32768
[  420.532009][T16029] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3982 (16029)
[  420.549282][T16029] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  420.562423][T16029] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  420.566666][T16029] BTRFS info (device loop5): using free-space-tree
[  420.703959][   T33] kauditd_printk_skb: 12 callbacks suppressed
[  420.703977][   T33] audit: type=1800 audit(1755120043.335:139): pid=16029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3982" name="file1" dev="loop5" ino=260 res=0 errno=0
[  420.871928][T13238] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  421.704580][T16096] netlink: 180 bytes leftover after parsing attributes in process `syz.2.4006'.
[  421.716831][ T1273] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  421.904024][ T1273] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  421.907737][ T1273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.910588][ T1273] usb 2-1: Product: syz
[  421.912054][ T1273] usb 2-1: Manufacturer: syz
[  421.913659][ T1273] usb 2-1: SerialNumber: syz
[  421.917863][ T1273] usb 2-1: config 0 descriptor??
[  421.924799][ T1273] gspca_main: sunplus-2.14.0 probing 055f:c230
[  422.265881][T16107] loop5: detected capacity change from 0 to 1024
[  422.335416][T16107] hfsplus: extend alloc file! (8192,512,17039360)
[  422.360507][ T5984] usb 2-1: USB disconnect, device number 53
[  424.010556][T16132] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  424.163933][T16137] loop5: detected capacity change from 0 to 1024
[  424.168217][T16137] EXT4-fs: Ignoring removed orlov option
[  424.238125][T16137] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  424.510999][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.589239][T16150] netlink: 248 bytes leftover after parsing attributes in process `syz.1.4028'.
[  424.592901][T16150] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4028'.
[  424.653561][T16152] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4029'.
[  424.838764][T16148] loop5: detected capacity change from 0 to 40427
[  424.946043][T16148] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  424.948892][T16148] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  424.954349][T16148] F2FS-fs (loop5): invalid crc value
[  424.963853][T16154] loop1: detected capacity change from 0 to 40427
[  425.045917][T16148] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  425.057377][T16148] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  425.060275][T16148] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  425.116641][T16154] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  425.216870][T16154] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  425.472302][T16148] syz.5.4026: attempt to access beyond end of device
[  425.472302][T16148] loop5: rw=2049, sector=53248, nr_sectors = 2048 limit=40427
[  425.588925][T16174] syz.1.4030: attempt to access beyond end of device
[  425.588925][T16174] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  425.669120][T16148] syz.5.4026: attempt to access beyond end of device
[  425.669120][T16148] loop5: rw=2049, sector=55296, nr_sectors = 2048 limit=40427
[  425.770617][T16148] syz.5.4026: attempt to access beyond end of device
[  425.770617][T16148] loop5: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[  425.854639][T16148] syz.5.4026: attempt to access beyond end of device
[  425.854639][T16148] loop5: rw=2049, sector=57344, nr_sectors = 17848 limit=40427
[  425.881795][T16148] syz.5.4026: attempt to access beyond end of device
[  425.881795][T16148] loop5: rw=2049, sector=75192, nr_sectors = 2632 limit=40427
[  425.907937][T16148] syz.5.4026: attempt to access beyond end of device
[  425.907937][T16148] loop5: rw=2049, sector=81920, nr_sectors = 3928 limit=40427
[  425.926142][ T5938] syz-executor: attempt to access beyond end of device
[  425.926142][ T5938] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  425.945416][ T5938] CPU: 0 UID: 0 PID: 5938 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  425.945442][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  425.945451][ T5938] Call Trace:
[  425.945458][ T5938]  <TASK>
[  425.945465][ T5938]  dump_stack_lvl+0x189/0x250
[  425.945489][ T5938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.945506][ T5938]  ? __pfx_queue_work_on+0x10/0x10
[  425.945522][ T5938]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  425.945539][ T5938]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  425.945562][ T5938]  f2fs_handle_critical_error+0x37c/0x540
[  425.945587][ T5938]  f2fs_write_end_io+0x886/0xb60
[  425.945614][ T5938]  __submit_merged_bio+0x27a/0x6a0
[  425.945635][ T5938]  __submit_merged_write_cond+0x255/0x530
[  425.945658][ T5938]  f2fs_write_data_pages+0x261d/0x3000
[  425.945704][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  425.945721][ T5938]  ? is_bpf_text_address+0x26/0x2b0
[  425.945784][ T5938]  ? ktime_get+0x3e/0x1f0
[  425.945799][ T5938]  ? ktime_get+0x3e/0x1f0
[  425.945815][ T5938]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  425.945832][ T5938]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  425.945857][ T5938]  ? rcu_is_watching+0x15/0xb0
[  425.945879][ T5938]  ? __lock_acquire+0xab9/0xd20
[  425.945913][ T5938]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  425.945932][ T5938]  do_writepages+0x32e/0x550
[  425.945960][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  425.946004][ T5938]  filemap_fdatawrite+0x199/0x240
[  425.946023][ T5938]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  425.946080][ T5938]  ? do_raw_spin_unlock+0x4d/0x240
[  425.946101][ T5938]  f2fs_sync_dirty_inodes+0x31f/0x830
[  425.946132][ T5938]  f2fs_write_checkpoint+0x95a/0x1df0
[  425.946171][ T5938]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  425.946225][ T5938]  ? kill_f2fs_super+0x298/0x6c0
[  425.946249][ T5938]  kill_f2fs_super+0x2c3/0x6c0
