last executing test programs:

23.048917889s ago: executing program 1 (id=1649):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xbd, 0x2, 0xc4, 0x40, 0x856, 0xac31, 0x931e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd2, 0xc8, 0x7f}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000540)={0x1c, &(0x7f00000000c0)={0x0, 0x0, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0, 0x0})

21.212951361s ago: executing program 1 (id=1655):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x10001, @local, 0x5}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000001780)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x18, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}], 0x18}}], 0x1, 0x4880)

21.124757365s ago: executing program 1 (id=1656):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000440)='./file0\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES64], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x8c)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000040))

20.637884021s ago: executing program 1 (id=1658):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000400), 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020)

19.875587274s ago: executing program 1 (id=1661):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x0, 0x100c40, 0x5, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x1, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x7, 0xff})

19.369019191s ago: executing program 1 (id=1668):
unshare(0x2c020400)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)

19.18371416s ago: executing program 32 (id=1668):
unshare(0x2c020400)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)

2.315662129s ago: executing program 0 (id=1836):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000400)={0x2, 0x0, {&(0x7f0000000900)=""/184, 0xb8, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000039c0)={0x2, 0x0, {&(0x7f0000000680)=""/184, 0xfffffefd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000380)={0x2, 0x0, {&(0x7f0000000740)=""/212, 0xd4, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000004c0)={0x2, 0x0, {&(0x7f0000001080)=""/185, 0xb9, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)

2.253912802s ago: executing program 0 (id=1837):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='signal_generate\x00', r0}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f00000006c0)={{}, {0x0, 0x9}}, 0x0)

2.253730559s ago: executing program 0 (id=1838):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x268, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x2}]}}, 0x0}, 0x0)

1.314311516s ago: executing program 2 (id=1845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a01040000000000000000020000000900020073797a32000000000900010073797a30000000000c000640"], 0x60}, 0x1, 0x0, 0x0, 0x40090}, 0x0)

1.212720575s ago: executing program 2 (id=1847):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x43}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x4a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

1.106999858s ago: executing program 2 (id=1850):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, 0x12, 0x1, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x3, "11000000"}]}, 0x54}}, 0x0)

1.053559238s ago: executing program 2 (id=1852):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="60000000020601020000000000000000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000040008001240fffffffa11000300686173683a6e65742c6e657400000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

987.483073ms ago: executing program 3 (id=1853):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000003c0)='%pI4   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0xe, 0x48000000, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

987.06438ms ago: executing program 2 (id=1854):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000040)={0x4, 0x6, 0x10001, 0x0, 0x1, 0xfffffffffffffffd, 0x27, 0x36a, 0xffffffff})

885.869895ms ago: executing program 3 (id=1855):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x328})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa08, &(0x7f0000000000)={{&(0x7f00006ff000/0x1000)=nil, 0x1000}})

885.602678ms ago: executing program 3 (id=1856):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r0, 0x8b22, &(0x7f0000000040))

807.482168ms ago: executing program 3 (id=1857):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x5})
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000008c0)={0x53, 0x2, 0x6, 0x40, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000800)="8a46afddbe33", 0x0, 0x5, 0x31, 0x1, 0x0})

756.081003ms ago: executing program 3 (id=1858):
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
fcntl$addseals(r0, 0x409, 0xc)

704.878784ms ago: executing program 3 (id=1859):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

616.438007ms ago: executing program 0 (id=1860):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="38000000070a010300000000000000000a0040010900010073797a31000000000900020073797a32"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x8004)

546.046804ms ago: executing program 0 (id=1861):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f00005e2000/0x3000)=nil, 0x2)

216.392495ms ago: executing program 0 (id=1862):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1000400, &(0x7f0000000280)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@usrquota}, {@nodiscard}, {@uid}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

0s ago: executing program 2 (id=1863):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000180)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@rescan_uuid_tree}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

kernel console output (not intermixed with test programs):

