last executing test programs:

7m26.667264759s ago: executing program 1 (id=168):
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x3)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r0, 0x9, 0x0)

7m26.564035586s ago: executing program 1 (id=170):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000050000000400000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002500)={{r1}, &(0x7f0000002480), &(0x7f00000024c0)=r0}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000180), &(0x7f0000000040)=@udp=r2}, 0x20)

7m26.513437179s ago: executing program 1 (id=171):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000a00000008000300", @ANYRES32=r2, @ANYBLOB="05003901"], 0x44}}, 0x0)

7m26.513279243s ago: executing program 1 (id=172):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001100)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x1000420, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

7m26.389563736s ago: executing program 1 (id=175):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x21081e, &(0x7f00000009c0), 0x1, 0x515, &(0x7f00000010c0)="$eJzs3U9sHFcZAPBv1vHfuHVaegAEbWgLAUVZ25s2qnqAckIIVUL0CFJq7I1leddredelNjk4Z65IROIER44cOOfEnQuCG5dwQOKPFRQjcRg0s7Nhbe8mq8T2ut7fTxrNm3mT+b4XZ97zvs3uC2BkXY2IvYiYiIiPI2KuOJ8UW3zQ3rLrHu/fXT7Yv7ucRJp+9M8kr8/ORdefyVwu7jkVET/4TsSPk+Nxmzu760u1WnWrOJ5v1Tfnmzu7N9bqS6vV1epGpXJr8dbCezffrZxYW9+oTxSlLz/8w943fpqlNVuc6W7HSWo3ffxJnMyliPjeaQQbgrGiPRPDToTnUoqIVyPizfz5n4ux/KcJAFxkaToX6Vz3MQBw0ZXyObCkVC7mAmajVCqX23N4r8VMqdZotq7faWxvrLTnyq7EeOnOWq26UMwVXoqI7Hgxr8vrk+y4cuT4ZkS8EhE/n5zOj8vLjdrKMH/xAYARdvnI+P/vyfb4DwBccFPDTgAAOHPGfwAYPcZ/ABg9xn8AGD3t8X962GkAAGfI638AGD3GfwAYKd//8MNsSw+K779e+WRne73xyY2VanO9XN9eLi83tjbLq43Gav6dPfVn3a/WaGwuvhPbn1755mazNd/c2b1db2xvtG7n3+t9uzqeX7V3Bi0DAPp55Y0Hf06yEfn96XyLrrUcxoeaGXDaSsNOABiasWEnAAyN1b5gdL3Aa3zTA3BB9Fii95CpXh8QStM0Pb2UgFN27QuDzP8nA/QQwGdN1/y//wUMI8b8P4wu8/8wutI0GXTN/xj0QgDgfPP7P9Dn3b1Xi/1vijcHfrRy9Ir7p5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnG+d9X/LxVrgs1EqlcsRL0XElRhP7qzVqgsR8XJE/GlyfDI7XhxyzgDAiyr9LSnW/7o29/bsoarXLz8pTkTET3750S8+XWq1tv4YMZH8a7JzvnW/OF/pHeC0WwAAPF1nnM73XS/kH+/fXe5sZ5nP378dEVPt+Af7E3FQxN951FmbeCrGI2LmURLdaxUnXXMXL2LvXkR8vlf7k5jN50DaK58ejZ/FfulM45cOxS/lde199nfxuRPIBUbNg6z/+aDX81eKq/m+9/OfnT2JtdOL/i+71fJB3gf+P36n/xvr0/9dHTTGO7//brs0fbzuXsQXL0V0Yh909T+d+Emf+G8PGP8vX3r9zX516a8irkXv+N2x5lv1zfnmzu6NtfrSanW1ulGpjMWthfduvluZz+eo5/uPBv94//rL/eqy9s/0iT/1jPZ/dcD2//q/H//wK0+J//W3esUvxWtPiZ+NiV8bMP7SzO+m+tVl8Vf6tP9ZP//r/W6aHF5Q/OFfd48tGw4ADE9zZ3d9qVarbiko5IXfxrlIo3ch+yd7DtLoWfjWqdw5nTtWNRG9L/7ZW+1n+khVmj5X9H49xknMugHnwZOHPiL+M+xkAAAAAAAAAAAAAACAns7i01HDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX1/8CAAD//3ZK0g4=")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0x0, 0x0, &(0x7f00000000c0))