[  425.946274][ T5938]  ? __pfx_kill_f2fs_super+0x10/0x10
[  425.946292][ T5938]  ? radix_tree_delete_item+0x2b6/0x400
[  425.946314][ T5938]  ? shrinker_free+0x2ce/0x3e0
[  425.946332][ T5938]  deactivate_locked_super+0xbc/0x130
[  425.946352][ T5938]  cleanup_mnt+0x425/0x4c0
[  425.946368][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.946387][ T5938]  task_work_run+0x1d4/0x260
[  425.946409][ T5938]  ? __pfx_task_work_run+0x10/0x10
[  425.946426][ T5938]  ? __x64_sys_umount+0x122/0x160
[  425.946448][ T5938]  ? exit_to_user_mode_loop+0x40/0x110
[  425.946472][ T5938]  exit_to_user_mode_loop+0xec/0x110
[  425.946492][ T5938]  do_syscall_64+0x2bd/0x3b0
[  425.946508][ T5938]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.946524][ T5938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.946538][ T5938]  ? exc_page_fault+0x9f/0xf0
[  425.946555][ T5938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.946569][ T5938] RIP: 0033:0x7f17a818ff17
[  425.946582][ T5938] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  425.946593][ T5938] RSP: 002b:00007ffdef6091e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  425.946609][ T5938] RAX: 0000000000000000 RBX: 00007f17a8211c05 RCX: 00007f17a818ff17
[  425.946618][ T5938] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdef6092a0
[  425.946627][ T5938] RBP: 00007ffdef6092a0 R08: 0000000000000000 R09: 0000000000000000
[  425.946635][ T5938] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdef60a330
[  425.946644][ T5938] R13: 00007f17a8211c05 R14: 000000000006776e R15: 00007ffdef60a370
[  425.946668][ T5938]  </TASK>
[  425.946674][ T5938] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  426.102860][T16147] syz.5.4026: attempt to access beyond end of device
[  426.102860][T16147] loop5: rw=524288, sector=53248, nr_sectors = 256 limit=40427
[  426.108405][T16147] syz.5.4026: attempt to access beyond end of device
[  426.108405][T16147] loop5: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  426.165920][T13238] CPU: 1 UID: 0 PID: 13238 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  426.165938][T13238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  426.165945][T13238] Call Trace:
[  426.165949][T13238]  <TASK>
[  426.165994][T13238]  dump_stack_lvl+0x189/0x250
[  426.166016][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.166030][T13238]  ? __pfx_queue_work_on+0x10/0x10
[  426.166041][T13238]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  426.166053][T13238]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  426.166073][T13238]  f2fs_handle_critical_error+0x37c/0x540
[  426.166089][T13238]  f2fs_write_end_io+0x886/0xb60
[  426.166107][T13238]  __submit_merged_bio+0x27a/0x6a0
[  426.166120][T13238]  __submit_merged_write_cond+0x255/0x530
[  426.166133][T13238]  f2fs_write_data_pages+0x261d/0x3000
[  426.166158][T13238]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  426.166188][T13238]  ? __mod_zone_page_state+0xd7/0x140
[  426.166204][T13238]  ? folios_put_refs+0x560/0x640
[  426.166218][T13238]  ? __pfx_folios_put_refs+0x10/0x10
[  426.166225][T13238]  ? rcu_is_watching+0x15/0xb0
[  426.166238][T13238]  ? __lock_acquire+0xab9/0xd20
[  426.166257][T13238]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  426.166268][T13238]  do_writepages+0x32e/0x550
[  426.166284][T13238]  ? do_raw_spin_unlock+0x4d/0x240
[  426.166295][T13238]  filemap_fdatawrite+0x199/0x240
[  426.166306][T13238]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  426.166337][T13238]  ? do_raw_spin_unlock+0x4d/0x240
[  426.166348][T13238]  f2fs_sync_dirty_inodes+0x31f/0x830
[  426.166366][T13238]  f2fs_write_checkpoint+0x95a/0x1df0
[  426.166389][T13238]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  426.166420][T13238]  ? kill_f2fs_super+0x298/0x6c0
[  426.166434][T13238]  kill_f2fs_super+0x2c3/0x6c0
[  426.166447][T13238]  ? __pfx_kill_f2fs_super+0x10/0x10
[  426.166457][T13238]  ? radix_tree_delete_item+0x2b6/0x400
[  426.166469][T13238]  ? shrinker_free+0x2ce/0x3e0
[  426.166483][T13238]  deactivate_locked_super+0xbc/0x130
[  426.166494][T13238]  cleanup_mnt+0x425/0x4c0
[  426.166504][T13238]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.166514][T13238]  task_work_run+0x1d4/0x260
[  426.166526][T13238]  ? __pfx_task_work_run+0x10/0x10
[  426.166535][T13238]  ? __x64_sys_umount+0x122/0x160
[  426.166547][T13238]  ? exit_to_user_mode_loop+0x40/0x110
[  426.166560][T13238]  exit_to_user_mode_loop+0xec/0x110
[  426.166571][T13238]  do_syscall_64+0x2bd/0x3b0
[  426.166580][T13238]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.166589][T13238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.166597][T13238]  ? exc_page_fault+0x9f/0xf0
[  426.166607][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.166615][T13238] RIP: 0033:0x7f105b38ff17
[  426.166624][T13238] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  426.166631][T13238] RSP: 002b:00007fff39cb2628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  426.166641][T13238] RAX: 0000000000000000 RBX: 00007f105b411c05 RCX: 00007f105b38ff17
[  426.166647][T13238] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff39cb26e0
[  426.166651][T13238] RBP: 00007fff39cb26e0 R08: 0000000000000000 R09: 0000000000000000
[  426.166656][T13238] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff39cb3770
[  426.166661][T13238] R13: 00007f105b411c05 R14: 00000000000679fe R15: 00007fff39cb37b0
[  426.166674][T13238]  </TASK>
[  426.166678][T13238] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  426.414229][T16185] loop1: detected capacity change from 0 to 128
[  426.432349][T16185] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  426.437457][T16185] ext4 filesystem being mounted at /1208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  426.470819][ T5938] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  426.787594][T16192] loop5: detected capacity change from 0 to 4096
[  426.800317][T16192] ntfs3(loop5): Primary boot: invalid index size -14.