][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.116728][   T47] usb 3-1: config 0 descriptor??
[  184.540654][   T47] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  184.833338][ T9068] loop0: detected capacity change from 0 to 164
[  184.870138][ T9066] loop1: detected capacity change from 0 to 40427
[  184.872626][ T9068] iso9660: Corrupted directory entry in block 2 of inode 1792
[  184.881205][ T9066] F2FS-fs: heap/no_heap options were deprecated
[  184.884438][ T9066] F2FS-fs (loop1): build fault injection rate: 19
[  184.887817][ T9066] F2FS-fs (loop1): build fault injection type: 0x7
[  184.897475][ T9066] F2FS-fs (loop1): invalid crc value
[  184.901425][ T9066] F2FS-fs (loop1): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  184.904210][ T9066] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-12)
[  185.051790][    T9] usb 3-1: USB disconnect, device number 19
[  185.216133][ T6008] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  185.366296][ T6008] usb 1-1: Using ep0 maxpacket: 8
[  185.377631][ T6008] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  185.380705][ T6008] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.394885][ T6008] usb 1-1: Product: syz
[  185.399800][ T6008] usb 1-1: Manufacturer: syz
[  185.401699][ T6008] usb 1-1: SerialNumber: syz
[  185.408884][ T6008] usb 1-1: config 0 descriptor??
[  185.433913][ T6008] gspca_main: sq930x-2.14.0 probing 2770:930c
[  185.624837][ T6008] gspca_sq930x: reg_r 001f failed -71
[  185.634838][ T6008] sq930x 1-1:0.0: probe with driver sq930x failed with error -71
[  185.647891][ T6008] usb 1-1: USB disconnect, device number 18
[  186.327387][   T47] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  186.488085][   T47] usb 3-1: config 255 has an invalid interface number: 215 but max is 0
[  186.491424][   T47] usb 3-1: config 255 has no interface number 0
[  186.493897][   T47] usb 3-1: config 255 interface 215 has no altsetting 0
[  186.502080][   T47] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=7d.01
[  186.505617][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.509017][   T47] usb 3-1: Product: syz
[  186.510680][   T47] usb 3-1: Manufacturer: syz
[  186.512477][   T47] usb 3-1: SerialNumber: syz
[  186.531017][ T9107] ip6gre1: entered allmulticast mode
[  186.739913][   T47] usb 3-1: NFC: intf ffff8881080bc000 id ffffffff8eb543e0
[  186.758992][   T47] usb 3-1: USB disconnect, device number 20
[  186.810685][ T9114] loop0: detected capacity change from 0 to 4096
[  186.819678][ T9114] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  186.831824][ T9114] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  186.849623][ T9114] ntfs3(loop0): Failed to load $Bitmap (-22).
[  186.950018][ T9123] loop1: detected capacity change from 0 to 128
[  186.957562][ T9123] EXT4-fs (loop1): Test dummy encryption mode enabled
[  186.966169][ T9123] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  186.973440][ T9123] ext4 filesystem being mounted at /420/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.988635][ T9123] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  187.045832][ T5852] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.472606][ T9136] loop2: detected capacity change from 0 to 128
[  187.506311][ T9130] loop1: detected capacity change from 0 to 32768
[  187.511869][ T9130] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 38) overruns end of section
[  187.511869][ T9130] clean (size 2912):
[  187.511869][ T9130] flags:          0
[  187.511869][ T9130] journal_seq:    8
[  187.511869][ T9130]                            log: 
[  187.511869][ T9130] usage: type=key_version v=0
[  187.511869][ T9130] usage: type=reserved v=0
[  187.511869][ T9130] usage: type=reserved v=0
[  187.511869][ T9130] usage: type=reserved v=0
[  187.511869][ T9130] usage: type=reserved v=0
[  187.511869][ T9130] data_usage: btree: 1/1 [0]=2816
[  187.511869][ T9130] data_usage: journal: 1/1 [0]=0
[  187.511869][ T9130] 
[  187.532621][    C0] vkms_vblank_simulate: vblank timer overrun
[  187.539196][ T9130] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  187.646686][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.646686][ T9141] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[  187.667107][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.667107][ T9141] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  187.672002][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.672002][ T9141] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[  187.686807][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.686807][ T9141] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[  187.706697][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.706697][ T9141] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[  187.720381][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.720381][ T9141] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[  187.746884][ T9141] syz.2.1209: attempt to access beyond end of device
[  187.746884][ T9141] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[  188.008003][ T9154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1217'.
[  188.011336][ T9154] netlink: 'syz.0.1217': attribute type 30 has an invalid length.
[  188.014288][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1217'.
[  188.345444][ T9161] loop0: detected capacity change from 0 to 512
[  188.356295][ T9161] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  188.365305][ T9161] EXT4-fs (loop0): invalid journal inode
[  188.368281][ T9161] EXT4-fs (loop0): can't get journal size
[  188.382952][ T9161] EXT4-fs (loop0): 1 truncate cleaned up
[  188.386045][ T9156] loop1: detected capacity change from 0 to 32768
[  188.398455][ T9161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.421113][ T9156] (syz.1.1213,9156,1):ocfs2_load_local_alloc:339 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  188.421113][ T9156] found = 2, set = 0, taken = 0, off = 0
[  188.428315][ T9156] (syz.1.1213,9156,1):ocfs2_load_local_alloc:356 ERROR: status = -22
[  188.430988][ T9156] (syz.1.1213,9156,1):ocfs2_check_volume:2404 ERROR: status = -22
[  188.434253][ T9156] (syz.1.1213,9156,1):ocfs2_check_volume:2432 ERROR: status = -22
[  188.437930][ T9156] (syz.1.1213,9156,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  188.451251][ T9156] (syz.1.1213,9156,1):ocfs2_fill_super:1177 ERROR: status = -22
[  188.470857][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.175807][ T9187] loop2: detected capacity change from 0 to 128
[  189.406401][ T9200] MPI: mpi too large (107144 bits)
[  189.636031][ T9213] loop1: detected capacity change from 0 to 128
[  189.681600][ T9213] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  189.705885][ T9213] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  189.725724][ T9213] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.1242: checksumming directory block 0
[  189.762235][ T9213] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.1242: checksumming directory block 0
[  189.822260][ T5852] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  189.877274][ T9224] loop2: detected capacity change from 0 to 128
[  189.907229][ T9228] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  190.034874][ T9232] net_ratelimit: 10 callbacks suppressed
[  190.034906][ T9232] openvswitch: netlink: IPv4 tun info is not correct
[  190.196700][ T9248] misc userio: No port type given on /dev/userio
[  190.277676][ T6008] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  190.337164][ T5914] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  190.427110][ T6008] usb 2-1: Using ep0 maxpacket: 16
[  190.431011][ T6008] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.435558][ T6008] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  190.441025][ T6008] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.446589][ T6008] usb 2-1: config 0 descriptor??
[  190.487517][ T5914] usb 1-1: Using ep0 maxpacket: 32
[  190.492353][ T5914] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  190.496077][ T5914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.503585][ T5914] usb 1-1: config 0 descriptor??
[  190.511258][ T5914] gspca_main: nw80x-2.14.0 probing 055f:d001
[  190.863565][ T6008] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:05AC:8241.000B/input/input10
[  190.960801][ T6008] appleir 0003:05AC:8241.000B: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  191.058758][ T5946] usb 2-1: USB disconnect, device number 29
[  191.131699][ T6008] usb 1-1: USB disconnect, device number 19
[  191.230126][ T9260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1264'.
[  191.293256][ T5857] Bluetooth: hci2: link tx timeout
[  191.296308][ T5857] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  191.302419][ T5857] Bluetooth: hci2: link tx timeout
[  191.304511][ T5857] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  191.532523][ T9267] loop2: detected capacity change from 0 to 32768
[  191.547274][ T9267] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  191.599697][ T9267] XFS (loop2): Ending clean mount
[  191.616944][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  191.619707][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  191.623715][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[  191.658380][ T5853] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  191.772826][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1271'.
[  191.779913][ T9285] random: crng reseeded on system resumption
[  192.009597][ T9292] loop2: detected capacity change from 0 to 1024
[  192.079402][ T9292] hfsplus: invalid length 65281 has been corrected to 255
[  192.202857][ T9298] af_packet: tpacket_rcv: packet too big, clamped from 122 to 4294967286. macoff=82
[  192.207561][ T9298] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  192.346046][ T9289] loop1: detected capacity change from 0 to 32768
[  192.395583][ T9289] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  192.488486][ T9289] XFS (loop1): Ending clean mount
[  192.511977][ T9289] XFS (loop1): Quotacheck needed: Please wait.
[  192.573553][ T9289] XFS (loop1): Quotacheck: Done.
[  192.659579][ T5852] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  192.663107][   T33] audit: type=1326 audit(1757319043.711:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9322 comm="syz.2.1286" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd0b1d8ebe9 code=0x0
[  193.057532][   T47] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  193.187520][   T24] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  193.220070][   T47] usb 1-1: config 0 has an invalid interface number: 237 but max is 0
[  193.223405][   T47] usb 1-1: config 0 has no interface number 0
[  193.226020][   T47] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  193.232811][   T47] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  193.236760][   T47] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  193.241306][   T47] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  193.248015][   T47] usb 1-1: New USB device found, idVendor=045e, idProduct=84bd, bcdDevice=89.b6
[  193.251867][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.255169][   T47] usb 1-1: Product: syz
[  193.256882][   T47] usb 1-1: Manufacturer: syz
[  193.259474][   T47] usb 1-1: SerialNumber: syz
[  193.263471][   T47] usb 1-1: config 0 descriptor??
[  193.272952][   T47] xpad 1-1:0.237: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  193.277737][   T47] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.237/input/input11
[  193.350278][   T24] usb 2-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[  193.355038][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.361087][   T24] usb 2-1: Product: syz
[  193.362805][   T24] usb 2-1: Manufacturer: syz
[  193.365232][   T24] usb 2-1: SerialNumber: syz
[  193.478233][ T6008] usb 1-1: USB disconnect, device number 20
[  193.581286][   T24] gspca_main: pac207-2.14.0 probing 093a:2476
[  193.584370][   T24] gspca_pac207: Failed to read a register (index 0x0000, error -71)
[  193.588251][   T24] uvcvideo 2-1:13.0: probe with driver uvcvideo failed with error -22
[  193.599799][   T24] usb 2-1: USB disconnect, device number 30
[  193.687897][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  193.897836][   T47] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[  194.051208][   T47] usb 3-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[  194.054804][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.064408][   T47] usb 3-1: config 0 descriptor??
[  194.077374][   T47] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[  194.274922][   T47] pwc: Failed to set LED on/off time (-71)
[  194.279203][   T47] pwc: send_video_command error -71
[  194.281423][   T47] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  194.284519][   T47] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  194.290486][   T47] usb 3-1: USB disconnect, device number 21
[  194.340859][ T6008] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  194.397806][    T9] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  194.487869][ T6008] usb 1-1: Using ep0 maxpacket: 8
[  194.496518][ T6008] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  194.500488][ T6008] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.503869][ T6008] usb 1-1: Product: syz
[  194.505575][ T6008] usb 1-1: Manufacturer: syz
[  194.507462][ T6008] usb 1-1: SerialNumber: syz
[  194.517846][ T6008] usb 1-1: config 0 descriptor??
[  194.548024][    T9] usb 2-1: Using ep0 maxpacket: 8
[  194.559651][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  194.563304][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.566459][    T9] usb 2-1: Product: syz
[  194.572259][    T9] usb 2-1: Manufacturer: syz
[  194.574231][    T9] usb 2-1: SerialNumber: syz
[  194.580459][    T9] usb 2-1: config 0 descriptor??
[  194.789631][    T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  194.881662][ T9349] orangefs_devreq_open: device cannot be opened in blocking mode
[  194.929315][ T9351] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1298'.
[  194.935565][ T6008] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  194.948151][ T6008] gspca_sunplus: reg_w_riv err -71
[  194.950758][ T6008] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  194.958383][ T6008] usb 1-1: USB disconnect, device number 21
[  195.456111][ T9361] loop2: detected capacity change from 0 to 32768
[  195.481297][ T9361] XFS (loop2): Metadata CRC error detected at xfs_sb_read_verify+0x2ec/0x400, xfs_sb block 0x0 
[  195.485488][ T9361] XFS (loop2): Unmount and run xfs_repair
[  195.514545][ T9361] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  195.517912][ T9361] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00  XFSB.......... .
[  195.521512][ T9361] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  195.525416][ T9361] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  195.529660][ T9361] 00000030: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 24 40  ....... ......$@
[  195.533235][ T9361] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42  ......$A......$B
[  195.536866][ T9361] 00000050: 00 00 00 02 00 00 20 00 00 00 00 01 00 00 00 00  ...... .........
[  195.541124][ T9361] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00  ................
[  195.544687][ T9361] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32  ...............2
[  195.549405][ T9361] XFS (loop2): SB validate failed with error -74.
[  195.648828][ T9370] loop0: detected capacity change from 0 to 8
[  195.861941][ T9376] loop0: detected capacity change from 0 to 512
[  195.865633][ T9376] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  195.885507][ T9376] EXT4-fs (loop0): 1 truncate cleaned up
[  195.890231][ T9376] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.974894][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.020052][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  196.056134][    T9] usb 2-1: USB disconnect, device number 31
[  196.617533][ T9404] loop1: detected capacity change from 0 to 16
[  196.624512][ T9404] erofs (device loop1): mounted with root inode @ nid 36.
[  196.636026][ T9402] loop0: detected capacity change from 0 to 4096
[  196.647379][ T9402] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  196.677661][ T9402] ntfs3(loop0): $AttrDef is corrupted.
[  197.004838][ T9423] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1328'.
[  197.263768][ T9430] loop0: detected capacity change from 0 to 256
[  197.267271][ T9430] exfat: Deprecated parameter 'utf8'
[  197.281405][ T9428] loop2: detected capacity change from 0 to 40427
[  197.300283][ T9428] F2FS-fs (loop2): Image doesn't support compression
[  197.302430][ T9428] F2FS-fs (loop2): build fault injection rate: 690
[  197.306493][ T9430] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  197.320594][ T9428] F2FS-fs (loop2): invalid crc value
[  197.358811][ T9426] loop1: detected capacity change from 0 to 32768
[  197.393118][ T9426] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  197.450120][ T5852] ocfs2: Unmounting device (7,1) on (node local)
[  197.506302][ T9428] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  197.519760][ T9428] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  197.572867][ T9428] syz.2.1330: attempt to access beyond end of device
[  197.572867][ T9428] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  197.613687][ T9428] syz.2.1330: attempt to access beyond end of device
[  197.613687][ T9428] loop2: rw=2049, sector=77824, nr_sectors = 976 limit=40427
[  197.652524][ T5853] syz-executor: attempt to access beyond end of device
[  197.652524][ T5853] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  197.667658][ T5853] CPU: 0 UID: 0 PID: 5853 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  197.667679][ T5853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  197.667688][ T5853] Call Trace:
[  197.667694][ T5853]  <TASK>
[  197.667701][ T5853]  dump_stack_lvl+0x189/0x250
[  197.667727][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.667742][ T5853]  ? __pfx_queue_work_on+0x10/0x10
[  197.667757][ T5853]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  197.667777][ T5853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  197.667805][ T5853]  f2fs_handle_critical_error+0x37c/0x540
[  197.667832][ T5853]  f2fs_write_end_io+0x886/0xb60
[  197.667860][ T5853]  __submit_merged_bio+0x27a/0x6a0
[  197.667885][ T5853]  __submit_merged_write_cond+0x255/0x530
[  197.667911][ T5853]  f2fs_write_data_pages+0x261d/0x3000
[  197.667958][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.668007][ T5853]  ? arch_stack_walk+0xfc/0x150
[  197.668048][ T5853]  ? __mod_zone_page_state+0xd7/0x140
[  197.668075][ T5853]  ? folios_put_refs+0x560/0x640
[  197.668098][ T5853]  ? __pfx_folios_put_refs+0x10/0x10
[  197.668111][ T5853]  ? rcu_is_watching+0x15/0xb0
[  197.668152][ T5853]  ? __lock_acquire+0xab9/0xd20
[  197.668185][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.668206][ T5853]  do_writepages+0x32e/0x550
[  197.668235][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  197.668255][ T5853]  filemap_fdatawrite+0x199/0x240
[  197.668300][ T5853]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  197.668354][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  197.668375][ T5853]  f2fs_sync_dirty_inodes+0x31f/0x830
[  197.668401][ T5853]  f2fs_write_checkpoint+0x95a/0x1df0
[  197.668435][ T5853]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  197.668484][ T5853]  ? kill_f2fs_super+0x298/0x6c0
[  197.668499][ T5853]  kill_f2fs_super+0x2c3/0x6c0
[  197.668526][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  197.668538][ T5853]  ? radix_tree_delete_item+0x2b6/0x400
[  197.668563][ T5853]  ? shrinker_free+0x2ce/0x3e0
[  197.668580][ T5853]  deactivate_locked_super+0xbc/0x130
[  197.668599][ T5853]  cleanup_mnt+0x425/0x4c0
[  197.668612][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.668625][ T5853]  task_work_run+0x1d4/0x260