7m26.039036331s ago: executing program 1 (id=182):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @empty}], 0x1)

7m25.515752062s ago: executing program 32 (id=182):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @empty}], 0x1)

6m1.501216537s ago: executing program 2 (id=1037):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000001080)={0x200000, 0x200000, 0x0, 0x0, 0xf})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cc, 0x0)

6m1.421468747s ago: executing program 2 (id=1038):
r0 = timerfd_create(0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @sched_cls=0xd8238fb3b8c8ce5f, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "feeeff000000001b"})
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r2 = syz_open_pts(r1, 0x8182)
r3 = dup3(r2, r1, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x17)

6m0.552663299s ago: executing program 2 (id=1052):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x62d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x803, 0x2})

6m0.499806285s ago: executing program 2 (id=1053):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}, {@nomblk_io_submit}, {@auto_da_alloc}, {@minixdf}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

6m0.423045466s ago: executing program 2 (id=1054):
r0 = memfd_create(&(0x7f00000000c0)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$addseals(r0, 0x409, 0x6)

5m59.893833315s ago: executing program 2 (id=1059):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x41, 0x0)

5m59.536661182s ago: executing program 33 (id=1059):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x41, 0x0)

5m41.192269802s ago: executing program 0 (id=1245):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x4003000}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000300)={0x24, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0xfe, 0x1, {0x22, 0x5f4}}}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x2b)
ioctl$sock_inet_SIOCSARP(r2, 0x40806685, &(0x7f00000002c0)={{0x2, 0x4e21, @multicast2}, {0x0, @remote}, 0x8, {0x2, 0x0, @multicast2}, 'veth1_virt_wifi\x00'})

5m37.991923256s ago: executing program 0 (id=1276):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000040)={0x2})
dup3(r1, r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5m37.912174046s ago: executing program 0 (id=1277):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x80000000000004, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x1, @pix={0x5, 0x7, 0x59565955, 0x6, 0x9aa5, 0x6, 0x7, 0xf20e, 0x1, 0x0, 0x1, 0x7}})