[  426.817174][T16192] ntfs3(loop5): try to read out of volume at offset 0x1ffe00
[  426.886277][T16188] loop1: detected capacity change from 0 to 32768
[  426.922668][T16188] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  427.154177][ T5938] ocfs2: Unmounting device (7,1) on (node local)
[  427.243983][ T1088] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  427.309197][ T1273] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  427.503539][T16219] loop1: detected capacity change from 0 to 32768
[  427.592843][ T1273] usb 6-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  427.597389][ T1273] usb 6-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  427.603669][ T1273] usb 6-1: config 0 interface 0 has no altsetting 0
[  427.608406][ T1273] usb 6-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[  427.612056][ T1273] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.661259][T16219] bcachefs (loop1): starting version 1.13: inode_has_child_snapshots opts=compression=lz4
[  427.661289][T16219]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  427.670897][T16219] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  427.674343][T16219] bcachefs (loop1): recovering from clean shutdown, journal seq 7
[  427.677547][T16219] bcachefs (loop1): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  427.677547][T16219]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  427.687363][ T1273] usb 6-1: config 0 descriptor??
[  427.718519][T16219] bcachefs (loop1): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[  427.723371][T16219] bcachefs (loop1): check_topology... done
[  427.727694][T16219] bcachefs (loop1): accounting_read... done
[  427.730879][T16219] bcachefs (loop1): alloc_read... done
[  427.733902][T16219] bcachefs (loop1): snapshots_read... done
[  427.737263][T16219] bcachefs (loop1): check_allocations...
[  427.748197][T16219] bcachefs (loop1): bucket 0:78 gen 0 has wrong data_type: got btree, should be need_discard, fixing
[  427.755835][T16219] bcachefs (loop1): bucket 0:78 gen 0 data type need_discard has wrong dirty_sectors: got 64, should be 0, fixing
[  427.772604][T16219]  done
[  427.782988][T16219] bcachefs (loop1): going read-write
[  427.809330][T16219] bcachefs (loop1): journal_replay... done
[  427.927409][T16219] bcachefs (loop1): check_lrus... done
[  427.931096][T16219] bcachefs (loop1): check_backpointers_to_extents... done
[  427.940484][T16219] bcachefs (loop1): check_extents_to_backpointers... done
[  427.945459][T16219] bcachefs (loop1): check_inodes... done
[  427.951714][T16219] bcachefs (loop1): resume_logged_ops... done
[  427.954851][T16219] bcachefs (loop1): delete_dead_inodes... done
[  427.965559][T16219] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  427.969144][T16219] bcachefs (loop1): check_extents_to_backpointers...
[  427.971197][T16219] bcachefs (loop1): scanning for missing backpointers in 1/512 buckets
[  427.980263][T16219]  done
[  427.990185][T16219] bcachefs (loop1): check_inodes... done
[  427.995048][T16219] bcachefs (loop1): resume_logged_ops... done
[  427.998868][T16219] bcachefs (loop1): delete_dead_inodes... done
[  428.006090][T16219] bcachefs (loop1): done starting filesystem
[  428.029624][T16219] syz.1.4055 (16219) used greatest stack depth: 14648 bytes left
[  428.062569][ T5938] bcachefs (loop1): shutting down
[  428.064577][ T5938] bcachefs (loop1): going read-only
[  428.066608][ T5938] bcachefs (loop1): finished waiting for writes to stop
[  428.076445][ T5938] bcachefs (loop1): flushing journal and stopping allocators, journal seq 16
[  428.085805][ T5938] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 17
[  428.091528][ T5938] bcachefs (loop1): clean shutdown complete, journal seq 18
[  428.095277][ T5938] bcachefs (loop1): marking filesystem clean
[  428.152074][ T5938] bcachefs (loop1): shutdown complete
[  428.158600][ T1273] uclogic 0003:5543:0064.0015: hidraw0: USB HID v0.00 Device [HID 5543:0064] on usb-dummy_hcd.5-1/input0
[  428.353891][ T5984] usb 6-1: USB disconnect, device number 14
[  429.179099][ T1273] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  429.209379][T16247] loop1: detected capacity change from 0 to 8
[  429.213734][T16247] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  429.220880][T16247] cramfs: Error -5 while decompressing!
[  429.224760][T16247] cramfs: ffffffff99be4628(26)->ffff888041131000(4096)
[  429.227720][T16247] cramfs: Error -3 while decompressing!
[  429.230010][T16247] cramfs: ffffffff99be4642(26)->ffff888041132000(4096)
[  429.243182][T16247] cramfs: Error -3 while decompressing!
[  429.245541][T16247] cramfs: ffffffff99be465c(16)->ffff888041133000(4096)
[  429.248287][T16247] cramfs: Error -5 while decompressing!
[  429.250443][T16247] cramfs: ffffffff99be4628(26)->ffff888041131000(4096)
[  429.306580][T16249] loop1: detected capacity change from 0 to 16
[  429.322049][T16249] erofs (device loop1): mounted with root inode @ nid 36.
[  429.341024][ T1273] usb 6-1: Using ep0 maxpacket: 16
[  429.344318][ T1273] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  429.347217][ T1273] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.362151][ T1273] usb 6-1: config 0 has no interface number 0
[  429.365972][ T1273] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  429.368713][ T1273] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.378615][ T1273] usb 6-1: Product: syz
[  429.379945][ T1273] usb 6-1: Manufacturer: syz
[  429.381358][ T1273] usb 6-1: SerialNumber: syz
[  429.394698][ T1273] usb 6-1: config 0 descriptor??