[  197.668637][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  197.668646][ T5853]  ? __x64_sys_umount+0x122/0x160
[  197.668659][ T5853]  ? exit_to_user_mode_loop+0x40/0x110
[  197.668672][ T5853]  exit_to_user_mode_loop+0xec/0x110
[  197.668683][ T5853]  do_syscall_64+0x2bd/0x3b0
[  197.668690][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.668700][ T5853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.668708][ T5853]  ? exc_page_fault+0x9f/0xf0
[  197.668720][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.668727][ T5853] RIP: 0033:0x7fd0b1d8ff17
[  197.668735][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  197.668742][ T5853] RSP: 002b:00007ffe008ad858 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  197.668751][ T5853] RAX: 0000000000000000 RBX: 00007fd0b1e11c05 RCX: 00007fd0b1d8ff17
[  197.668756][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe008ad910
[  197.668761][ T5853] RBP: 00007ffe008ad910 R08: 0000000000000000 R09: 0000000000000000
[  197.668766][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe008ae9a0
[  197.668770][ T5853] R13: 00007fd0b1e11c05 R14: 000000000003018c R15: 00007ffe008ae9e0
[  197.668783][ T5853]  </TASK>
[  197.897925][ T9444] loop1: detected capacity change from 0 to 32768
[  197.900633][ T9444] XFS (loop1): sunit and swidth must be specified together
[  197.926694][ T5853] F2FS-fs (loop2): Remounting filesystem read-only
[  197.962802][ T9450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1340'.
[  198.525483][ T9477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1352'.
[  198.574820][ T9479] sctp: [Deprecated]: syz.2.1353 (pid 9479) Use of struct sctp_assoc_value in delayed_ack socket option.
[  198.574820][ T9479] Use struct sctp_sack_info instead
[  199.775279][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  199.777689][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  200.248487][ T5849] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  200.248819][ T5854] Bluetooth: hci3: command 0x1003 tx timeout
[  200.367759][ T9521] netlink: 'syz.1.1373': attribute type 11 has an invalid length.
[  200.372196][ T9521] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1373'.
[  200.457550][ T9519] loop2: detected capacity change from 0 to 40427
[  200.461313][ T9519] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  200.464531][ T9519] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  200.469812][ T9519] F2FS-fs (loop2): invalid crc value
[  200.552156][ T9519] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  200.559299][ T9519] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  200.562077][ T9519] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  200.615844][ T9533] netlink: 146840 bytes leftover after parsing attributes in process `syz.0.1376'.
[  200.683457][ T9536] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1380'.
[  200.918673][ T9545] loop2: detected capacity change from 0 to 4096
[  200.924243][ T9545] ntfs3(loop2): ino=3, Correct links count -> 2.
[  200.954426][ T9545] ntfs3(loop2): ino=1a, mi_enum_attr
[  200.956881][ T9545] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  200.968824][    T9] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  201.118510][    T9] usb 2-1: Using ep0 maxpacket: 16
[  201.122553][    T9] usb 2-1: config 0 has an invalid interface number: 74 but max is 0
[  201.125690][    T9] usb 2-1: config 0 has no interface number 0
[  201.128021][    T9] usb 2-1: config 0 interface 74 has no altsetting 0
[  201.140919][    T9] usb 2-1: New USB device found, idVendor=0565, idProduct=0001, bcdDevice=66.36
[  201.144732][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.147915][    T9] usb 2-1: Product: syz
[  201.151557][    T9] usb 2-1: Manufacturer: syz
[  201.153440][    T9] usb 2-1: SerialNumber: syz
[  201.161615][    T9] usb 2-1: config 0 descriptor??
[  201.382381][    T9] belkin_sa 2-1:0.74: Belkin / Peracom / GoHubs USB Serial Adapter converter detected
[  201.392197][    T9] usb 2-1: bcdDevice: 6636, bfc: 0
[  201.400346][    T9] usb 2-1: Belkin / Peracom / GoHubs USB Serial Adapter converter now attached to ttyUSB0
[  201.408058][    T9] usb 2-1: USB disconnect, device number 32
[  201.418168][    T9] belkin ttyUSB0: Belkin / Peracom / GoHubs USB Serial Adapter converter now disconnected from ttyUSB0
[  201.428236][    T9] belkin_sa 2-1:0.74: device disconnected
[  202.155140][ T9557] loop2: detected capacity change from 0 to 32768
[  202.188222][ T9557] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section members_v2: device 0: invalid btree_bitmap_shift 248
[  202.188222][ T9557] members_v2 (size 152):
[  202.188222][ T9557] Device:                        0
[  202.188222][ T9557]   Label:                       (none)
[  202.188222][ T9557]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[  202.188222][ T9557]   Size:                        16777216
[  202.188222][ T9557]   read errors:                 0
[  202.188222][ T9557]   write errors:                0
[  202.188222][ T9557]   checksum errors:             0
[  202.188222][ T9557]   seqread iops:                0
[  202.188222][ T9557]   seqwrite iops:               0
[  202.188222][ T9557]   randread iops:               0
[  202.188222][ T9557]   randwrite iops:              0
[  202.188222][ T9557]   Bucket size:                 131072
[  202.188222][ T9557]   First bucket:                0
[  202.188222][ T9557]   Buckets:                     128
[  202.188222][ T9557]   Last mount:                  1714681267
[  202.188222][ T9557]   Last superblock write:       42
[  202.188222][ T9557]   State:                       rw
[  202.188222][ T9557]   Data allowed:                journal,btree,user
[  202.188222][ T9557]   Has data:                    (none)
[  202.188222][ T9557]   Btree allocated bitmap blocksize:(invalid shift 248)
[  202.188222][ T9557]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  202.188222][ T9557]  
[  202.189991][ T9557] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  202.444107][ T9568] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  202.444107][ T9568] The task syz.1.1391 (9568) triggered the difference, watch for misbehavior.
[  203.023228][ T9568] loop1: detected capacity change from 0 to 65536
[  203.071610][ T9568] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  203.096569][ T9568] XFS (loop1): Ending clean mount
[  203.099620][ T9568] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  203.139368][ T9588] 9pnet: Found fid 0 not clunked
[  203.486458][ T9595] vivid-000: disconnect
[  203.492012][ T9594] vivid-000: reconnect
[  204.003961][ T9621] loop1: detected capacity change from 0 to 1024
[  204.017623][ T9621] hfsplus: bad catalog entry type
[  204.033359][ T7865] hfsplus: b-tree write err: -5, ino 4
[  204.618559][   T24] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  204.768531][   T24] usb 3-1: Using ep0 maxpacket: 16
[  204.771521][   T24] usb 3-1: too many configurations: 123, using maximum allowed: 8
[  204.775805][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.781058][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.785986][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.791906][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.797172][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.802510][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.807686][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.813091][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.821144][   T24] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  204.824593][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  204.827612][   T24] usb 3-1: SerialNumber: syz
[  204.832457][   T24] usb 3-1: config 0 descriptor??
[  204.839928][   T24] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input12
[  205.082080][ T5282] bcm5974 3-1:0.0: could not read from device
[  205.093820][   T24] usb 3-1: USB disconnect, device number 22
[  205.099962][ T5282] bcm5974 3-1:0.0: could not read from device
[  205.111953][ T5282] bcm5974 3-1:0.0: could not read from device
[  205.178080][ T9651] mmap: syz.0.1426 (9651) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  205.289361][ T9653] loop1: detected capacity change from 0 to 4096
[  205.694221][ T9663] loop2: detected capacity change from 0 to 256
[  205.696972][ T9663] exfat: Deprecated parameter 'namecase'
[  205.702128][ T9663] exfat: Deprecated parameter 'utf8'
[  205.713539][ T9663] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  205.808476][ T9665] loop2: detected capacity change from 0 to 64
[  205.954665][ T9659] loop0: detected capacity change from 0 to 32768
[  205.973928][ T9659] 
[  205.973928][ T9659]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  205.973928][ T9659] 
[  206.034910][ T9659] jfs_lookup: dtSearch returned -5
[  206.069373][ T9671] loop2: detected capacity change from 0 to 128
[  206.104963][ T5848] 
[  206.104963][ T5848]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  206.104963][ T5848] 
[  206.114134][   T33] audit: type=1800 audit(1757319313.168:65): pid=9671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1437" name="file2" dev="loop2" ino=1048618 res=0 errno=0
[  206.117174][ T5848] 
[  206.117174][ T5848]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  206.117174][ T5848] 
[  206.127126][ T9671] syz.2.1437: attempt to access beyond end of device
[  206.127126][ T9671] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  206.217678][ T9673] loop1: detected capacity change from 0 to 512
[  206.253090][ T9673] EXT4-fs: Ignoring removed nomblk_io_submit option
[  206.261596][ T9673] EXT4-fs (loop1): filesystem is read-only
[  206.270331][ T9673] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  206.292345][ T9673] EXT4-fs (loop1): filesystem is read-only
[  206.295179][ T9673] EXT4-fs (loop1): orphan cleanup on readonly fs
[  206.298131][ T9673] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #16: comm syz.1.1436: iget: bad i_size value: 648518346341360424
[  206.305628][ T9673] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1436: couldn't read orphan inode 16 (err -117)
[  206.312747][ T9673] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  206.377441][ T9680] loop0: detected capacity change from 0 to 8
[  206.397287][ T9680] SQUASHFS error: zlib decompression failed, data probably corrupt
[  206.403566][ T9680] SQUASHFS error: Failed to read block 0x9b: -5
[  206.406000][ T9680] SQUASHFS error: Unable to read metadata cache entry [99]
[  206.410132][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.411409][ T9680] SQUASHFS error: Unable to read inode 0x127
[  206.601696][ T9688] loop1: detected capacity change from 0 to 4096
[  206.605771][ T9688] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  206.650572][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  206.808680][   T24] usb 3-1: Using ep0 maxpacket: 8
[  206.819716][   T24] usb 3-1: config 162 has an invalid interface number: 197 but max is 1
[  206.836370][   T24] usb 3-1: config 162 has an invalid interface number: 143 but max is 1
[  206.845909][   T24] usb 3-1: config 162 has no interface number 0
[  206.848909][   T24] usb 3-1: config 162 has no interface number 1
[  206.851397][   T24] usb 3-1: config 162 interface 197 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  206.856438][   T24] usb 3-1: config 162 interface 143 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  206.862580][   T24] usb 3-1: config 162 interface 143 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  206.867289][   T24] usb 3-1: config 162 interface 143 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  206.872858][   T24] usb 3-1: config 162 interface 143 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  206.876863][   T24] usb 3-1: config 162 interface 143 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  206.882335][   T24] usb 3-1: config 162 interface 197 has no altsetting 0
[  206.893734][   T24] usb 3-1: config 162 interface 143 has no altsetting 0
[  206.910699][   T24] usb 3-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=95.a7
[  206.914150][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.917238][   T24] usb 3-1: Product: syz
[  206.934899][   T24] usb 3-1: Manufacturer: syz
[  206.936630][   T24] usb 3-1: SerialNumber: syz
[  206.987917][ T9708] loop1: detected capacity change from 0 to 128
[  206.993449][ T9708] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  206.999259][ T9708] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  207.497832][ T5849] Bluetooth: hci3: HCI Read Local Supported Commands not supported
[  207.500768][   T24] usb 3-1: USB disconnect, device number 23
[  207.503951][ T5854] Bluetooth: hci3: sending frame failed (-19)
[  207.507493][ T5849] Bluetooth: hci3: Opcode 0x0c03 failed: -19
[  207.656931][   T33] audit: type=1326 audit(1757319314.698:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9717 comm="syz.1.1457" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec8698ebe9 code=0x0
[  207.754242][ T9720] ipvlan0: entered promiscuous mode
[  207.756470][ T9720] ipvlan0: entered allmulticast mode
[  207.760051][ T9720] veth0_vlan: entered allmulticast mode
[  208.166242][   T33] audit: type=1326 audit(1757319315.208:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9727 comm="syz.1.1462" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec8698ebe9 code=0x7fc00000
[  208.768530][   T33] audit: type=1326 audit(1757319315.808:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9727 comm="syz.1.1462" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec86990b07 code=0x7fc00000
[  208.980336][ T9766] loop1: detected capacity change from 0 to 64
[  209.000015][ T9766] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  209.186005][ T9772] ptrace attach of "/syz-executor exec"[5852] was attempted by ""[9772]
[  209.198489][   T24] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  209.351345][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  209.357986][   T24] usb 3-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice= 0.40
[  209.362182][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.365330][   T24] usb 3-1: Product: syz
[  209.367021][   T24] usb 3-1: Manufacturer: syz
[  209.378677][   T24] usb 3-1: SerialNumber: syz
[  209.497480][ T9788] loop0: detected capacity change from 0 to 8
[  209.597542][   T24] ldusb 3-1:3.0: Interrupt in endpoint not found
[  209.603896][   T24] usb 3-1: USB disconnect, device number 24
[  209.671303][ T9776] loop1: detected capacity change from 0 to 40427
[  209.679803][ T9776] F2FS-fs (loop1): invalid crc value
[  209.762394][ T9776] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  209.766661][ T9776] F2FS-fs (loop1): Start checkpoint disabled!
[  209.780899][ T9776] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  209.792814][   T33] audit: type=1804 audit(1757319316.838:69): pid=9776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1483" name="/newroot/507/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  209.810945][ T1089] kworker/u10:4: attempt to access beyond end of device
[  209.810945][ T1089] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  209.827267][ T1089] CPU: 1 UID: 0 PID: 1089 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  209.827290][ T1089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.827300][ T1089] Workqueue: writeback wb_workfn (flush-7:1)
[  209.827325][ T1089] Call Trace:
[  209.827331][ T1089]  <TASK>
[  209.827338][ T1089]  dump_stack_lvl+0x189/0x250
[  209.827359][ T1089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.827376][ T1089]  ? __pfx_queue_work_on+0x10/0x10
[  209.827389][ T1089]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  209.827409][ T1089]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  209.827434][ T1089]  f2fs_handle_critical_error+0x37c/0x540
[  209.827461][ T1089]  f2fs_write_end_io+0x886/0xb60
[  209.827496][ T1089]  __submit_merged_bio+0x27a/0x6a0
[  209.827521][ T1089]  __submit_merged_write_cond+0x255/0x530
[  209.827545][ T1089]  f2fs_write_data_pages+0x261d/0x3000
[  209.827589][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  209.827619][ T1089]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  209.827659][ T1089]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  209.827679][ T1089]  ? look_up_lock_class+0x74/0x170
[  209.827704][ T1089]  ? trace_f2fs_writepages+0x7f/0x200
[  209.827721][ T1089]  ? f2fs_write_node_pages+0x478/0x6e0
[  209.827743][ T1089]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  209.827772][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  209.827792][ T1089]  do_writepages+0x32e/0x550
[  209.827815][ T1089]  ? reacquire_held_locks+0x127/0x1d0
[  209.827829][ T1089]  ? writeback_sb_inodes+0x384/0x1010
[  209.827853][ T1089]  __writeback_single_inode+0x145/0xff0
[  209.827869][ T1089]  ? do_raw_spin_unlock+0x4d/0x240
[  209.827889][ T1089]  writeback_sb_inodes+0x6c7/0x1010
[  209.827926][ T1089]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  209.827973][ T1089]  ? rcu_is_watching+0x15/0xb0
[  209.827996][ T1089]  wb_writeback+0x43b/0xaf0
[  209.828018][ T1089]  ? queue_io+0x331/0x590
[  209.828037][ T1089]  ? __pfx_wb_writeback+0x10/0x10
[  209.828060][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.828080][ T1089]  wb_workfn+0x409/0xef0
[  209.828106][ T1089]  ? __pfx_wb_workfn+0x10/0x10
[  209.828125][ T1089]  ? __lock_acquire+0xab9/0xd20
[  209.828152][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  209.828170][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.828186][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  209.828197][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  209.828213][ T1089]  process_scheduled_works+0xae1/0x17b0
[  209.828271][ T1089]  ? __pfx_process_scheduled_works+0x10/0x10
[  209.828299][ T1089]  worker_thread+0x8a0/0xda0
[  209.828352][ T1089]  kthread+0x711/0x8a0
[  209.828373][ T1089]  ? __pfx_worker_thread+0x10/0x10
[  209.828387][ T1089]  ? __pfx_kthread+0x10/0x10
[  209.828402][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.828419][ T1089]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.828452][ T1089]  ? __pfx_kthread+0x10/0x10
[  209.828476][ T1089]  ret_from_fork+0x3fc/0x770
[  209.828494][ T1089]  ? __pfx_ret_from_fork+0x10/0x10
[  209.828513][ T1089]  ? __switch_to_asm+0x39/0x70
[  209.828528][ T1089]  ? __switch_to_asm+0x33/0x70
[  209.828543][ T1089]  ? __pfx_kthread+0x10/0x10
[  209.828559][ T1089]  ret_from_fork_asm+0x1a/0x30
[  209.828588][ T1089]  </TASK>
[  209.947801][ T1089] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  209.963747][ T9792] loop0: detected capacity change from 0 to 40427
[  209.968285][ T9792] F2FS-fs (loop0): build fault injection rate: 14
[  209.971320][ T9792] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  209.976044][ T9792] F2FS-fs (loop0): invalid crc value
[  209.984583][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  209.994567][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  210.040837][ T9792] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  210.043887][ T9792] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  210.053894][ T9792] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  210.062842][ T9792] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  210.071645][ T9792] F2FS-fs (loop0): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1050
[  210.097895][ T5848] syz-executor: attempt to access beyond end of device
[  210.097895][ T5848] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  210.110265][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  210.110285][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  210.110294][ T5848] Call Trace:
[  210.110299][ T5848]  <TASK>
[  210.110306][ T5848]  dump_stack_lvl+0x189/0x250
[  210.110328][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.110344][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  210.110357][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  210.110375][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  210.110400][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  210.110425][ T5848]  f2fs_write_end_io+0x886/0xb60