5m37.911837933s ago: executing program 0 (id=1278):
syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000009740)='./file0\x00', 0x4000000, &(0x7f0000000140)={[{@filestreams}, {@noquota}, {@nouuid}, {@pquota}, {@bsdgroups}, {@dax}, {@sysvgroups}, {@attr2}, {@dax_always}]}, 0x1, 0x9799, &(0x7f0000009780)="$eJzs/QWcrWWhuH/Phg1sOgRBpKTEJCVEkQ5FlBQlBGlJARFQOpRQQRFQQQEF6e7uku7u7u54Pxs2qNsLDuf3nv/Bw3VdH/esWTFr7nV/n/tx1jzDWssuuOS8AwPjDLzdO6f/6Pw971pxqTEX3fCE3QffuO8uiz067OKR3z4Zd+5hp/MMO513YGBg0LD7GfT2ZYPnOv6EEQYGDwz93z8aY9TRRhhjYGC0YWeH3c/AbG+fjH7QO7d7c7h4oFMM/XY7v/3vrcYceidDP1l+pdfXGxgYGPJPXz90XDP82wOVtuw8Cy34D6t33UYYdvWgf1z31ungt/+NfsDAwOj7Dbz39jH0tiP909f+bzb0e44z1cDSd30I3/v/XMvOs9Aiw/kPXYsjDrtstqFrfPg1aGz47XyXJdd+eNgUDho2cYP/ab18GNv9/1PLzrPgogPvvY4HFltgi4fefGu/OXj+gYHBCwwMDF5wYGDwQh+2R/3P9KFufFVVVfWhNM+8Mw99zj7CcD8PDHnn51r6ufDi12a8b2Bg8GJvP08cvNI7zwWrqqqqqqqq6j+zeeadeT54/j/O+z3/n+K07cft+X9VVVVVVVXV/50WmWfemYc+1x/u+f9E7/f8/6lHjjjw7b/9n3u2t7/qjQ/3QVRVVVVVVVXV+7bgIvj8f4r3e/5/6fFTXNHz/6qqqqqqqqr/Oy3x5ptvbvVPr7M37OLp3rmenv+f8eAdK3xoA66qqqqqqqqq/3ZvPH7qmf94zffJBoZ7vfe3GvZ7gUFHn33VVR/aQP8zGvTvvw/Z+sMe0/+/DXUecugUAwPrLf1hD6U+hP7PvFZ9/X9S/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eUv7j2O/7/7+v9nHLvKO+8F/+lpZr7p1H985Vvv/T94sUUe3+ZDGvqH0Uf1+P/AWoMGBob5jrPWwMDAYvMssdR0AwMDp9408zRTD7x73exDr5tzvBHfeoP4d/4zkQXG5Tveesq3T4duKAPjv3sfR791/4u8uf+Ig4YbxD817okHHrjmsi/OMvzptO/9OEZ497MxT3jknf+WZYThbjTkPb74nft/57EM7zxs7NMNHfv0G6+7wfQbbbb5F9Zad+U1VltjtfXmmGnWGWeZY45ZZ51+9bXWWW2Gtz++15xN8dbH+T7InI0x/Jw9Ps8/z9nwj+295myK95+zt+5xj0uGfO2dORv835yz+d5/zqZYa9g3GnfukQZWemtuBg0MjDv/SAObDj0z4ygDA+MuMOy2Ew297VfGG2FgYLd/PNChn43y7jY4aOuht1l2wSXnfXs3NTDwj9N/9B7vZz/ysJHPPex0nmGn8779bcYZ+MemOHiu408YYehc/Mt0jDHqaCOMMTAw2rCzw+5nYI63T0Y77Z3bvcf7rA830LdeZmXnt/+91ZgDAwOjD/1kspXP2GHo1P8vvE/7/9P///+b1+yD3t0eBw37N+w2b3vNs9Ai//heb03D0Lkbcdhlsw01+R9+a/t/6d/GO8WQgSneZ7zv87o4b0Xb1zqnTrDt/9Tr4tB4J3qf8b7P6/i+53iXuW/vh9++q/+x8Q63r1v0rY9zf5B93cD77+tGpDtY7fJJh9/XfeO9h/gvu8t35miU4W70Xvu6ifaZfOuh9z/3++/rFh069pH+ZV83wsDAuPO9s68buuNbcKSB3YaemWnomYVGGjh46JmZ3zoz6sDZQ898cZX111l16AUL//t2MN2gf/kDTVhnCw63zgb902MfNNzfdw5++3T0A955D6f32G8OGvaw/st9BW2347zPeN/n/adwnodetuoxQyb4n3r/KRrvkPcf73u9X/Z7jnfXF8646394vO+us5H+aboW/iDrbIp/XWdDH+KI/7QyPujPYavC7d/+fKJ3722TLR9592eKkYa73//qZ4qF33+djbPWcF+3034Dg95vbhb6IHMzyb/tg7b557n5oD9vTTfV29eP+D5zM8ocK077ztyM/N+cm4X+u3Mz98CI/zo3gwcWGBgYmHrY/mHBDzI3E73/3HzQ7WY0uP3bn6/27kXz73Lohe/MzfBz8V/NzYL/3bmZ4t3tZuq3rptyhIGRRx7YdOWNN95wxrc/vnN2prc/vv8anP+DzOU4/zNzOfHg95rLf2yqY9x3xQH/xRr8t336O/c//393LgfencuBtYZfLPWfWr//c5e/u/zd5e8uf3f5u8tf3Hsc/3/39f/3GmfO3Yf9cmOkKyafcMcPe7wfch/p4//DfP/l+P+OE05+xQgD7173vsdn377Nf+Tx2dnePhn9oHduN/zxQR7oex+f3W+O2bb/Xzo++//UO2v1A/werv2/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9x7HP+f4Z2/A3hwxsWfGXYgdKRHt1tu8Q97vB9yH+nj/8N8/+X4/+LLbffoCAPvXve+x//fvo3j+P89ry6463/y8f931mrH/+u/KH93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yF/cex//nfufvAI44Yu/N3/l7gOvG3fnUD3u8H3If1eP/vf+/t/b/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3HDjv8PDPf2lt9uu8Dg+P//7d7Df/H8MYv/EvljFv8l88cs/kvlj1n8l84fs/gvkz9m8f9O/pjFf9n8MYv/d/PHLP7fyx+z+C+XP2bxXz5/zOK/Qv6YxX/F/DGL//fzxyz+K+WPWfxXzh+z+P8gf8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bx/2H+mMV/7fwxi/86+WMW/3Xzxyz+6+WPWfzXzx+z+G+QP2bx/1H+mMV/w/wxi/9G+WMW/43zxyz+P84fs/hvkj9m8f9J/pjFf9P8MYv/ZvljFv/N88cs/j/NH7P4/yx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/z/PHLP6/yB+z+O+UP2bx3zl/zOK/S/6YxX/X/DGL/y/zxyz+v8ofs/j/On/M4r9b/pjFf/f8MYv/b/LHLP6/zR+z+O+RP2bx/13+mMV/z/wxi/9e+WMW/73zxyz+v88fs/j/IX/M4v/H/DGL/z75Yxb/ffPHLP5/yh+z+P85f8ziv1/+mMV///wxi/8B+WMW/7/kj1n8/5o/ZvE/MH/M4n9Q/pjF/2/5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/j/PX/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjF//X8MYv/G/ljFv8388ck/oMG8scs/oPyxyz+I+SPWfxHzB+z+A/OH7P4j5Q/ZvEfOX/M4j9K/pjFf0j+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/j+WPWfzHzx+z+E+QP2bx/3j+mMV/wvwxi/9E+WMW/0/kj1n8J84fs/h/Mn/M4j9J/pjFf9L8MYv/ZPljFv/J88cs/lPkj1n8P5U/ZvGf8h3/IR/SuP5Ds/hP1frHLP5T549Z/KfJH7P4T5s/ZvH/dP6YxX+6/DGL/2fyxyz+n80fs/h/Ln/M4v/5/DGL/xfyxyz+X8wfs/hPnz9m8Z8hf8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+X8ofs/jPmj9m8Z8tf8ziP3v+mMV/jvwxi/+X88cs/nPmj1n8v5I/ZvH/av6YxX+u/DGL/9fyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/hfLHLP4L549Z/BfJH7P4fz1/zOL/jfwxi/+i+WMW/2/mj1n8F8sfs/h/K3/M4v/t/DGL/+L5Yxb/JfLHLP5L5o9Z/JfKH7P4L50/ZvFfJn/M4v+d/DGL/7L5Yxb/7+aPWfy/lz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/+/nj1n8V8ofs/ivnD9m8f9B/pjFf5X8MYv/qvljFv/V8scs/qvnj1n818gfs/ivmT9m8V8rf8zi/8P8MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8zi/6P8MYv/hvljFv+N8scs/hvnj1n8f5w/ZvHfJH/M4v+T/DGL/6b5Yxb/zfLHLP6b549Z/H+aP2bx/1n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/475Yxb/n+ePWfx/kT9m8d8pf8ziv3P+mMV/l/wxi/+u+WMW/1/mj1n8f5U/ZvH/df6YxX+3/DGL/+75Yxb/3+SPWfx/mz9m8d8jf8zi/7v8MYv/nvljFv+98scs/nvnj1n8f58/ZvH/Q/6Yxf+P+WMW/33yxyz+++aPWfz/lD9m8f9z/pjFf7/8MYv//vljFv8D8scs/n/JH7P4/zV/zOJ/YP6Yxf+g/DGL/9/+1f+B//Vx/Ydm8T+49Y9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj8m8X+r/P89if+gy/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv4j04UW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6YxP+tT/P/9yz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5Y9Z/MfPH7P4T5A/ZvH/eP6YxX/C/DGL/0T5Yxb/T+SPWfwnzh+z+H8yf8ziP0n+mMV/0vwxi/9k