[  429.405469][ T1273] uvcvideo 6-1:0.105: probe with driver uvcvideo failed with error -22
[  429.635208][ T5984] usb 6-1: USB disconnect, device number 15
[  429.762150][T16255] loop1: detected capacity change from 0 to 32768
[  429.771745][T16255] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4066 (16255)
[  429.798312][T16255] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  429.803993][T16255] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  429.807975][T16255] BTRFS info (device loop1): using free-space-tree
[  429.864271][T16267] CIFS mount error: No usable UNC path provided in device string!
[  429.864271][T16267] 
[  429.870091][T16267] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  430.007739][ T5938] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  430.148539][T16284] 8021q: adding VLAN 0 to HW filter on device bond3
[  430.203208][T16284] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  430.240760][T16284] @: entered promiscuous mode
[  430.243113][T16284] bond_slave_1: entered promiscuous mode
[  430.253721][T16284] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  430.255129][T16289] loop1: detected capacity change from 0 to 128
[  430.272766][   T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  430.285791][T16289] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  430.290007][T16284] bond3: (slave macvlan2): Enslaving as a backup interface with a down link
[  430.303960][T16289] ext4 filesystem being mounted at /1218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  430.331592][T16289] EXT4-fs error (device loop1): ext4_validate_inode_bitmap:105: comm syz.1.4072: Corrupt inode bitmap - block_group = 0, inode_bitmap = 19
[  430.339107][T16284] bridge_slave_0: left promiscuous mode
[  430.341322][T16284] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.362936][T16284] bridge_slave_1: left allmulticast mode
[  430.365304][T16284] bridge_slave_1: left promiscuous mode
[  430.381113][T16284] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.411384][ T5938] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  430.427096][   T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  430.433319][T16284] bond0: (slave 1@): Releasing backup interface
[  430.448268][T16284] @: left promiscuous mode
[  430.460431][T16284] bond0: (slave bond_slave_1): Releasing backup interface
[  430.477042][T16284] bond_slave_1: left promiscuous mode
[  430.489908][T16284] team0: Port device team_slave_0 removed
[  430.497923][T16284] team0: Port device team_slave_1 removed
[  430.500391][T16284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.503283][T16284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  430.510280][T16284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.512842][T16284] batman_adv: batadv0: Removing interface: batadv_slave_1
[  430.515792][ T5984] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  430.530000][T16284] bond3: (slave ip6gretap1): Removing an active aggregator
[  430.534432][T16284] bond3: (slave ip6gretap1): Releasing backup interface
[  430.539278][T16284] bond3: (slave ip6gretap1): the permanent HWaddr of slave - b2:0b:57:f1:c6:ad - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  430.551376][T16284] bond3: (slave macvlan2): Releasing backup interface
[  430.568951][  T791] wg1 speed is unknown, defaulting to 1000
[  430.583163][ T5964] syz1: Port: 1 Link DOWN
[  430.700691][ T5984] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  430.703372][ T5984] usb 6-1: config 0 has no interface number 0
[  430.705295][ T5984] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  430.711037][ T5984] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  430.721727][ T5984] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  430.724868][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.749846][ T5984] usb 6-1: config 0 descriptor??
[  430.765945][ T5984] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  430.986876][T16287] iowarrior 6-1:0.1: Error -90 while submitting URB
[  430.991569][ T5984] usb 6-1: USB disconnect, device number 16
[  431.028417][ T1273] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  431.188898][ T1273] usb 2-1: Using ep0 maxpacket: 8
[  431.194456][ T1273] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  431.197912][ T1273] usb 2-1: config 0 has no interface number 0
[  431.201643][ T1273] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  431.205887][ T1273] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  431.212836][ T1273] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  431.217147][ T1273] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  431.222365][ T1273] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  431.226069][ T1273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.237439][ T1273] usb 2-1: config 0 descriptor??
[  431.246315][ T1273] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  431.473600][ T1273] usb 2-1: USB disconnect, device number 54
[  431.480477][ T1273] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  431.938474][ T5984] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  432.099850][ T5984] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  432.102953][ T5984] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  432.115605][ T5984] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  432.209204][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  432.212159][ T5984] usb 6-1: SerialNumber: syz
[  432.575989][ T5984] usb 6-1: 0:2 : does not exist
[  432.594192][ T5984] usb 6-1: USB disconnect, device number 17
[  432.612175][ T7408] udevd[7408]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  432.809291][T16370] loop1: detected capacity change from 0 to 32768
[  432.826006][T16370] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4110 (16370)
[  432.835612][T16370] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  432.839786][T16370] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  432.842785][T16370] BTRFS info (device loop1): using free-space-tree
[  432.896639][ T5938] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  433.306620][T16397] loop1: detected capacity change from 0 to 16
[  433.321261][T16397] erofs (device loop1): mounted with root inode @ nid 36.
[  433.618030][T16406] loop5: detected capacity change from 0 to 512
[  433.621427][T16406] EXT4-fs: Ignoring removed oldalloc option
[  433.632907][T16406] EXT4-fs (loop5): 1 truncate cleaned up
[  433.635887][T16406] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.758333][   T33] audit: type=1804 audit(1755120055.551:140): pid=16409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4118" name="/newroot/347/file1/file1" dev="loop5" ino=15 res=1 errno=0
[  434.174839][T16413] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4120'.
[  434.177703][T16413] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4120'.
[  434.180425][T16413] netlink: 21 bytes leftover after parsing attributes in process `syz.1.4120'.
[  434.883693][T16428] erspan1: entered allmulticast mode
[  434.945972][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.003818][T16432] netlink: 84 bytes leftover after parsing attributes in process `syz.1.4130'.