[  210.110451][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  210.110476][ T5848]  __submit_merged_write_cond+0x255/0x530
[  210.110507][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  210.110552][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  210.110602][ T5848]  ? __mod_zone_page_state+0xd7/0x140
[  210.110629][ T5848]  ? folios_put_refs+0x560/0x640
[  210.110654][ T5848]  ? __lock_acquire+0xab9/0xd20
[  210.110679][ T5848]  ? do_raw_spin_lock+0x121/0x290
[  210.110704][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  210.110724][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  210.110743][ T5848]  do_writepages+0x32e/0x550
[  210.110768][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  210.110788][ T5848]  filemap_fdatawrite+0x199/0x240
[  210.110806][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  210.110858][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  210.110878][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  210.110903][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  210.110936][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  210.110987][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  210.111004][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  210.111023][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  210.111035][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  210.111059][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  210.111075][ T5848]  deactivate_locked_super+0xbc/0x130
[  210.111093][ T5848]  cleanup_mnt+0x425/0x4c0
[  210.111109][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.111129][ T5848]  task_work_run+0x1d4/0x260
[  210.111149][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  210.111164][ T5848]  ? __x64_sys_umount+0x122/0x160
[  210.111186][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  210.111239][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  210.111258][ T5848]  do_syscall_64+0x2bd/0x3b0
[  210.111270][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.111288][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.111300][ T5848]  ? exc_page_fault+0x9f/0xf0
[  210.111320][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.111332][ T5848] RIP: 0033:0x7f779f58ff17
[  210.111345][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  210.111357][ T5848] RSP: 002b:00007ffdbb5c2c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  210.111371][ T5848] RAX: 0000000000000000 RBX: 00007f779f611c05 RCX: 00007f779f58ff17
[  210.111380][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbb5c2d10
[  210.111388][ T5848] RBP: 00007ffdbb5c2d10 R08: 0000000000000000 R09: 0000000000000000
[  210.111395][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbb5c3da0
[  210.111404][ T5848] R13: 00007f779f611c05 R14: 000000000003322d R15: 00007ffdbb5c3de0
[  210.111427][ T5848]  </TASK>
[  210.111433][ T5848] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  210.387263][ T9806] netlink: 'syz.2.1496': attribute type 9 has an invalid length.
[  210.392484][ T9806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1496'.
[  210.491306][ T9808] bridge0: port 3(wlan0) entered blocking state
[  210.494080][ T9808] bridge0: port 3(wlan0) entered disabled state
[  210.496715][ T9808] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  210.501625][ T9808] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  210.717898][ T9817] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1500'.
[  210.720301][ T9819] tmpfs: Bad value for 'nr_inodes'
[  211.053217][ T9833] netlink: 'syz.2.1508': attribute type 1 has an invalid length.
[  211.059543][ T9833] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  211.211900][ T9841] netlink: 'syz.2.1511': attribute type 1 has an invalid length.
[  211.214966][ T9841] netlink: 'syz.2.1511': attribute type 1 has an invalid length.
[  211.269023][ T9843] loop1: detected capacity change from 0 to 1024
[  211.534562][ T9855] loop1: detected capacity change from 0 to 16
[  211.549736][ T9855] erofs (device loop1): mounted with root inode @ nid 36.
[  211.572694][ T9855] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[  211.606187][ T9855] erofs (device loop1): failed to decompress -29 in[58, 4038] out[1851]
[  211.621737][ T9855] erofs (device loop1): read error -117 @ 43 of nid 36
[  211.643582][ T9861] erofs (device loop1): readahead error at folio 6 @ nid 36
[  211.655053][ T9861] erofs (device loop1): readahead error at folio 4 @ nid 36
[  211.671150][ T9861] erofs (device loop1): invalid logical cluster 0 at nid 36
[  211.680239][ T9861] erofs (device loop1): readahead error at folio 0 @ nid 36
[  211.684891][ T9861] syz.1.1519: attempt to access beyond end of device
[  211.684891][ T9861] loop1: rw=524288, sector=296, nr_sectors = 16 limit=16
[  211.707389][ T9861] syz.1.1519: attempt to access beyond end of device
[  211.707389][ T9861] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  211.721990][ T9868] loop2: detected capacity change from 0 to 512
[  211.735964][ T9868] EXT4-fs (loop2): fragment/cluster size (4096) != block size (1024)
[  211.739584][ T9861] syz.1.1519: attempt to access beyond end of device
[  211.739584][ T9861] loop1: rw=524288, sector=16, nr_sectors = 8 limit=16
[  211.749707][ T9861] syz.1.1519: attempt to access beyond end of device
[  211.749707][ T9861] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16
[  211.776695][ T9861] erofs (device loop1): failed to decompress -29 in[58, 4038] out[4055]
[  211.797507][ T9861] erofs (device loop1): invalid logical cluster 0 at nid 36
[  211.800584][ T9861] syz.1.1519: attempt to access beyond end of device
[  211.800584][ T9861] loop1: rw=0, sector=296, nr_sectors = 8 limit=16
[  211.806128][ T9861] erofs (device loop1): read error -5 @ 0 of nid 36
[  211.812020][ T9861] erofs (device loop1): failed to readdir of logical block 0 of nid 36
[  211.975040][ T9875] loop2: detected capacity change from 0 to 4096
[  211.991187][ T9875] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  212.056194][ T9875] ntfs3(loop2): MFT: r=18, expect seq=1 instead of 0!
[  212.068613][ T9875] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  212.075979][ T9875] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  212.382849][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  212.382907][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x72
[  212.386179][ T5849] Bluetooth: hci2: Malformed LE Event: 0x0d
[  212.411763][ T9894] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1533'.
[  213.060559][ T9897] loop1: detected capacity change from 0 to 32768
[  213.094292][ T9897] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1534 (9897)
[  213.460190][ T9897] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  213.484382][ T9897] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  213.674108][ T9897] BTRFS info (device loop1): enabling ssd optimizations
[  213.683803][ T9897] BTRFS info (device loop1): enabling free space tree
[  213.850078][ T5852] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.058979][    T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  214.178883][ T9925] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  214.238518][    T9] usb 1-1: Using ep0 maxpacket: 16
[  214.247382][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  214.251682][    T9] usb 1-1: config 3 has an invalid interface number: 200 but max is 0
[  214.254235][    T9] usb 1-1: config 3 has no interface number 0
[  214.256208][    T9] usb 1-1: config 3 interface 200 altsetting 128 bulk endpoint 0xF has invalid maxpacket 32
[  214.261040][    T9] usb 1-1: config 3 interface 200 has no altsetting 0
[  214.265338][    T9] usb 1-1: New USB device found, idVendor=294b, idProduct=7b59, bcdDevice=52.61
[  214.268136][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.271063][    T9] usb 1-1: Product: syz
[  214.272398][    T9] usb 1-1: Manufacturer: syz
[  214.278254][    T9] usb 1-1: SerialNumber: syz
[  214.284331][ T9921] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  214.300307][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.304649][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.306743][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.308892][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.311247][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.313643][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.316250][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.318666][ T9931] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  214.527583][    T9] usb 1-1: USB disconnect, device number 22
[  214.783977][ T9936] loop1: detected capacity change from 0 to 1764
[  214.835584][ T9938] loop1: detected capacity change from 0 to 8
[  214.867185][ T9938] SQUASHFS error: Failed to read block 0x2d7: -5
[  214.870157][ T9938] SQUASHFS error: Unable to read metadata cache entry [2d5]
[  215.101217][ T9947] loop0: detected capacity change from 0 to 4096
[  215.104254][ T9947] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  215.142110][ T9947] ntfs3(loop0): ino=19, mi_enum_attr
[  215.154042][ T9947] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  215.405745][ T9961] loop1: detected capacity change from 0 to 256
[  215.409150][ T9961] exfat: Deprecated parameter 'utf8'
[  215.414398][ T9961] exfat: Deprecated parameter 'utf8'
[  215.424320][ T9961] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d)
[  215.786970][ T9957] loop0: detected capacity change from 0 to 32768
[  215.883098][ T9967] loop1: detected capacity change from 0 to 32768
[  215.892843][ T9967] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  215.902371][ T9967] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  215.923678][ T9967] ocfs2: Unmounting device (7,1) on (node local)
[  215.998436][   T47] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  216.158663][   T47] usb 3-1: Using ep0 maxpacket: 32
[  216.163587][   T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  216.167895][   T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  216.175268][   T47] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  216.187044][   T47] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  216.191330][   T47] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  216.194664][   T47] usb 3-1: Product: syz
[  216.196382][   T47] usb 3-1: Manufacturer: syz
[  216.198228][   T47] usb 3-1: SerialNumber: syz
[  216.233068][   T47] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input14
[  216.245907][ T9985] loop1: detected capacity change from 0 to 4096
[  216.255442][ T9985] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  216.329022][ T5854] Bluetooth: hci0: command 0x0406 tx timeout
[  216.331664][ T5849] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  216.382896][ T9993] overlayfs: failed to decode file handle (len=4, type=248, flags=0, err=-22)
[  216.425861][   T47] usb 3-1: USB disconnect, device number 25
[  216.469267][   T47] appletouch 3-1:1.0: input: appletouch disconnected
[  216.552332][ T9999] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  216.733625][ T9997] loop1: detected capacity change from 0 to 32768
[  216.751837][ T9997] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  216.833936][ T5852] ocfs2: Unmounting device (7,1) on (node local)
[  217.208782][   T47] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  217.308507][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  217.358688][   T47] usb 2-1: Using ep0 maxpacket: 8
[  217.362727][   T47] usb 2-1: config 32 has 1 interface, different from the descriptor's value: 2
[  217.366343][   T47] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  217.371858][   T47] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  217.375700][   T47] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  217.379460][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.468569][    T9] usb 3-1: Using ep0 maxpacket: 16
[  217.472830][    T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.476510][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  217.480032][    T9] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  217.483561][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.489725][    T9] usb 3-1: config 0 descriptor??
[  217.596715][   T47] usb 2-1: string descriptor 0 read error: -71
[  217.616903][   T47] usb 2-1: USB disconnect, device number 33
[  217.640306][ T8169] udevd[8169]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.915563][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.918659][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.921479][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.924225][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.926978][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.929845][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.932934][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.935632][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.938782][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.941513][    T9] cougar 0003:060B:500A.000C: unknown main item tag 0x0
[  217.944727][    T9] cougar 0003:060B:500A.000C: ignoring exceeding usage max
[  217.948747][    T9] cougar 0003:060B:500A.000C: unexpected long global item
[  217.952798][    T9] cougar 0003:060B:500A.000C: parse failed
[  217.955179][    T9] cougar 0003:060B:500A.000C: probe with driver cougar failed with error -22
[  218.105332][   T47] usb 3-1: USB disconnect, device number 26
[  218.568610][ T5854] Bluetooth: hci3: command 0x1003 tx timeout
[  218.575210][ T5849] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  219.248539][   T47] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  219.418539][   T47] usb 1-1: Using ep0 maxpacket: 16
[  219.430230][   T47] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  219.438545][   T47] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 75, changing to 10
[  219.442958][   T47] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 25344, setting to 1024
[  219.453697][   T47] usb 1-1: config 0 interface 0 has no altsetting 0
[  219.461473][   T47] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  219.465148][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.468254][   T47] usb 1-1: Product: syz
[  219.471641][   T47] usb 1-1: Manufacturer: syz
[  219.473448][   T47] usb 1-1: SerialNumber: syz
[  219.477913][   T47] usb 1-1: config 0 descriptor??
[  219.628507][ T6008] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  219.685630][   T47] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input15
[  219.698487][ T5946] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  219.789102][ T6008] usb 3-1: Using ep0 maxpacket: 8
[  219.814814][ T6008] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[  219.820848][ T6008] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  219.824993][ T6008] usb 3-1: config 0 has no interface number 0
[  219.827316][ T6008] usb 3-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.831819][ T6008] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  219.835674][ T6008] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.839948][ T6008] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  219.844590][ T6008] usb 3-1: config 0 interface 52 has no altsetting 0
[  219.846959][ T6008] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  219.850593][ T6008] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.856602][ T6008] usb 3-1: config 0 descriptor??
[  219.869045][ T5946] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  219.874629][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.878266][ T5946] usb 2-1: Product: syz
[  219.880677][ T5946] usb 2-1: Manufacturer: syz
[  219.883998][ T5946] usb 2-1: SerialNumber: syz
[  219.917775][   T47] usb 1-1: USB disconnect, device number 23
[  219.925229][ T5946] usb 2-1: config 0 descriptor??
[  220.083851][ T6008] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input16
[  220.139947][ T5946] usb-storage 2-1:0.0: USB Mass Storage device detected
[  220.203399][ T5946] usb 2-1: USB disconnect, device number 34
[  220.289520][   T96] usb 3-1: USB disconnect, device number 27
[  220.593957][   T33] audit: type=1326 audit(1757319583.647:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10043 comm="syz.0.1595" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f779f58ebe9 code=0x0
[  220.802666][T10050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1597'.
[  220.867810][T10054] loop2: detected capacity change from 0 to 512
[  220.877774][T10054] EXT4-fs error (device loop2): ext4_get_journal_inode:5800: comm syz.2.1599: inode #16777216: comm syz.2.1599: iget: illegal inode #
[  220.887650][T10054] EXT4-fs (loop2): Remounting filesystem read-only
[  220.896697][T10054] EXT4-fs (loop2): no journal found
[  220.898914][T10054] EXT4-fs (loop2): can't get journal size
[  220.914041][T10054] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  220.917459][T10054] EXT4-fs (loop2): failed to initialize system zone (-22)
[  220.924344][T10054] EXT4-fs (loop2): mount failed
[  221.157400][   T47] IPVS: starting estimator thread 0...
[  221.160152][T10073] IPVS: ip_vs_edit_dest(): server weight less than zero
[  221.249455][T10074] IPVS: using max 64 ests per chain, 153600 per kthread
[  221.368498][ T5946] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  221.457423][T10082] loop1: detected capacity change from 0 to 16384
[  221.547781][T10082] bcachefs (loop1): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=none,data_checksum=none,compression=zstd,str_hash=crc32c,norecovery,reconstruct_alloc
[  221.547794][T10082]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  221.560934][T10082] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  221.563998][T10082] bcachefs (loop1): recovering from clean shutdown, journal seq 18
[  221.566651][T10082] bcachefs (loop1): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  221.566651][T10082]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  221.580135][T10082] bcachefs (loop1): dropping and reconstructing all alloc info
[  221.608674][ T5946] usb 3-1: Using ep0 maxpacket: 8
[  221.612257][ T5946] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[  221.615108][ T5946] usb 3-1: config 0 has an invalid interface number: 21 but max is 0
[  221.617898][ T5946] usb 3-1: config 0 has no interface number 0
[  221.620472][ T5946] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  221.624699][ T5946] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  221.629022][ T5946] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  221.634384][ T5946] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  221.634675][T10082] bcachefs (loop1): accounting_read...
[  221.637875][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  221.643086][ T5946] usb 3-1: Product: syz
[  221.643429][T10082]  done
[  221.645950][T10082] bcachefs (loop1): alloc_read... done
[  221.646823][ T5946] usb 3-1: config 0 descriptor??
[  221.651132][T10071] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  221.658458][T10082] bcachefs (loop1): snapshots_read... done
[  221.661840][T10082] bcachefs (loop1): done starting filesystem
[  221.783638][T10095] blk_print_req_error: 74 callbacks suppressed
[  221.783700][T10095] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.790593][T10095] buffer_io_error: 102 callbacks suppressed
[  221.790802][T10095] Buffer I/O error on dev nbd0, logical block 0, async page read
[  221.799946][T10095] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.803144][T10095] Buffer I/O error on dev nbd0, logical block 1, async page read
[  221.806808][T10095] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.809992][T10095] Buffer I/O error on dev nbd0, logical block 2, async page read
[  221.813515][T10095] Buffer I/O error on dev nbd0, logical block 3, async page read