+WMW/8nzxyz+U+SPWfw/lT9m8Z8yf8ziP1X+mMV/6vwxi/80+WMW/2nzxyz+n84fs/hPlz9m8f9M/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/6fPHLP4z5I8NOn/PkQYGBj7y/jPmj1nW/0z5Yxb/mfPHLP6z5I9Z/L+UP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/L+ePWfznzB+z+H8lf8zi/9X8MYv/XPljFv+v5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/gvlj1n8F84fs/gvkj9m8f96/pjF/xv5Yxb/RfPHLP7fzB+z+C+WP2bx/1b+mMX/2/ljFv/F88cs/kvkj1n8l8wfs/gvlT9m8V86f8ziv0z+mMX/O/ljFv9l88cs/t/NH7P4fy9/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP7fzx+z+K+UP2bxXzl/zOL/g/yxj6j/kIHh/FfJH/uI+r/VP/uvmj9m8V8tf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+P8wfs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/w3yxyz+P8ofs/hvmD9m8d8of8ziv3H+mMX/x/ljFv9N8scs/j/JH7P4b5o/ZvHfLH/M4r95/pjF/6f5Yxb/n+WPWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/ef6Yxf8X+WMW/53yxyz+O+ePWfx3yR+z+O+aP2bx/2X+mMX/V/ljFv9f549Z/HfLH7P4754/ZvH/Tf6Yxf+3+WMW/z3yxyz+v8sfs/jvmT9m8d8rf8ziv3f+mMX/9/ljFv8/5I9Z/P+YP2bx3yd/zOK/b/6Yxf9P+WMW/z/nj1n898sfs/jvnz9m8T8gf8zi/5f8MYv/X/PHLP4H5o9Z/A/KH7P4/y1/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv+/549Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH7P4v54/ZvF/I3/M4v9m/pjEf8SB/DGL/6D8MYv/CPljFv8R88cs/oPzxyz+I+WPWfxHzh+z+I+SP2bxH5I/ZvEfNX/M4j9a/pjFf/T8MYv/GPljFv8x88cs/mPlj1n8x84fs/iPkz9m8R83f8ziP17+mMX/Y/ljFv/x88cs/hPkj1n8P54/ZvGfMH/M4j9R/pjF/xP5Yxb/ifPHLP6fzB+z+E+SP2bxnzR/zOI/Wf6YxX/y/DGL/xT5Yxb/T+WPWfynzB+z+E+VP2bxnzp/zOI/Tf6YxX/a/DGL/6fzxyz+0+WPWfw/kz9m8f9s/pjF/3P5Yxb/z+ePWfy/kD9m8f9i/pjFf/r8MYv/DPljFv8Z88cs/jPlj1n8Z84fs/jPkj9m8f9S/pjFf9b8MYv/bPljFv/Z88cs/nPkj1n8v5w/ZvGfM3/M4v+V/DGL/1fzxyz+c+WPWfy/lj9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfwXzB+z+C+UP2bxXzh/zOK/SP6Yxf/r+WMW/2/kj1n8F80fs/h/M3/M4r9Y/pjF/1v5Yxb/b+ePWfwXzx+z+C+RP2bxXzJ/zOK/VP6YxX/p/DGL/zL5Yxb/7+SPWfyXzR+z+H83f8zi/738MYv/cvljFv/l88cs/ivkj1n8V8wfs/h/P3/M4r9S/pjFf+X8MYv/D/LHLP6r5I9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjFf838MYv/WvljFv8f5o9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/BvljFv8f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/j/DGL/yb5Yxb/n+SPWfw3zR+z+G+WP2bx3zx/zOL/0/wxi//P8scs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P88f8zi/4v8MYv/TvljFv+d88cs/rvkj1n8d80fs/j/Mn/M4v+r/DGL/6/zxyz+u+WPWfx3zx+z+P8mf8zi/9v8MYv/HvljFv/f5Y9Z/PfMH7P475U/ZvHfO3/M4v/7/DGL/x/yxyz+f8wfs/jvkz9m8d83f8zi/6f8MYv/n/PHLP775Y9Z/PfPH7P4H5A/ZvH/S/6Yxf+v+WMW/wPzxyz+B+WPWfz/lj9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/9/zxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/7KPrP/K/+D+UP/bR9f/X9f9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHLP6v549Z/N/IH7P4v5k/JvEfPJA