[  435.212647][T16436] loop1: detected capacity change from 0 to 32768
[  435.215850][T16436] jfs_mount: Failed to read AGGREGATE_I
[  435.217642][T16436] Mount JFS Failure: -5
[  435.225487][T16436] jfs_mount failed w/return code = -5
[  436.438640][T16461] sctp: [Deprecated]: syz.5.4141 (pid 16461) Use of int in maxseg socket option.
[  436.438640][T16461] Use struct sctp_assoc_value instead
[  436.456241][T16463] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  436.511925][T16444] loop1: detected capacity change from 0 to 131072
[  436.515914][T16444] F2FS-fs (loop1): Test dummy encryption mode enabled
[  436.518739][T16466] netlink: 830 bytes leftover after parsing attributes in process `syz.5.4143'.
[  436.537852][T16444] F2FS-fs (loop1): invalid crc value
[  436.575591][T16444] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  436.579488][T16444] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  436.597000][T16474] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  436.599394][T16474] IPv6: NLM_F_CREATE should be set when creating new route
[  436.627220][T16476] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4146'.
[  436.738832][T16444] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  436.886207][T16488] loop5: detected capacity change from 0 to 8192
[  436.939291][ T7408]  loop5: p3 < >
[  436.956394][T16488]  loop5: p3 < >
[  437.013311][ T7408] udevd[7408]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  437.024884][ T7408] udevd[7408]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  437.248491][T16506] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  437.363739][T16498] loop5: detected capacity change from 0 to 32768
[  437.372016][T16498] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4155 (16498)
[  437.396263][T16498] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  437.404251][T16510] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4150'.
[  437.407512][T16510] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4150'.
[  437.418129][T16498] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  437.427684][T16510] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4150'.
[  437.430915][T16498] BTRFS info (device loop5): disk space caching is enabled
[  437.438360][T16498] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  437.523158][T16498] BTRFS info (device loop5): rebuilding free space tree
[  437.538538][T16510] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4150'.
[  437.550000][T16498] BTRFS info (device loop5): disabling free space tree
[  437.556973][T16498] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  437.570686][T16498] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  437.773490][T13238] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  438.013374][T16533] loop5: detected capacity change from 0 to 4096
[  438.031669][T16533] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  438.035170][T16533] EXT4-fs (loop5): group descriptors corrupted!
[  438.726662][ T5984] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  438.901948][ T5984] usb 6-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  438.904977][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.907967][ T5984] usb 6-1: Product: syz
[  438.909357][ T5984] usb 6-1: Manufacturer: syz
[  438.910885][ T5984] usb 6-1: SerialNumber: syz
[  438.916200][ T5984] usb 6-1: config 0 descriptor??
[  439.138250][ T5984] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  439.146316][ T5984] asix 6-1:0.0: probe with driver asix failed with error -32
[  439.154401][ T5984] usb 6-1: USB disconnect, device number 18
[  439.451715][T16568] mmap: syz.1.4171 (16568): VmData 37470208 exceed data ulimit 9868. Update limits or use boot option ignore_rlimit_data.
[  439.878508][T16602] loop1: detected capacity change from 0 to 2048
[  439.909244][T16607] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  439.953165][T16602] NILFS error (device loop1): nilfs_dotdot: directory #12 missing '..'
[  439.969906][T16602] Remounting filesystem read-only
[  439.990609][ T5938] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  440.287705][ T5984] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  440.458175][ T5984] usb 2-1: Using ep0 maxpacket: 16
[  440.483128][ T5984] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  440.497494][ T5984] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  440.523261][ T5984] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  440.542929][ T5984] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.545747][ T5984] usb 2-1: Product: syz
[  440.549667][ T5984] usb 2-1: Manufacturer: syz
[  440.551927][ T5984] usb 2-1: SerialNumber: syz
[  440.572128][ T5984] usb 2-1: config 0 descriptor??
[  440.602011][ T5984] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  440.612087][ T5984] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  441.268892][ T5984] em28xx 2-1:0.0: chip ID is em2882/3
[  441.381347][T16650] __nla_validate_parse: 5 callbacks suppressed
[  441.381358][T16650] netlink: 312 bytes leftover after parsing attributes in process `syz.5.4199'.
[  441.592718][T16682] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4202'.
[  441.624361][ T5984] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  441.627156][T16661] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4202'.
[  441.630077][ T5984] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  441.632239][ T5984] em28xx 2-1:0.0: No AC97 audio processor
[  441.661051][ T5984] usb 2-1: USB disconnect, device number 55
[  441.663578][ T5984] em28xx 2-1:0.0: Disconnecting em28xx
[  441.680982][ T5984] em28xx 2-1:0.0: Freeing device
[  441.766772][T16697] loop5: detected capacity change from 0 to 1024
[  441.801354][T16697] hfsplus: invalid btree flag
[  441.803079][T16697] hfsplus: failed to load extents file
[  441.904193][T16716] netlink: 'syz.5.4208': attribute type 24 has an invalid length.
[  442.158232][T16725] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4210'.
[  442.331304][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  442.333700][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  442.510800][T16727] loop1: detected capacity change from 0 to 32768
[  442.522827][T16727] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  442.555603][T16727] XFS (loop1): Ending clean mount
[  442.564075][T16727] XFS (loop1): Quotacheck needed: Please wait.
[  442.607581][T16727] XFS (loop1): Quotacheck: Done.