[  221.818292][T10095] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.822187][T10095] Buffer I/O error on dev nbd0, logical block 0, async page read
[  221.826876][T10095] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.830082][T10095] Buffer I/O error on dev nbd0, logical block 1, async page read
[  221.834042][T10095] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.837087][T10095] Buffer I/O error on dev nbd0, logical block 2, async page read
[  221.841294][T10095] Buffer I/O error on dev nbd0, logical block 3, async page read
[  221.845548][T10095] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.848746][T10095] Buffer I/O error on dev nbd0, logical block 0, async page read
[  221.852505][T10095] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.855638][T10095] Buffer I/O error on dev nbd0, logical block 1, async page read
[  221.900439][T10095] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.906562][T10095] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  221.929109][T10095] ldm_validate_partition_table(): Disk read failed.
[  221.937394][T10095] Dev nbd0: unable to read RDB block 0
[  221.940729][T10095]  nbd0: unable to read partition table
[  221.942825][T10095] nbd0: partition table beyond EOD, truncated
[  221.945659][T10095] EXT4-fs (nbd0): unable to read superblock
[  221.997946][ T5852] bcachefs (loop1): shutting down
[  222.020636][ T5852] bcachefs (loop1): shutdown complete
[  222.184434][ T5946] usb 3-1: USB disconnect, device number 28
[  222.638549][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  222.798572][    T9] usb 1-1: Using ep0 maxpacket: 16
[  222.821455][    T9] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  222.824715][    T9] usb 1-1: config 0 has no interface number 0
[  222.827085][    T9] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  222.838081][    T9] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  222.850974][    T9] usb 1-1: config 0 interface 41 has no altsetting 0
[  222.856032][    T9] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  222.861247][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.863767][    T9] usb 1-1: Product: syz
[  222.865366][    T9] usb 1-1: Manufacturer: syz
[  222.867170][    T9] usb 1-1: SerialNumber: syz
[  222.873173][    T9] usb 1-1: config 0 descriptor??
[  222.875777][T10098] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  222.878732][T10098] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  223.015361][T10110] loop2: detected capacity change from 0 to 512
[  223.031216][T10110] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  223.043213][T10110] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:169: inode #17: comm syz.2.1622: inline data xattr refers to an external xattr inode
[  223.059094][T10110] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1622: couldn't read orphan inode 17 (err -117)
[  223.067380][T10110] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.094623][T10098] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  223.097735][T10098] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  223.126912][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.478545][T10125] loop1: detected capacity change from 0 to 40427
[  223.490201][T10125] F2FS-fs (loop1): invalid crc value
[  223.530567][T10125] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  223.534800][T10125] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  223.567984][ T5852] syz-executor: attempt to access beyond end of device
[  223.567984][ T5852] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  223.573703][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  223.573723][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.573732][ T5852] Call Trace:
[  223.573738][ T5852]  <TASK>
[  223.573746][ T5852]  dump_stack_lvl+0x189/0x250
[  223.573771][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.573789][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  223.573803][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  223.573822][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.573851][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  223.573877][ T5852]  f2fs_write_end_io+0x886/0xb60
[  223.573907][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  223.573932][ T5852]  __submit_merged_write_cond+0x255/0x530
[  223.573959][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  223.574010][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  223.574092][ T5852]  ? __mod_zone_page_state+0xd7/0x140
[  223.574121][ T5852]  ? folios_put_refs+0x560/0x640
[  223.574147][ T5852]  ? __lock_acquire+0xab9/0xd20
[  223.574175][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  223.574201][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  223.574218][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  223.574239][ T5852]  do_writepages+0x32e/0x550
[  223.574268][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  223.574292][ T5852]  filemap_fdatawrite+0x199/0x240
[  223.574318][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  223.574376][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  223.574393][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  223.574419][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  223.574450][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  223.574503][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  223.574522][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  223.574540][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  223.574550][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  223.574575][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  223.574593][ T5852]  deactivate_locked_super+0xbc/0x130
[  223.574612][ T5852]  cleanup_mnt+0x425/0x4c0
[  223.574628][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.574650][ T5852]  task_work_run+0x1d4/0x260
[  223.574671][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  223.574686][ T5852]  ? __x64_sys_umount+0x122/0x160
[  223.574709][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  223.574732][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  223.574752][ T5852]  do_syscall_64+0x2bd/0x3b0
[  223.574763][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.574782][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.574795][ T5852]  ? exc_page_fault+0x9f/0xf0
[  223.574815][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.574827][ T5852] RIP: 0033:0x7fec8698ff17
[  223.574841][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  223.574852][ T5852] RSP: 002b:00007ffd1a62dfc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  223.574867][ T5852] RAX: 0000000000000000 RBX: 00007fec86a11c05 RCX: 00007fec8698ff17
[  223.574876][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd1a62e080
[  223.574884][ T5852] RBP: 00007ffd1a62e080 R08: 0000000000000000 R09: 0000000000000000
[  223.574892][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd1a62f110
[  223.574901][ T5852] R13: 00007fec86a11c05 R14: 00000000000366d2 R15: 00007ffd1a62f150
[  223.574926][ T5852]  </TASK>
[  223.574932][ T5852] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  223.711504][    T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  223.922421][    T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  223.933065][    T9] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  223.939994][    T9] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  223.950880][    T9] usb 1-1: USB disconnect, device number 24
[  224.232510][   T13] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x2
[  224.308254][T10153] loop1: detected capacity change from 0 to 512
[  224.321945][T10153] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  224.330174][T10153] EXT4-fs error (device loop1): ext4_init_orphan_info:585: inode #3: comm syz.1.1636: iget: special inode unallocated
[  224.335515][T10153] EXT4-fs (loop1): Remounting filesystem read-only
[  224.338603][T10153] EXT4-fs (loop1): get orphan inode failed
[  224.341353][T10153] EXT4-fs (loop1): mount failed
[  224.618763][   T33] audit: type=1800 audit(1757319587.667:71): pid=10165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1640" name="/" dev="9p" ino=2 res=0 errno=0
[  225.089425][T10172] loop0: detected capacity change from 0 to 1024
[  225.152070][ T7862] hfsplus: b-tree write err: -5, ino 4
[  225.185309][T10169] loop1: detected capacity change from 0 to 32768
[  225.225179][T10169] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  225.277471][T10169] XFS (loop1): Ending clean mount
[  225.291411][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  225.352362][ T5852] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  225.444200][T10192] netlink: 'syz.2.1651': attribute type 1 has an invalid length.
[  225.578647][ T5946] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  225.738493][ T5946] usb 1-1: Using ep0 maxpacket: 32
[  225.742999][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.747374][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.753037][ T5946] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  225.757275][ T5946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.770398][ T5946] usb 1-1: config 0 descriptor??
[  225.848482][   T47] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  226.020980][   T47] usb 2-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  226.024869][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.028309][   T47] usb 2-1: Product: syz
[  226.034460][   T47] usb 2-1: Manufacturer: syz
[  226.036351][   T47] usb 2-1: SerialNumber: syz
[  226.046361][   T47] usb 2-1: config 0 descriptor??
[  226.203037][ T5946] hid_parser_main: 50 callbacks suppressed
[  226.203127][ T5946] ft260 0003:0403:6030.000D: unknown main item tag 0x7
[  226.391655][ T5946] ft260 0003:0403:6030.000D: chip code: 6424 8183
[  226.585212][T10199] loop2: detected capacity change from 0 to 32768
[  226.595649][T10199] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1653 (10199)
[  226.598144][ T5946] ft260 0003:0403:6030.000D: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.0-1/input0
[  226.613183][T10199] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.617315][T10199] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  226.665970][T10199] BTRFS info (device loop2): enabling ssd optimizations
[  226.668881][T10199] BTRFS info (device loop2): enabling free space tree
[  226.684029][   T47] mos7840 2-1:0.0: required endpoints missing
[  226.703427][   T47] usb 2-1: USB disconnect, device number 35
[  226.732155][ T8169] udevd[8169]: setting owner of /dev/bus/usb/002/035 to uid=0, gid=0 failed: No such file or directory
[  226.751972][ T5853] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.795746][ T5946] ft260 0003:0403:6030.000D: failed to retrieve status: -32, no wakeup
[  227.004249][   T47] usb 1-1: USB disconnect, device number 25
[  227.118620][    T9] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  227.278577][    T9] usb 3-1: Using ep0 maxpacket: 32
[  227.284351][    T9] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  227.287437][    T9] usb 3-1: config 0 has no interface number 0
[  227.293272][    T9] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  227.297453][    T9] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  227.303990][    T9] usb 3-1: config 0 interface 85 has no altsetting 0
[  227.314507][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  227.318073][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.322598][    T9] usb 3-1: Product: syz
[  227.324402][    T9] usb 3-1: Manufacturer: syz
[  227.326213][    T9] usb 3-1: SerialNumber: syz
[  227.331318][    T9] usb 3-1: config 0 descriptor??
[  227.547313][T10221] loop1: detected capacity change from 0 to 40427
[  227.553666][    T9] appletouch 3-1:0.85: Failed to read mode from device.
[  227.556906][    T9] appletouch 3-1:0.85: probe with driver appletouch failed with error -5
[  227.558578][T10221] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  227.563108][T10221] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  227.591057][    T9] usb 3-1: USB disconnect, device number 29
[  227.657356][T10221] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  227.694470][T10221] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  227.697302][T10221] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  227.893862][T10229] ISOFS: Unable to identify CD-ROM format.
[  228.343091][T10231] loop2: detected capacity change from 0 to 1024
[  228.347097][T10231] EXT4-fs: Ignoring removed bh option
[  228.351076][T10231] EXT4-fs: inline encryption not supported
[  228.359545][T10231] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  228.371941][T10231] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[  228.389001][T10231] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.1659: lblock 2 mapped to illegal pblock 2 (length 1)
[  228.404723][T10231] EXT4-fs (loop2): Remounting filesystem read-only
[  228.407602][T10231] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  228.412035][T10231] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  228.412457][T10235] loop1: detected capacity change from 0 to 128
[  228.417515][T10231] EXT4-fs (loop2): 1 orphan inode deleted
[  228.482740][T10231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.491444][T10231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.650975][T10239] loop2: detected capacity change from 0 to 2048
[  228.680841][T10239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.689087][T10239] cifs: Unknown parameter 'norecovery'
[  228.829970][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.873177][T10243] CUSE: DEVNAME unspecified
[  229.030076][T10251] can0: slcan on ttynull.
[  229.080854][T10250] can0 (unregistered): slcan off ttynull.
[  229.238101][T10249] loop0: detected capacity change from 0 to 32768
[  229.304619][T10249] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  229.305641][T10256] netlink: 'syz.2.1670': attribute type 62 has an invalid length.
[  229.347766][T10249] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  229.372664][T10249] XFS (loop0): Starting recovery (logdev: internal)
[  229.390820][T10249] XFS (loop0): Ending recovery (logdev: internal)
[  229.462703][ T5854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  229.472540][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  229.475975][ T5854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  229.486507][ T5854] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  229.492292][ T5854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  229.525254][ T5848] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  229.608231][T10265] lo speed is unknown, defaulting to 1000
[  229.914542][T10265] chnl_net:caif_netlink_parms(): no params data found
[  230.065398][T10265] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.069194][T10265] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.074088][T10265] bridge_slave_0: entered allmulticast mode
[  230.077825][T10265] bridge_slave_0: entered promiscuous mode
[  230.083417][T10265] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.085839][T10265] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.089370][T10265] bridge_slave_1: entered allmulticast mode
[  230.093321][T10265] bridge_slave_1: entered promiscuous mode
[  230.145606][T10265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.149599][    T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  230.154791][T10265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.180141][ T1089] Bluetooth: hci3: Frame reassembly failed (-84)
[  230.187551][T10297] Bluetooth: hci3: Frame reassembly failed (-84)
[  230.194193][T10265] team0: Port device team_slave_0 added
[  230.197476][T10265] team0: Port device team_slave_1 added
[  230.222057][T10265] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.224578][T10265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.233558][T10265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.238273][T10265] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.240860][T10265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.249435][T10265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.284220][T10265] hsr_slave_0: entered promiscuous mode
[  230.287320][T10265] hsr_slave_1: entered promiscuous mode
[  230.290058][T10265] debugfs: 'hsr0' already exists in 'hsr'
[  230.291850][T10265] Cannot create hsr debugfs directory
[  230.308714][    T9] usb 3-1: Using ep0 maxpacket: 16
[  230.312987][    T9] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.317105][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  230.320243][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  230.323658][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.332710][    T9] usb 3-1: config 0 descriptor??
[  230.492654][T10265] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  230.503213][T10265] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  230.507521][T10265] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  230.516622][T10265] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  230.553494][T10265] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.555775][T10265] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.558227][T10265] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.561327][T10265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.597858][T10265] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.612997][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.616620][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.632096][T10265] 8021q: adding VLAN 0 to HW filter on device team0
[  230.644604][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.646866][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.659875][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.662248][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.761785][    T9] logitech-djreceiver 0003:046D:C71B.000E: hidraw0: USB HID v0.05 Device [HID 046d:c71b] on usb-dummy_hcd.2-1/input0
[  230.786116][T10265] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.817285][T10265] veth0_vlan: entered promiscuous mode
[  230.825409][T10265] veth1_vlan: entered promiscuous mode
[  230.852478][T10265] veth0_macvtap: entered promiscuous mode
[  230.859874][T10265] veth1_macvtap: entered promiscuous mode
[  230.881738][T10265] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.898130][T10265] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.917646][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.926771][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.931595][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.935382][ T5880] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.062491][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.067580][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.101776][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.104830][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.168729][ T5914] usb 3-1: USB disconnect, device number 30
[  231.531354][ T5854] Bluetooth: hci1: command tx timeout
[  232.168579][ T5849] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  232.417404][T10328] loop0: detected capacity change from 0 to 1024
[  232.550779][T10328] hfsplus: trying to free free bnode 0(1)
[  232.690627][   T40] hfsplus: b-tree write err: -5, ino 4
[  232.695355][T10335] netdevsim netdevsim2 : renamed from netdevsim0 (while UP)
[  232.787570][T10337] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  232.922157][T10345] tipc: Started in network mode
[  232.924249][T10345] tipc: Node identity ., cluster identity 4711
[  232.927346][T10345] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  233.080687][T10356] loop0: detected capacity change from 0 to 8
[  233.087846][T10356] unable to read xattr id index table
[  233.235262][T10354] loop3: detected capacity change from 0 to 40427
[  233.285389][T10354] F2FS-fs (loop3): invalid crc value