[  442.751964][T11420] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  443.631733][T15309] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  443.736571][T15309] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  443.746167][T15309] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  443.759754][T15309] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  443.767508][T15309] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  444.038557][T16762] wg1 speed is unknown, defaulting to 1000
[  444.366641][   T13] bridge_slave_1: left allmulticast mode
[  444.368480][   T13] bridge_slave_1: left promiscuous mode
[  444.374547][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.382923][   T13] bridge_slave_0: left allmulticast mode
[  444.384721][   T13] bridge_slave_0: left promiscuous mode
[  444.389189][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.565536][T16884] loop5: detected capacity change from 0 to 32768
[  444.570661][T16884] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4225 (16884)
[  444.600718][T16884] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  444.604447][T16884] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  444.608894][T16884] BTRFS info (device loop5): using free-space-tree
[  444.671818][   T13] erspan0 (unregistering): left promiscuous mode
[  444.711886][   T13] gretap0 (unregistering): left promiscuous mode
[  444.711923][T16884] BTRFS info (device loop5): rebuilding free space tree
[  444.799679][   T13] team0: Port device geneve0 removed
[  444.878472][T13238] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  445.261589][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  445.265723][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  445.269753][   T13] bond0 (unregistering): Released all slaves
[  445.279866][   T13] bond1 (unregistering): Released all slaves
[  445.287713][   T13] bond2 (unregistering): Released all slaves
[  445.443450][T16917] loop5: detected capacity change from 0 to 32768
[  445.467678][T16762] chnl_net:caif_netlink_parms(): no params data found
[  445.510279][T16917] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  445.543153][T16917] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #2304 has bad signature 
[  445.553267][T16917] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  445.557233][T16917] OCFS2: File system is now read-only.
[  445.559501][T16917] (syz.5.4227,16917,1):ocfs2_search_chain:1852 ERROR: status = -30
[  445.563381][T16917] (syz.5.4227,16917,1):ocfs2_search_chain:1940 ERROR: status = -30
[  445.567991][T16917] (syz.5.4227,16917,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[  445.571268][T16917] (syz.5.4227,16917,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  445.574551][T16917] (syz.5.4227,16917,1):__ocfs2_claim_clusters:2438 ERROR: status = -30
[  445.577881][T16917] (syz.5.4227,16917,1):__ocfs2_claim_clusters:2446 ERROR: status = -30
[  445.581274][T16917] (syz.5.4227,16917,1):ocfs2_local_alloc_new_window:1199 ERROR: status = -30
[  445.584665][T16917] (syz.5.4227,16917,1):ocfs2_local_alloc_new_window:1224 ERROR: status = -30
[  445.588208][T16917] (syz.5.4227,16917,1):ocfs2_local_alloc_slide_window:1298 ERROR: status = -30
[  445.591963][T16917] (syz.5.4227,16917,1):ocfs2_local_alloc_slide_window:1317 ERROR: status = -30
[  445.597777][T16917] (syz.5.4227,16917,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30
[  445.601410][T16917] (syz.5.4227,16917,1):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[  445.605556][T16917] (syz.5.4227,16917,1):ocfs2_reserve_clusters_with_limit:1172 ERROR: status = -30
[  445.609214][T16917] (syz.5.4227,16917,1):ocfs2_reserve_clusters_with_limit:1221 ERROR: status = -30
[  445.612940][T16917] (syz.5.4227,16917,1):ocfs2_expand_inline_dir:2864 ERROR: status = -30
[  445.616068][T16917] (syz.5.4227,16917,1):ocfs2_extend_dir:3211 ERROR: status = -30
[  445.619154][T16917] (syz.5.4227,16917,1):ocfs2_prepare_dir_for_insert:4316 ERROR: status = -30
[  445.623563][T16917] (syz.5.4227,16917,1):ocfs2_symlink:1879 ERROR: status = -30
[  445.626546][T16917] (syz.5.4227,16917,1):ocfs2_symlink:2080 ERROR: status = -30
[  445.672768][T13238] (syz-executor,13238,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  445.695213][T13238] ocfs2: Unmounting device (7,5) on (node local)
[  445.816409][T16762] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.820817][T16762] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.823232][T16762] bridge_slave_0: entered allmulticast mode
[  445.828619][T16762] bridge_slave_0: entered promiscuous mode
[  445.832321][T16762] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.838620][T16762] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.841091][T16762] bridge_slave_1: entered allmulticast mode
[  445.844095][T16762] bridge_slave_1: entered promiscuous mode
[  445.941005][T16762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.953942][T16762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.180322][T15309] Bluetooth: hci2: command tx timeout
[  446.218377][T17034] block device autoloading is deprecated and will be removed.
[  446.222215][T17034] bio_check_eod: 25 callbacks suppressed
[  446.222227][T17034] syz.5.4229: attempt to access beyond end of device
[  446.222227][T17034] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  446.291822][T16762] team0: Port device team_slave_0 added
[  446.301655][T16762] team0: Port device team_slave_1 added
[  446.356395][T16762] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.361208][T16762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.372532][T16762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.377874][T16762] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.382261][T16762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.390478][T16762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.503247][T16762] hsr_slave_0: entered promiscuous mode
[  446.505812][T16762] hsr_slave_1: entered promiscuous mode
[  446.509267][T16762] debugfs: 'hsr0' already exists in 'hsr'
[  446.511172][T16762] Cannot create hsr debugfs directory
[  446.802134][T16762] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  446.827104][T16762] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  446.870479][T16762] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  446.881560][T16762] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  446.963705][   T13] : left promiscuous mode
[  447.212395][   T13] tipc: Disabling bearer <eth:vlan0>
[  447.248491][   T13] tipc: Left network mode
[  447.371597][T16762] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.392409][T16762] 8021q: adding VLAN 0 to HW filter on device team0
[  447.510854][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.514094][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.604450][   T84] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.607483][   T84] bridge0: port 2(bridge_slave_1) entered forwarding state
[  448.197776][   T13] batadv_slave_1: left promiscuous mode
[  448.213914][   T13] hsr_slave_0: left promiscuous mode
[  448.222982][   T13] hsr_slave_1: left promiscuous mode
[  448.227452][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  448.238957][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  448.398353][T15309] Bluetooth: hci2: command tx timeout
[  448.975974][   T13] team0 (unregistering): Port device team_slave_1 removed
[  449.044951][   T13] team0 (unregistering): Port device team_slave_0 removed
[  449.524490][T17284] tipc: Started in network mode
[  449.526249][T17284] tipc: Node identity c, cluster identity 4711
[  449.528274][T17284] tipc: Node number set to 12
[  449.659617][T16762] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.985857][T16762] veth0_vlan: entered promiscuous mode
[  450.023044][T16762] veth1_vlan: entered promiscuous mode
[  450.040174][T17319] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4258'.
[  450.094088][T16762] veth0_macvtap: entered promiscuous mode
[  450.108260][T16762] veth1_macvtap: entered promiscuous mode
[  450.137361][T16762] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.150844][T16762] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.160014][   T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.162801][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.175709][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.180752][   T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.256929][ T3209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.262669][ T3209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.288953][ T3075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.291379][ T3075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.400889][ T1273] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  450.581428][ T1273] usb 6-1: Using ep0 maxpacket: 16
[  450.585209][ T1273] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  450.588012][ T1273] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  450.605220][ T1273] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  450.611399][ T1273] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  450.616347][T15309] Bluetooth: hci2: command tx timeout
[  450.627234][ T1273] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.641080][ T1273] usb 6-1: Product: syz
[  450.642550][ T1273] usb 6-1: Manufacturer: syz
[  450.644115][ T1273] usb 6-1: SerialNumber: syz
[  450.721118][T17353] loop6: detected capacity change from 0 to 32768
[  450.736084][T17353] XFS: attr2 mount option is deprecated.
[  450.738458][T17353] XFS: attr2 mount option is deprecated.
[  450.793453][T17353] XFS (loop6): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  450.848339][T16762] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  451.103030][ T1273] usb 6-1: 0:2 : does not exist
[  451.235842][T17397] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  451.641909][ T5984] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  451.758858][ T1273] usb 6-1: 1:0: failed to get current value for ch 0 (-22)
[  451.789432][ T1273] usb 6-1: USB disconnect, device number 19
[  451.805056][ T5984] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  451.809325][ T5984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  451.823546][ T7408] udevd[7408]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  451.828663][ T5984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  452.243756][ T5984] usb 7-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  452.252774][ T5984] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.256219][ T5984] usb 7-1: Product: syz
[  452.258257][ T5984] usb 7-1: Manufacturer: syz
[  452.260523][ T5984] usb 7-1: SerialNumber: syz
[  452.274539][ T5984] usb 7-1: config 0 descriptor??
[  453.380395][T17454] loop5: detected capacity change from 0 to 32768
[  453.571360][T17454] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow,no_data_io
[  453.571384][T17454]   allowing incompatible features above 0.0: (unknown version)
[  453.571393][T17454]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  453.587090][T17454] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  453.590439][T17454] bcachefs (loop5): recovering from clean shutdown, journal seq 10
[  453.593763][T17454] bcachefs (loop5): Version upgrade required:
[  453.593763][T17454] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  453.593763][T17454] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  453.593763][T17454]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  453.621971][T17454] bcachefs (loop5): dropping and reconstructing all alloc info
[  453.651641][T17454] bcachefs (loop5): accounting_read... done
[  453.655294][T17454] bcachefs (loop5): alloc_read... done
[  453.658087][T17454] bcachefs (loop5): snapshots_read... done
[  453.661537][T17454] bcachefs (loop5): done starting filesystem
[  453.905635][T13238] bcachefs (loop5): shutting down
[  453.989538][T13238] bcachefs (loop5): shutdown complete
[  454.310282][T17506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4289'.
[  454.313636][T17506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4289'.
[  455.591126][   T33] audit: type=1326 audit(1755120075.961:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.616221][   T33] audit: type=1326 audit(1755120075.961:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.640993][   T33] audit: type=1326 audit(1755120075.971:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.649820][   T33] audit: type=1326 audit(1755120075.971:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.658161][   T33] audit: type=1326 audit(1755120075.971:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.668252][   T33] audit: type=1326 audit(1755120075.971:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  455.678163][   T33] audit: type=1326 audit(1755120075.971:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17514 comm="syz.2.4292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff59e38ebe9 code=0x7ffc0000
[  456.134033][T17533] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  456.193745][T17536] loop5: detected capacity change from 0 to 1024
[  456.197550][T17536] EXT4-fs: Ignoring removed oldalloc option
[  456.199525][T17536] EXT4-fs: Ignoring removed orlov option
[  456.203038][T17536] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  456.226586][T17536] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  456.283949][T17536] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  456.346966][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.779693][T17576] loop5: detected capacity change from 0 to 128
[  456.810180][T17576] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[  456.914436][T17585] loop5: detected capacity change from 0 to 8
[  456.918634][T17585] SQUASHFS error: zlib decompression failed, data probably corrupt
[  456.921141][T17585] SQUASHFS error: Failed to read block 0x9b: -5
[  456.923081][T17585] SQUASHFS error: Unable to read metadata cache entry [99]
[  456.925236][T17585] SQUASHFS error: Unable to read inode 0x127
[  457.625347][T17630] loop5: detected capacity change from 0 to 1024
[  457.647425][T17630] EXT4-fs: Ignoring removed orlov option
[  457.700606][T17630] EXT4-fs (loop5): Test dummy encryption mode enabled
[  457.718147][T17630] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  457.767052][T17630] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.808219][T17637] netlink: 788 bytes leftover after parsing attributes in process `syz.6.4326'.
[  457.912830][T13238] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  458.238035][T17662] loop5: detected capacity change from 0 to 256
[  458.259810][T17662] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  458.419415][T17674] wg1 speed is unknown, defaulting to 1000
[  459.273837][T17722] loop5: detected capacity change from 0 to 4096
[  459.450137][T17722] ntfs3(loop5): ino=18, mi_enum_attr
[  459.451980][T17722] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  459.455362][T17722] ntfs3(loop5): ino=1a, mi_enum_attr
[  459.837718][T17746] tmpfs: Bad value for 'mpol'
[  459.879686][T17750] netlink: 136 bytes leftover after parsing attributes in process `syz.5.4347'.