[  233.341859][T10354] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  233.345876][T10354] F2FS-fs (loop3): Start checkpoint disabled!
[  233.358047][T10354] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  233.620992][ T5849] Bluetooth: hci1: command tx timeout
[  234.793618][T10379] loop0: detected capacity change from 0 to 40427
[  234.815252][T10379] F2FS-fs (loop0): invalid crc value
[  234.904410][T10379] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  234.916678][T10379] F2FS-fs (loop0): Start checkpoint disabled!
[  234.934855][T10379] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  234.943193][   T33] audit: type=1800 audit(1757319597.997:72): pid=10379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1710" name="file1" dev="loop0" ino=10 res=0 errno=0
[  235.287701][T10384] syz.0.1710: attempt to access beyond end of device
[  235.287701][T10384] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  235.306672][T10384] syz.0.1710: attempt to access beyond end of device
[  235.306672][T10384] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  235.316982][T10384] syz.0.1710: attempt to access beyond end of device
[  235.316982][T10384] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  235.326907][T10384] syz.0.1710: attempt to access beyond end of device
[  235.326907][T10384] loop0: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  235.335844][T10384] syz.0.1710: attempt to access beyond end of device
[  235.335844][T10384] loop0: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[  235.341983][T10384] syz.0.1710: attempt to access beyond end of device
[  235.341983][T10384] loop0: rw=2049, sector=45136, nr_sectors = 16 limit=40427
[  235.347610][T10384] syz.0.1710: attempt to access beyond end of device
[  235.347610][T10384] loop0: rw=2049, sector=45152, nr_sectors = 8 limit=40427
[  235.355096][T10384] syz.0.1710: attempt to access beyond end of device
[  235.355096][T10384] loop0: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[  235.360655][T10384] syz.0.1710: attempt to access beyond end of device
[  235.360655][T10384] loop0: rw=2049, sector=45168, nr_sectors = 8 limit=40427
[  235.366196][T10384] syz.0.1710: attempt to access beyond end of device
[  235.366196][T10384] loop0: rw=2049, sector=45176, nr_sectors = 8 limit=40427
[  235.494564][T10385] loop2: detected capacity change from 0 to 4096
[  235.506417][T10385] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  235.525262][T10385] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  235.539112][T10385] ntfs3(loop2): Failed to load $LogFile (-22).
[  235.669275][ T7860] CPU: 0 UID: 0 PID: 7860 Comm: kworker/u9:10 Not tainted syzkaller #0 PREEMPT(full) 
[  235.669297][ T7860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  235.669306][ T7860] Workqueue: writeback wb_workfn (flush-7:0)
[  235.669329][ T7860] Call Trace:
[  235.669336][ T7860]  <TASK>
[  235.669342][ T7860]  dump_stack_lvl+0x189/0x250
[  235.669364][ T7860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.669381][ T7860]  ? __pfx_queue_work_on+0x10/0x10
[  235.669394][ T7860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  235.669414][ T7860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  235.669443][ T7860]  f2fs_handle_critical_error+0x37c/0x540
[  235.669469][ T7860]  f2fs_write_end_io+0x886/0xb60
[  235.669500][ T7860]  __submit_merged_bio+0x27a/0x6a0
[  235.669531][ T7860]  __submit_merged_write_cond+0x255/0x530
[  235.669557][ T7860]  f2fs_write_data_pages+0x261d/0x3000
[  235.669609][ T7860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  235.669642][ T7860]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  235.669689][ T7860]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  235.669720][ T7860]  ? trace_f2fs_writepages+0x7f/0x200
[  235.669739][ T7860]  ? f2fs_write_node_pages+0x478/0x6e0
[  235.669762][ T7860]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  235.669793][ T7860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  235.669814][ T7860]  do_writepages+0x32e/0x550
[  235.669836][ T7860]  ? reacquire_held_locks+0x127/0x1d0
[  235.669848][ T7860]  ? writeback_sb_inodes+0x384/0x1010
[  235.669871][ T7860]  __writeback_single_inode+0x145/0xff0
[  235.669905][ T7860]  ? do_raw_spin_unlock+0x4d/0x240
[  235.669925][ T7860]  writeback_sb_inodes+0x6c7/0x1010
[  235.669969][ T7860]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  235.670051][ T7860]  ? rcu_is_watching+0x15/0xb0
[  235.670076][ T7860]  wb_writeback+0x43b/0xaf0
[  235.670102][ T7860]  ? queue_io+0x331/0x590
[  235.670122][ T7860]  ? __pfx_wb_writeback+0x10/0x10
[  235.670147][ T7860]  ? _raw_spin_unlock_irq+0x23/0x50
[  235.670170][ T7860]  wb_workfn+0x409/0xef0
[  235.670198][ T7860]  ? __pfx_wb_workfn+0x10/0x10
[  235.670218][ T7860]  ? __lock_acquire+0xab9/0xd20
[  235.670246][ T7860]  ? process_scheduled_works+0x9ef/0x17b0
[  235.670266][ T7860]  ? _raw_spin_unlock_irq+0x23/0x50
[  235.670281][ T7860]  ? process_scheduled_works+0x9ef/0x17b0
[  235.670293][ T7860]  ? process_scheduled_works+0x9ef/0x17b0
[  235.670308][ T7860]  process_scheduled_works+0xae1/0x17b0
[  235.670350][ T7860]  ? __pfx_process_scheduled_works+0x10/0x10
[  235.670381][ T7860]  worker_thread+0x8a0/0xda0
[  235.670421][ T7860]  kthread+0x711/0x8a0
[  235.670441][ T7860]  ? __pfx_worker_thread+0x10/0x10
[  235.670454][ T7860]  ? __pfx_kthread+0x10/0x10
[  235.670472][ T7860]  ? _raw_spin_unlock_irq+0x23/0x50
[  235.670489][ T7860]  ? lockdep_hardirqs_on+0x9c/0x150
[  235.670506][ T7860]  ? __pfx_kthread+0x10/0x10
[  235.670523][ T7860]  ret_from_fork+0x3fc/0x770
[  235.670546][ T7860]  ? __pfx_ret_from_fork+0x10/0x10
[  235.670566][ T7860]  ? __switch_to_asm+0x39/0x70
[  235.670583][ T7860]  ? __switch_to_asm+0x33/0x70
[  235.670598][ T7860]  ? __pfx_kthread+0x10/0x10
[  235.670616][ T7860]  ret_from_fork_asm+0x1a/0x30
[  235.670649][ T7860]  </TASK>
[  235.670656][ T7860] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  235.807777][ T5849] Bluetooth: hci1: command tx timeout
[  235.914608][T10391] loop2: detected capacity change from 0 to 4096
[  235.922406][T10391] NILFS (loop2): mounting unchecked fs
[  235.930386][T10391] NILFS (loop2): recovery required for readonly filesystem
[  235.932910][T10391] NILFS (loop2): write access will be enabled during recovery
[  235.945882][T10391] NILFS (loop2): invalid segment: Checksum error in super root
[  235.949367][T10391] NILFS (loop2): error -22 while loading super root
[  236.208281][T10397] blk_print_req_error: 33 callbacks suppressed
[  236.208297][T10397] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.218268][T10397] buffer_io_error: 46 callbacks suppressed
[  236.218281][T10397] Buffer I/O error on dev nbd0, logical block 0, async page read
[  236.224006][T10397] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.227515][T10397] Buffer I/O error on dev nbd0, logical block 1, async page read
[  236.231228][T10397] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.235040][T10397] Buffer I/O error on dev nbd0, logical block 2, async page read
[  236.240417][T10397] Buffer I/O error on dev nbd0, logical block 3, async page read
[  236.243255][T10397] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.246445][T10397] Buffer I/O error on dev nbd0, logical block 0, async page read
[  236.252398][T10397] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.256431][T10397] Buffer I/O error on dev nbd0, logical block 1, async page read
[  236.260599][T10397] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.264316][T10397] Buffer I/O error on dev nbd0, logical block 2, async page read
[  236.267649][T10397] Buffer I/O error on dev nbd0, logical block 3, async page read
[  236.271847][T10397] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.275655][T10397] Buffer I/O error on dev nbd0, logical block 0, async page read
[  236.279502][T10397] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.283265][T10397] Buffer I/O error on dev nbd0, logical block 1, async page read
[  236.286607][T10397] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.290930][T10397] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  236.296338][T10397] ldm_validate_partition_table(): Disk read failed.
[  236.303619][T10397] Dev nbd0: unable to read RDB block 0
[  236.306437][T10395] loop2: detected capacity change from 0 to 32768
[  236.308213][T10397]  nbd0: unable to read partition table
[  236.313755][T10395] 
[  236.313755][T10395]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.313755][T10395] 
[  236.324077][T10395] 
[  236.324077][T10395]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.324077][T10395] 
[  236.330675][T10395] 
[  236.330675][T10395]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.330675][T10395] 
[  236.333986][T10395] 
[  236.333986][T10395]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.333986][T10395] 
[  236.337254][T10395] 
[  236.337254][T10395]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.337254][T10395] 
[  236.349044][  T116] 
[  236.349044][  T116]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.349044][  T116] 
[  236.356446][T10397] nbd0: partition table beyond EOD, truncated
[  236.360553][T10397] MINIX-fs: unable to read superblock
[  236.361113][ T5853] 
[  236.361113][ T5853]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.361113][ T5853] 
[  236.370535][ T5853] 
[  236.370535][ T5853]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.370535][ T5853] 
[  236.646196][T10399] loop0: detected capacity change from 0 to 40427
[  236.655117][T10399] F2FS-fs (loop0): invalid crc value
[  236.717298][T10399] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  236.720560][T10399] F2FS-fs (loop0): Start checkpoint disabled!
[  236.724960][T10399] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  236.765258][   T40] CPU: 1 UID: 0 PID: 40 Comm: kworker/u10:2 Not tainted syzkaller #0 PREEMPT(full) 
[  236.765281][   T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  236.765291][   T40] Workqueue: writeback wb_workfn (flush-7:0)
[  236.765312][   T40] Call Trace:
[  236.765318][   T40]  <TASK>
[  236.765323][   T40]  dump_stack_lvl+0x189/0x250
[  236.765344][   T40]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.765358][   T40]  ? __pfx_queue_work_on+0x10/0x10
[  236.765370][   T40]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  236.765395][   T40]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  236.765422][   T40]  f2fs_handle_critical_error+0x37c/0x540
[  236.765449][   T40]  f2fs_write_end_io+0x886/0xb60
[  236.765479][   T40]  __submit_merged_bio+0x27a/0x6a0
[  236.765502][   T40]  __submit_merged_write_cond+0x255/0x530
[  236.765525][   T40]  f2fs_write_data_pages+0x261d/0x3000
[  236.765572][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  236.765604][   T40]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  236.765649][   T40]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  236.765679][   T40]  ? trace_f2fs_writepages+0x7f/0x200
[  236.765696][   T40]  ? f2fs_write_node_pages+0x478/0x6e0
[  236.765717][   T40]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  236.765747][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  236.765767][   T40]  do_writepages+0x32e/0x550
[  236.765791][   T40]  ? reacquire_held_locks+0x127/0x1d0
[  236.765805][   T40]  ? writeback_sb_inodes+0x384/0x1010
[  236.765828][   T40]  __writeback_single_inode+0x145/0xff0
[  236.765843][   T40]  ? do_raw_spin_unlock+0x4d/0x240
[  236.765862][   T40]  writeback_sb_inodes+0x6c7/0x1010
[  236.765900][   T40]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  236.765976][   T40]  ? rcu_is_watching+0x15/0xb0
[  236.766000][   T40]  wb_writeback+0x43b/0xaf0
[  236.766023][   T40]  ? queue_io+0x331/0x590
[  236.766041][   T40]  ? __pfx_wb_writeback+0x10/0x10
[  236.766063][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.766084][   T40]  wb_workfn+0x409/0xef0
[  236.766111][   T40]  ? __pfx_wb_workfn+0x10/0x10
[  236.766131][   T40]  ? __lock_acquire+0xab9/0xd20
[  236.766160][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  236.766179][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.766193][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  236.766204][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  236.766218][   T40]  process_scheduled_works+0xae1/0x17b0
[  236.766255][   T40]  ? __pfx_process_scheduled_works+0x10/0x10
[  236.766284][   T40]  worker_thread+0x8a0/0xda0
[  236.766324][   T40]  kthread+0x711/0x8a0
[  236.766344][   T40]  ? __pfx_worker_thread+0x10/0x10
[  236.766355][   T40]  ? __pfx_kthread+0x10/0x10
[  236.766372][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.766392][   T40]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.766408][   T40]  ? __pfx_kthread+0x10/0x10
[  236.766424][   T40]  ret_from_fork+0x3fc/0x770
[  236.766440][   T40]  ? __pfx_ret_from_fork+0x10/0x10
[  236.766461][   T40]  ? __switch_to_asm+0x39/0x70
[  236.766477][   T40]  ? __switch_to_asm+0x33/0x70
[  236.766492][   T40]  ? __pfx_kthread+0x10/0x10
[  236.766509][   T40]  ret_from_fork_asm+0x1a/0x30
[  236.766538][   T40]  </TASK>
[  236.766544][   T40] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  236.891895][   T24] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  237.038638][   T24] usb 3-1: Using ep0 maxpacket: 8
[  237.042075][   T24] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  237.045937][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  237.049508][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  237.052634][   T24] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  237.056736][   T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  237.062135][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.237022][   T40] CPU: 1 UID: 0 PID: 40 Comm: kworker/u10:2 Not tainted syzkaller #0 PREEMPT(full) 
[  237.237044][   T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  237.237053][   T40] Workqueue: writeback wb_workfn (flush-7:3)
[  237.237075][   T40] Call Trace:
[  237.237080][   T40]  <TASK>
[  237.237087][   T40]  dump_stack_lvl+0x189/0x250
[  237.237125][   T40]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.237140][   T40]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  237.237159][   T40]  ? __pfx_queue_work_on+0x10/0x10
[  237.237173][   T40]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  237.237190][   T40]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  237.237219][   T40]  f2fs_handle_critical_error+0x37c/0x540
[  237.237245][   T40]  f2fs_write_end_io+0x886/0xb60
[  237.237276][   T40]  __submit_merged_bio+0x27a/0x6a0
[  237.237301][   T40]  __submit_merged_write_cond+0x255/0x530
[  237.237327][   T40]  f2fs_write_data_pages+0x261d/0x3000
[  237.237384][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.237417][   T40]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  237.237466][   T40]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  237.237485][   T40]  ? look_up_lock_class+0x74/0x170
[  237.237513][   T40]  ? trace_f2fs_writepages+0x7f/0x200
[  237.237534][   T40]  ? f2fs_write_node_pages+0x478/0x6e0
[  237.237557][   T40]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  237.237588][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.237609][   T40]  do_writepages+0x32e/0x550
[  237.237632][   T40]  ? reacquire_held_locks+0x127/0x1d0
[  237.237646][   T40]  ? writeback_sb_inodes+0x384/0x1010
[  237.237671][   T40]  __writeback_single_inode+0x145/0xff0
[  237.237688][   T40]  ? do_raw_spin_unlock+0x4d/0x240
[  237.237710][   T40]  writeback_sb_inodes+0x6c7/0x1010
[  237.237733][   T40]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  237.237768][   T40]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  237.237839][   T40]  wb_writeback+0x43b/0xaf0
[  237.237864][   T40]  ? queue_io+0x331/0x590
[  237.237884][   T40]  ? __pfx_wb_writeback+0x10/0x10
[  237.237935][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.237958][   T40]  wb_workfn+0x409/0xef0
[  237.237988][   T40]  ? __pfx_wb_workfn+0x10/0x10
[  237.238007][   T40]  ? __lock_acquire+0xab9/0xd20
[  237.238036][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  237.238056][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.238072][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  237.238083][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  237.238098][   T40]  process_scheduled_works+0xae1/0x17b0
[  237.238140][   T40]  ? __pfx_process_scheduled_works+0x10/0x10
[  237.238171][   T40]  worker_thread+0x8a0/0xda0
[  237.238211][   T40]  kthread+0x711/0x8a0
[  237.238231][   T40]  ? __pfx_worker_thread+0x10/0x10
[  237.238244][   T40]  ? __pfx_kthread+0x10/0x10
[  237.238262][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.238278][   T40]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.238295][   T40]  ? __pfx_kthread+0x10/0x10
[  237.238311][   T40]  ret_from_fork+0x3fc/0x770
[  237.238328][   T40]  ? __pfx_ret_from_fork+0x10/0x10
[  237.238352][   T40]  ? __switch_to_asm+0x39/0x70
[  237.238367][   T40]  ? __switch_to_asm+0x33/0x70
[  237.238380][   T40]  ? __pfx_kthread+0x10/0x10
[  237.238396][   T40]  ret_from_fork_asm+0x1a/0x30
[  237.238426][   T40]  </TASK>
[  237.360366][    C1] vkms_vblank_simulate: vblank timer overrun
[  237.388844][   T24] usb 3-1: GET_CAPABILITIES returned 0
[  237.391193][   T24] usbtmc 3-1:16.0: can't read capabilities
[  237.409577][   T40] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  237.587149][    C0] usbtmc 3-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  237.592841][T10401] usbtmc 3-1:16.0: Unable to send data, error -71
[  237.597170][ T5888] usb 3-1: USB disconnect, device number 31
[  237.836739][T10425] netlink: 'syz.3.1729': attribute type 13 has an invalid length.
[  237.859456][ T5849] Bluetooth: hci1: command tx timeout
[  237.989945][T10420] loop0: detected capacity change from 0 to 32768
[  237.994178][T10420] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1728 (10420)
[  238.009000][T10420] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  238.012778][T10420] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  238.032327][T10436] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1732'.
[  238.103347][T10420] BTRFS info (device loop0): rebuilding free space tree
[  238.124935][T10420] BTRFS info (device loop0): disabling free space tree
[  238.130913][T10420] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  238.140550][T10420] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  238.172702][T10420] BTRFS info (device loop0): enabling ssd optimizations
[  238.175271][T10420] BTRFS info (device loop0): force clearing of disk cache
[  238.182181][T10420] BTRFS info (device loop0): enabling auto defrag
[  238.184352][T10420] BTRFS info (device loop0): doing ref verification
[  238.497120][ T5848] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  238.933590][T10482] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1747'.
[  239.470569][ T5888] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  239.504935][   T33] audit: type=1326 audit(1757319602.557:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10522 comm="syz.3.1765" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0083b8ebe9 code=0x7ffc0000
[  239.515327][   T33] audit: type=1326 audit(1757319602.557:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10522 comm="syz.3.1765" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0083b8ebe9 code=0x7ffc0000
[  239.529774][   T33] audit: type=1326 audit(1757319602.567:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10522 comm="syz.3.1765" exe="/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f0083b8ebe9 code=0x7ffc0000
[  239.575978][   T33] audit: type=1326 audit(1757319602.627:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10522 comm="syz.3.1765" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0083b8ebe9 code=0x7ffc0000
[  239.584573][   T33] audit: type=1326 audit(1757319602.627:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10522 comm="syz.3.1765" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0083b8ebe9 code=0x7ffc0000