[  460.522251][ T1087] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  461.675727][T17785] loop5: detected capacity change from 0 to 32768
[  461.697375][T17801] syz.2.4362 (17801): attempted to duplicate a private mapping with mremap.  This is not supported.
[  461.707665][T17785] (syz.5.4357,17785,1):ocfs2_sb_probe:759 ERROR: incompatible version: 2.33686018
[  461.717445][T17785] (syz.5.4357,17785,1):ocfs2_sb_probe:772 ERROR: This is an ocfs v1 filesystem which must be upgraded before mounting with ocfs v2
[  461.735717][T17785] (syz.5.4357,17785,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  461.740842][T17785] (syz.5.4357,17785,1):ocfs2_fill_super:1177 ERROR: status = -22
[  463.994886][T17845] loop5: detected capacity change from 0 to 32768
[  464.066619][T17845] read_mapping_page failed!
[  464.068775][T17845] ERROR: (device loop5): txCommit: 
[  464.068775][T17845] 
[  464.101858][T17845] ERROR: (device loop5): remounting filesystem as read-only
[  464.517012][T17036] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.611904][T17036] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.694151][T17036] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.779389][T17036] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode
[  464.795368][T17036] team0: Port device netdevsim0 removed
[  464.801308][T17036] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.001446][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  465.010641][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  465.019592][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  465.030053][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  465.032678][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  465.192197][T17919] wg1 speed is unknown, defaulting to 1000
[  465.537040][T17968] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  465.937926][T17036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  465.943397][T17036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  465.948967][T17036] bond0 (unregistering): Released all slaves
[  465.959686][T17036] bond1 (unregistering): Released all slaves
[  466.161768][T17036] bond2 (unregistering): Released all slaves
[  466.346837][T17036] tipc: Left network mode
[  466.732572][T17036] hsr_slave_0: left promiscuous mode
[  466.738163][T17036] hsr_slave_1: left promiscuous mode
[  466.740934][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  466.743562][T17036] batman_adv: batadv0: Removing interface: batadv_slave_0
[  466.749886][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  466.752849][T17036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  466.793699][T17036] veth1_macvtap: left promiscuous mode
[  466.795838][T17036] veth0_macvtap: left promiscuous mode
[  466.797661][T17036] veth1_vlan: left allmulticast mode
[  466.799450][T17036] veth1_vlan: left promiscuous mode
[  467.008116][T17036] team0 (unregistering): Port device macvlan1 removed
[  467.093091][T18092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4407'.
[  467.219148][ T5941] Bluetooth: hci1: command tx timeout
[  467.488755][T17036] team0 (unregistering): Port device team_slave_1 removed
[  467.565784][T17036] team0 (unregistering): Port device team_slave_0 removed
[  467.823927][T18096] netlink: 'syz.2.4409': attribute type 1 has an invalid length.
Connection to localhost closed by remote host.
[  469.430678][ T5941] Bluetooth: hci1: command tx timeout
[  469.699543][T17036] IPVS: stop unused estimator thread 0...
[  469.815550][T17036] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.918703][T17036] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.018361][T17036] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.073779][T17036] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.244876][T17036] bridge_slave_1: left allmulticast mode
[  470.246688][T17036] bridge_slave_1: left promiscuous mode
[  470.248578][T17036] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.257144][T17036] bridge_slave_0: left allmulticast mode
[  470.258953][T17036] bridge_slave_0: left promiscuous mode
[  470.260761][T17036] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.803390][T17036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  470.807748][T17036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  470.812624][T17036] bond0 (unregistering): Released all slaves
[  471.191332][T17036] hsr_slave_0: left promiscuous mode
[  471.194467][T17036] hsr_slave_1: left promiscuous mode
[  471.199404][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.201804][T17036] batman_adv: batadv0: Removing interface: batadv_slave_0
[  471.208454][T17036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  471.211159][T17036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  471.240735][T17036] veth1_macvtap: left promiscuous mode
[  471.242737][T17036] veth0_macvtap: left promiscuous mode
[  471.244597][T17036] veth1_vlan: left promiscuous mode
[  471.248416][T17036] veth0_vlan: left promiscuous mode
[  471.853346][T17036] team0 (unregistering): Port device team_slave_1 removed
[  471.908512][T17036] team0 (unregistering): Port device team_slave_0 removed
[  473.002424][T17036] bond0 (unregistering): Released all slaves
[  474.475032][ T5984] iguanair 7-1:0.0: failed to get version
[  474.477301][ T5984] iguanair 7-1:0.0: probe with driver iguanair failed with error -110
[  474.516488][ T5984] usb 7-1: USB disconnect, device number 2

VM DIAGNOSIS:
21:21:41  Registers:
info registers vcpu 0

CPU#0
RAX=62388bafe56e6e00 RBX=ffffffff81968308 RCX=62388bafe56e6e00 RDX=0000000000000001
RSI=ffffffff8d9b4408 RDI=ffffffff8be32600 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa34230 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7893f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8623000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5830b8f440 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f XMM01=2f6463706368642f 6e75722f7261762f
XMM02=0000000000ff0000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=04855ba1a348aa00 RBX=ffffffff81968308 RCX=04855ba1a348aa00 RDX=0000000000000001
RSI=ffffffff8d9b4408 RDI=ffffffff8be32600 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa34230 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d0000
RIP=ffffffff8b7893f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c23000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd09d18000 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=ffffffffffffffff ff00000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=2020202020202020 2020202020202020
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