[  239.635716][ T5888] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  239.645817][ T5888] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  239.662953][ T5888] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  239.668491][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.686170][T10517] loop2: detected capacity change from 0 to 32768
[  239.702428][T10517] bcachefs (/dev/loop2): error reading default superblock: Unsupported superblock version 0.0: (unknown version) (min 0.9: (unknown version), max 1.28: inode_has_case_insensitive)
[  239.745567][T10517] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: wrong size (got 8 should be 24)
[  239.745567][T10517] clean (size 8):
[  239.745567][T10517] flags:          0
[  239.745567][T10517] journal_seq:    0
[  239.745567][T10517] 
[  239.766803][T10517] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  239.885388][ T5888] usb 1-1: usb_control_msg returned -32
[  239.887705][ T5888] usbtmc 1-1:16.0: can't read capabilities
[  240.357910][T10556] Bluetooth: Invalid esc byte 0x02
[  240.659683][ T5946] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  240.810723][ T5849] Bluetooth: hci1: command tx timeout
[  240.820242][ T5946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  240.824555][ T5946] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  240.828219][ T5946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  240.832365][ T5946] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  240.836478][ T5946] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  240.840517][ T5946] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.845311][ T5946] usb 4-1: config 0 descriptor??
[  241.055902][ T5946] hdpvr 4-1:0.0: firmware version 0x8 dated )˟=J+noKܐo5foɠObL
[  241.158490][ T5888] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  241.259538][ T5946] hdpvr 4-1:0.0: device init failed
[  241.262466][ T5946] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  241.275894][ T5946] usb 4-1: USB disconnect, device number 2
[  241.328533][ T5888] usb 3-1: Using ep0 maxpacket: 16
[  241.332916][ T5888] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  241.336900][ T5888] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  241.345690][ T5888] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  241.349503][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.352708][ T5888] usb 3-1: Product: syz
[  241.354355][ T5888] usb 3-1: Manufacturer: syz
[  241.356268][ T5888] usb 3-1: SerialNumber: syz
[  241.577344][ T5888] usb 3-1: 0:2 : does not exist
[  241.581352][ T5888] usb 3-1: unit 9 not found!
[  241.586147][ T5888] usb 3-1: 4:0: cannot get min/max values for control 1 (id 4)
[  241.592163][ T5888] usb 3-1: 4:0: cannot get min/max values for control 2 (id 4)
[  241.597371][ T5888] usb 3-1: 4:0: cannot get min/max values for control 3 (id 4)
[  241.606126][ T5888] usb 3-1: USB disconnect, device number 32
[  241.629603][ T8169] udevd[8169]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  241.810468][T10574] loop3: detected capacity change from 0 to 512
[  241.817299][T10574] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  241.829718][T10574] EXT4-fs (loop3): mount failed
[  242.211319][ T5914] usb 1-1: USB disconnect, device number 26
[  242.291069][ T5946] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  242.360369][ T5888] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  242.384601][T10597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'.
[  242.388285][T10597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1801'.
[  242.441051][ T5946] usb 4-1: Using ep0 maxpacket: 8
[  242.444861][ T5946] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  242.451848][ T5946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  242.458947][ T5946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  242.470842][ T5946] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  242.476954][ T5946] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.483504][ T5946] usb 4-1: Product: syz
[  242.485826][ T5946] usb 4-1: Manufacturer: syz
[  242.488817][ T5946] usb 4-1: SerialNumber: syz
[  242.492915][T10601] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1803'.
[  242.496980][ T5946] usb 4-1: config 0 descriptor??
[  242.504893][ T5946] streamzap 4-1:0.0: streamzap_probe: endpoint Max Packet Size is 0!?!
[  242.538945][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.543094][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.546833][ T5888] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  242.562763][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.576173][ T5888] usb 3-1: config 0 descriptor??
[  242.722568][   T96] usb 4-1: USB disconnect, device number 3
[  243.103365][ T5888] hid-steam 0003:28DE:1142.000F: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  243.158489][ T5888] hid-steam 0003:28DE:1142.000F: Steam wireless receiver connected
[  243.161715][ T5888] hid-steam 0003:28DE:1142.000F: No HID_FEATURE_REPORT submitted -  nothing to read
[  243.179333][ T5888] hid-steam 0003:28DE:1142.0010: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  243.508570][ T5888] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  243.678911][ T5888] usb 4-1: Using ep0 maxpacket: 8
[  243.686628][ T5888] usb 4-1: unable to get BOS descriptor or descriptor too short
[  243.696037][ T5888] usb 4-1: config 4 interface 0 has no altsetting 0
[  243.704180][ T5888] usb 4-1: string descriptor 0 read error: -22
[  243.706971][ T5888] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  243.711031][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.727578][ T5888] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  243.745914][ T5888] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  243.758304][ T5888] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  243.763928][ T5888] usb 4-1: media controller created
[  243.775158][T10621] syz.0.1811 uses old SIOCAX25GETINFO
[  243.805910][ T5888] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  243.847852][T10623] batadv_slave_0: entered promiscuous mode
[  243.854952][T10622] batadv_slave_0: left promiscuous mode
[  243.911365][T10625] loop0: detected capacity change from 0 to 1024
[  243.926391][ T5888] zl10353_read_register: readreg error (reg=127, ret==0)
[  243.933024][T10625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.933122][T10625] ext4 filesystem being mounted at /583/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.983364][ T5888] usb 4-1: USB disconnect, device number 4
[  244.036055][ T1089] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u10:4: bg 0: block 393: padding at end of block bitmap is not set
[  244.052125][ T1089] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28
[  244.057331][ T1089] EXT4-fs (loop0): This should not happen!! Data will be lost
[  244.057331][ T1089] 
[  244.061643][ T1089] EXT4-fs (loop0): Total free blocks count 0
[  244.064002][ T1089] EXT4-fs (loop0): Free/Dirty block details
[  244.066413][ T1089] EXT4-fs (loop0): free_blocks=0
[  244.070121][ T1089] EXT4-fs (loop0): dirty_blocks=0
[  244.072865][ T1089] EXT4-fs (loop0): Block reservation details
[  244.075287][ T1089] EXT4-fs (loop0): i_reserved_data_blocks=0
[  244.080545][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.312522][T10638] loop0: detected capacity change from 0 to 128
[  244.495401][T10644] loop0: detected capacity change from 0 to 2048
[  244.509373][T10644] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  244.515700][T10644] UDF-fs: Scanning with blocksize 512 failed
[  244.524145][T10644] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  244.797553][T10654] 9pnet_fd: Insufficient options for proto=fd
[  245.203919][ T6008] kernel read not supported for file /snd/controlC0 (pid: 6008 comm: kworker/0:5)
[  245.327930][ T5914] usb 3-1: USB disconnect, device number 33
[  245.415461][ T5914] hid-steam 0003:28DE:1142.000F: Steam wireless receiver disconnected
[  245.470707][T10656] loop0: detected capacity change from 0 to 40427
[  245.488301][T10656] F2FS-fs (loop0): Image doesn't support compression
[  245.491395][T10656] F2FS-fs (loop0): build fault injection rate: 690
[  245.533543][T10656] F2FS-fs (loop0): invalid crc value
[  245.594991][T10656] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  245.599924][T10656] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  245.622437][   T33] audit: type=1800 audit(1757319608.677:78): pid=10656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1827" name="file1" dev="loop0" ino=10 res=0 errno=0
[  245.638263][ T5848] bio_check_eod: 179 callbacks suppressed
[  245.638292][ T5848] syz-executor: attempt to access beyond end of device
[  245.638292][ T5848] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  245.652005][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  245.652021][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  245.652028][ T5848] Call Trace:
[  245.652032][ T5848]  <TASK>
[  245.652037][ T5848]  dump_stack_lvl+0x189/0x250
[  245.652057][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.652069][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  245.652079][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  245.652094][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.652115][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  245.652134][ T5848]  f2fs_write_end_io+0x886/0xb60
[  245.652157][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  245.652200][ T5848]  __submit_merged_write_cond+0x255/0x530
[  245.652222][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  245.652258][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  245.652310][ T5848]  ? folios_put_refs+0x559/0x640
[  245.652328][ T5848]  ? __pfx_folios_put_refs+0x10/0x10
[  245.652338][ T5848]  ? rcu_is_watching+0x15/0xb0
[  245.652354][ T5848]  ? __lock_acquire+0xab9/0xd20
[  245.652379][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  245.652394][ T5848]  do_writepages+0x32e/0x550
[  245.652415][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  245.652430][ T5848]  filemap_fdatawrite+0x199/0x240
[  245.652443][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  245.652492][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  245.652506][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  245.652527][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  245.652553][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  245.652595][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  245.652608][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  245.652622][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  245.652631][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  245.652650][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  245.652662][ T5848]  deactivate_locked_super+0xbc/0x130
[  245.652676][ T5848]  cleanup_mnt+0x425/0x4c0
[  245.652688][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.652705][ T5848]  task_work_run+0x1d4/0x260
[  245.652720][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  245.652731][ T5848]  ? __x64_sys_umount+0x122/0x160
[  245.652747][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  245.652764][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  245.652778][ T5848]  do_syscall_64+0x2bd/0x3b0
[  245.652787][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.652800][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.652810][ T5848]  ? exc_page_fault+0x9f/0xf0
[  245.652824][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.652833][ T5848] RIP: 0033:0x7f779f58ff17
[  245.652844][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  245.652852][ T5848] RSP: 002b:00007ffdbb5c2c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  245.652863][ T5848] RAX: 0000000000000000 RBX: 00007f779f611c05 RCX: 00007f779f58ff17
[  245.652870][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbb5c2d10
[  245.652876][ T5848] RBP: 00007ffdbb5c2d10 R08: 0000000000000000 R09: 0000000000000000
[  245.652881][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbb5c3da0
[  245.652887][ T5848] R13: 00007f779f611c05 R14: 000000000003bd09 R15: 00007ffdbb5c3de0
[  245.652906][ T5848]  </TASK>
[  245.652910][ T5848] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  245.672541][ T5888] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  245.849438][ T5914] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  245.948457][ T5888] usb 4-1: too many configurations: 151, using maximum allowed: 8
[  245.964405][ T5888] usb 4-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  245.967697][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  245.970913][ T5888] usb 4-1: Product: syz
[  245.972637][ T5888] usb 4-1: Manufacturer: syz
[  245.974240][ T5888] usb 4-1: SerialNumber: syz
[  245.978036][ T5888] usb 4-1: config 0 descriptor??
[  245.998481][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  246.003593][ T5914] usb 3-1: config 3 has an invalid interface number: 45 but max is 0
[  246.006503][ T5914] usb 3-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  246.018270][ T5914] usb 3-1: config 3 has no interface number 0
[  246.021110][ T5914] usb 3-1: config 3 interface 45 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  246.026827][ T5914] usb 3-1: config 3 interface 45 has no altsetting 0
[  246.032715][ T5914] usb 3-1: New USB device found, idVendor=0582, idProduct=e6ca, bcdDevice=d3.0b
[  246.036422][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.039667][ T5914] usb 3-1: Product: syz
[  246.041406][ T5914] usb 3-1: Manufacturer: syz
[  246.043045][ T5914] usb 3-1: SerialNumber: syz
[  246.195993][ T5888] ims_pcu 4-1:0.0: Zero length descriptor
[  246.198269][ T5888] ims_pcu 4-1:0.0: probe with driver ims_pcu failed with error -22
[  246.212660][ T5888] usb 4-1: USB disconnect, device number 5
[  246.262251][ T5914] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  246.281010][ T5914] usb 3-1: USB disconnect, device number 34
[  246.323407][ T8173] udevd[8173]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:3.45/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  246.428713][   T96] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  246.580609][   T96] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.584945][   T96] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.589689][   T96] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  246.593743][   T96] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.601718][   T96] usb 1-1: config 0 descriptor??
[  246.784832][T10694] loop3: detected capacity change from 0 to 256
[  246.788068][T10694] exfat: Unknown parameter 'nase'
[  246.973555][T10698] loop3: detected capacity change from 0 to 4096
[  246.977307][T10698] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  247.011123][T10698] ntfs3(loop3): Failed to load $Extend (-22).
[  247.014375][T10700] net_ratelimit: 3322 callbacks suppressed
[  247.014434][T10700] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  247.020419][T10698] ntfs3(loop3): Failed to initialize $Extend.
[  247.063839][   T96] sony 0003:054C:0268.0011: hiddev0,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0
[  247.070972][   T96] sony 0003:054C:0268.0011: failed to claim input
[  247.184410][T10706] netlink: 'syz.3.1846': attribute type 2 has an invalid length.
[  247.244485][ T5888] usb 1-1: USB disconnect, device number 27
[  247.814171][T10734] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1860'.
[  247.898297][T10722] loop2: detected capacity change from 0 to 32768
[  247.909882][T10722] (syz.2.1854,10722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  247.917754][T10722] (syz.2.1854,10722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  248.306018][T10722] JBD2: Ignoring recovery information on journal
[  248.357575][T10722] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  248.441497][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  248.503374][T10741] loop0: detected capacity change from 0 to 32768
[  248.575049][T10741] read_mapping_page failed!
[  248.591023][T10741] ERROR: (device loop0): txCommit: 
[  248.591023][T10741] 
[  248.654696][  T117] BUG at fs/jfs/jfs_txnmgr.c:931 assert(mp->nohomeok > 0)
[  248.657843][  T117] ------------[ cut here ]------------
[  248.660539][  T117] kernel BUG at fs/jfs/jfs_txnmgr.c:931!
[  248.672323][  T117] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  248.674693][  T117] CPU: 0 UID: 0 PID: 117 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  248.678195][  T117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  248.682079][  T117] RIP: 0010:txUnlock+0xdaf/0xdf0
[  248.684000][  T117] Code: e5 fd 90 0f 0b e8 01 23 7d fe 48 c7 c7 20 1d c4 8b 48 c7 c6 19 19 c4 8b ba a3 03 00 00 48 c7 c1 20 2a c4 8b e8 72 14 e5 fd 90 <0f> 0b e8 da 22 7d fe 48 c7 c7 20 1d c4 8b 48 c7 c6 19 19 c4 8b ba
[  248.691310][  T117] RSP: 0018:ffffc9000250fbc8 EFLAGS: 00010246
[  248.693798][  T117] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 20ada86296cae700
[  248.696821][  T117] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  248.699845][  T117] RBP: ffffc90002062240 R08: ffffc9000250f8e7 R09: 1ffff920004a1f1c
[  248.702934][  T117] R10: dffffc0000000000 R11: fffff520004a1f1d R12: dffffc0000000000
[  248.706049][  T117] R13: 1ffff11004fb99c7 R14: ffff888027dcce38 R15: 0000000000000000
[  248.709096][  T117] FS:  0000000000000000(0000) GS:ffff8880b8618000(0000) knlGS:0000000000000000
[  248.712549][  T117] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.715034][  T117] CR2: 0000001b32523ffc CR3: 0000000119bfc000 CR4: 00000000000006f0
[  248.717988][  T117] Call Trace:
[  248.719315][  T117]  <TASK>
[  248.720479][  T117]  ? lockdep_hardirqs_on+0x9c/0x150
[  248.722561][  T117]  jfs_lazycommit+0x584/0xa90
[  248.724375][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  248.726395][  T117]  ? __pfx_default_wake_function+0x10/0x10
[  248.728651][  T117]  ? __kthread_parkme+0x7b/0x200
[  248.730576][  T117]  ? __kthread_parkme+0x1a1/0x200
[  248.732601][  T117]  kthread+0x711/0x8a0
[  248.734250][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  248.736280][  T117]  ? __pfx_kthread+0x10/0x10
[  248.738158][  T117]  ? _raw_spin_unlock_irq+0x23/0x50
[  248.740232][  T117]  ? lockdep_hardirqs_on+0x9c/0x150
[  248.742265][  T117]  ? __pfx_kthread+0x10/0x10
[  248.744058][  T117]  ret_from_fork+0x3fc/0x770
[  248.745862][  T117]  ? __pfx_ret_from_fork+0x10/0x10
[  248.747899][  T117]  ? __switch_to_asm+0x39/0x70
[  248.749791][  T117]  ? __switch_to_asm+0x33/0x70
[  248.751562][  T117]  ? __pfx_kthread+0x10/0x10
[  248.753308][  T117]  ret_from_fork_asm+0x1a/0x30
[  248.755258][  T117]  </TASK>
[  248.756491][  T117] Modules linked in:
[  248.758541][  T117] ---[ end trace 0000000000000000 ]---
[  248.761593][  T117] RIP: 0010:txUnlock+0xdaf/0xdf0
[  248.763635][  T117] Code: e5 fd 90 0f 0b e8 01 23 7d fe 48 c7 c7 20 1d c4 8b 48 c7 c6 19 19 c4 8b ba a3 03 00 00 48 c7 c1 20 2a c4 8b e8 72 14 e5 fd 90 <0f> 0b e8 da 22 7d fe 48 c7 c7 20 1d c4 8b 48 c7 c6 19 19 c4 8b ba
[  248.771148][  T117] RSP: 0018:ffffc9000250fbc8 EFLAGS: 00010246
[  248.773540][  T117] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 20ada86296cae700
[  248.776499][  T117] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  248.779716][  T117] RBP: ffffc90002062240 R08: ffffc9000250f8e7 R09: 1ffff920004a1f1c
[  248.782819][  T117] R10: dffffc0000000000 R11: fffff520004a1f1d R12: dffffc0000000000
[  248.785874][  T117] R13: 1ffff11004fb99c7 R14: ffff888027dcce38 R15: 0000000000000000
[  248.788981][  T117] FS:  0000000000000000(0000) GS:ffff8880b8618000(0000) knlGS:0000000000000000
[  248.792454][  T117] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.794964][  T117] CR2: 0000001b32523ffc CR3: 0000000022c4e000 CR4: 00000000000006f0
[  248.798059][  T117] Kernel panic - not syncing: Fatal exception
[  248.801111][  T117] Kernel Offset: disabled
[  248.802831][  T117] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:03:07  Registers:
info registers vcpu 0

CPU#0
RAX=00000000b0114930 RBX=00000000000036b2 RCX=2d583c2226b9de00 RDX=00000000000000a3
RSI=ffffffff8be33860 RDI=ffffffff8be33820 RBP=0000000000000000 RSP=ffffc9000436f8c0
R8 =ffff888136641b47 R9 =1ffff11026cc8368 R10=dffffc0000000000 R11=ffffffff8b78a4a0
R12=000000000000e498 R13=0000000000000002 R14=000000a3b0112932 R15=000000a3b0114930
RIP=ffffffff8b78a4dc RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32523ffc CR3=0000000119bfc000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f XMM01=2f68637461772f76 6564752f6e75722f
XMM02=0000000000000000 ff0000000000ff00 XMM03=000000ff00000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=382d323263342d32 3831352d37643965
XMM06=373533396632785c 646975752d796266 XMM07=32785c6b73696466 32785c2f736b6e69
XMM08=00000000ffffffff 0000000000000000 XMM09=3662663064306239 622d323432382d32
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000065baef RBX=00007fd0b2b94540 RCX=0000000000000016 RDX=0000000000000000
RSI=0000000000000001 RDI=00007fd0b2b945e0 RBP=0000000000000102 RSP=00007fd0b2b944a0
R8 =00007fd0a7a00000 R9 =0000000000000000 R10=0000000000000000 R11=00007fd0b2b94550
R12=0000000000000001 R13=00007fd0b1e2da20 R14=0000000000000000 R15=00007fd0b2b945e0
RIP=00007fd0b1c50c38 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd0b2b956c0 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd0a805b000 CR3=000000010e78d000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=00007fd0b2b945a0 00007fd0b2b94580
XMM02=00007fd0b2b946e0 00007fd0b2b94560 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00007fd0b2b945a0 XMM05=0000000000000000 00007fd0b2b946e0
XMM06=00007fd0b2b946e0 00007fd0b2b94560 XMM07=00007fd0b2b945a0 00007fd0b2b94580
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 00007fd0b1e12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