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8sf8ziP37+mMV/gvwxi//H88cs/hPmj1n8J8ofs/h/In/M4j9x/pjF/5P5Yxb/SfLHLP6T5o9Z/CfLH7P4T54/ZvGfIn/M4v+p/DGL/5T5Yxb/qfLHLP5T549Z/KfJH7P4T5s/ZvH/dP6YxX+6/DGL/2fyxyz+n80fs/h/Ln/M4v/5/DGL/xfyxyz+X8wfs/hPnz9m8Z8hf8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+X8ofs/jPmj9m8Z8tf8ziP3v+mMV/jvwxi/+X88cs/nPmj1n8v5I/ZvH/av6YxX+u/DGL/9fyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/hfLHLP4L549Z/BfJH7P4fz1/zOL/jfwxi/+i+WMW/2/mj1n8F8sfs/h/K3/M4v/t/DGL/+L5Yxb/JfLHLP5L5o9Z/JfKH7P4L50/ZvFfJn/M4v+d/DGL/7L5Yxb/7+aPWfy/lz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/+/nj1n8V8ofs/ivnD9m8f9B/pjFf5X8MYv/qvljFv/V8scs/qvnj1n818gfs/ivmT9m8V8rf8zi/8P8MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8zi/6P8MYv/hvljFv+N8scs/hvnj1n8f5w/ZvHfJH/M4v+T/DGL/6b5Yxb/zfLHLP6b549Z/H+aP2bx/1n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/475Yxb/n+ePWfx/kT9m8d8pf8ziv3P+mMV/l/wxi/+u+WMW/1/mj1n8f5U/ZvH/df6YxX+3/DGL/+75Yxb/3+SPWfx/mz9m8d8jf8zi/7v8MYv/nvljFv+98scs/nvnj1n8f58/ZvH/Q/6Yxf+P+WMW/33yxyz+++aPWfz/lD9m8f9z/pjFf7/8MYv//vljFv8D8scs/n/JH7P4/zV/zOJ/YP6Yxf+g/DGL/9/yxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvH/e/6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHLP5v5o9J/EcayB+z+A/KH7P4j5A/ZvEfMX/M4j84f8ziP1L+mMV/5Pwxi/8o+WMW/yH5Yxb/UfPHLP6j5Y9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8P5Y/ZvEfP3/M4j9B/pjF/+P5Yxb/CfPHLP4T5Y9Z/D+RP2bxnzh/zOL/yfwxi/8k+WMW/0nzxyz+k+WPWfwnzx+z+E+RP2bx/1T+mMV/yvwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+H86f8ziP13+mMX/M/ljFv/P5o9Z/D+XP2bx/3z+mMX/C/ljFv8v5o9Z/KfPH7P4z5A/ZvGfMX/M4j9T/pjFf+b8MYv/LPljFv8v5Y9Z/GfNH7P4z5Y/ZvGfPX/M4j9H/pjF/8v5Yxb/OfPHLP5fyR+z+H81f8ziP1f+mMX/a/ljFv+588cs/vPkj1n8580fG+Y/yrCzH1n/+fLHLOt//vwxi/8C+WMW/wXzxyz+C+WPWfwXzh+z+C+SP2bx/3r+mMX/G/ljFv9F88cs/t/MH7P4L5Y/ZvH/Vv6Yxf/b+WMW/8Xzxyz+S+SPWfyXzB+z+C+VP2bxXzp/zOK/TP6Yxf87+WMW/2Xzxyz+380fs/h/L3/M4r9c/pjFf/n8MYv/CvljFv8V88cs/t/PH7P4r5Q/ZvFfOX/M4v+D/DGL/yr5Yxb/VfPHLP6r5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjF/4f5Yxb/tfPHLP7r5I9Z/NfNH7P4r5c/ZvFfP3/M4r9B/pjF/0f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/zh/zOK/Sf6Yxf8n+WMW/03zxyz+m+WPWfw3zx+z+P80f8zi/7P8MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8d82f8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+P88fs/j/In/M4r9T/pjFf+f8MYv/LvljFv9d88cs/r/MH7P4/yp/zOL/6/wxi/9u+WMW/93zxyz+v8kfs/j/Nn/M4r9H/pjF/3f5Yxb/PfPHLP575Y9Z/PfOH7P4/z5/zOL/h/wxi/8f88cs/vvkj1n8980fs/j/KX/M4v/n/DGL/375Yxb//fPHLP4H5I9Z/P+SP2bx/2v+mMX/wPwxi/9B+WMW/7/lj1n8D84fs/gfkj9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/wvzxyz+F+WPWfwvzh+z+F+SP2bxvzR/zOL/9/wxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+T+I88kD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyx/zOI/fv6YxX+C/DGL/8fzxyz+E+aPWfwnyh+z+H8if8ziP3H+mMX/k/ljFv9J8scs/pPmj1n8J8sfs/hPnj9m8Z8if8zi/6n8MYv/lPljFv+p8scs/lPnj1n8p8kfs/hPmz9m8f90/pjFf7r8MYv/Z/LHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+E+fP2bxnyF/zOI/Y/6YxX+m/DGL/8z5Yxb/WfLHLP5fyh+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5fzxyz+c+aPWfy/kj9m8f9q/pjFf678MYv/1/LHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv+F8scs/gvnj1n8F8kfs/h/PX/M4v+N/DGL/6L5Yxb/b+aPWfwXyx+z+H8rf8zi/+38MYv/4vljFv8l8scs/kvmj1n8l8ofs/gvnT9m8V8mf8zi/538MYv/svljFv/v5o9Z/L+XP2bxXy5/7CPqP2g465GXzx/7iPq/1T+v/xXyxyz+K+aPWfy/nz9m8V8pf8ziv3L+mMX/B/ljFv9V8scGnT9o2Mx8tP1XzR+zrP/V8scs/qvnj1n818gfs/ivmT9m8V8rf8zi/8P8MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8zi/6P8MYv/hvljFv+N8scs/hvnj1n8f5w/ZvHfJH/M4v+T/DGL/6b5Yxb/zfLHLP6b549Z/H+aP2bx/1n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/475Yxb/n+ePWfx/kT9m8d8pf8ziv3P+mMV/l/wxi/+u+WMW/1/mj1n8f5U/ZvH/df6YxX+3/DGL/+75Yxb/3+SPWfx/mz9m8d8jf8zi/7v8MYv/nvljFv+98scs/nvnj1n8f58/ZvH/Q/6Yxf+P+WMW/33yxyz+++aPWfz/lD9m8f9z/pjFf7/8MYv//vljFv8D8scs/n/JH7P4/zV/zOJ/YP6Yxf+g/DGL/9/yxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvH/e/6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwHRoXLLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT8m8R9lIH/M4j8of8ziP0L+mMV/xPwxi//g/DGL/0j5Yxb/kfPHLP6j5I9Z/Ifkj1n8R80fs/iPlj9m8R89f8ziP0b+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzX9YQ/7lnMV/vPwxi//H8scs/uPnj1n8J8gfs/h/PH/M4j9h/pjFf6L8MYv/J/LHLP4T549Z/D+ZP2bxnyR/zOI/af6YxX+y/DGL/+T5Yxb/KfLHLP6fyh+z+E+ZP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/T+ePWfynyx+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/9PljFv8Z8scs/jPmj1n8Z8ofs/jPnD9m8Z8lf8zi/6X8MYv/rPljFv/Z8scs/rPnj1n858gfs/h/OX/M4j9n/pjF/yv5Yxb/r+aPWfznyh+z+H8tf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOK/cP6YxX+R/DGL/9fzxyz+38gfs/gvmj9m8f9m/pjFf7H8MYv/t/LHLP7fzh+z+C+eP2bxXyJ/zOK/ZP6YxX+p/DGL/9L5Yxb/ZfLHLP7fyR+z+C+bP2bx/27+mMX/e/ljFv/l8scs/svnj1n8V8gfs/ivmD9m8f9+/pjFf6X8MYv/yvljFv8f5I9Z/FfJH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/mvljFv+18scs/j/MH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/j/KH7P4b5g/ZvHfKH/M4r9x/pjF/8f5Yxb/TfLHLP4/yR+z+G+aP2bx3yx/zOK/ef6Yxf+n+WMW/5/lj1n8t8gfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/+3yxyz+2+ePWfx3QP+2CIv/jmljFv+f549Z/H+RP2bx3yl/zOK/c/6YxX+Xt/1ff/PDGtd/aBb/XVv/mMX/l/ljFv9f5Y9Z/H+dP2bx3y1/zOK/e/6Yxf83+WMW/9/mj1n898gfs/j/Ln/M4r9n/pjFf6/8MYv/3vljFv/f549Z/P+QP2bx/2P+mMV/n/wxi/+++WMW/z/lj1n8/5w/ZvHfL3/M4r9//pjF/4D8MYv/X/LHLP5/zR+z+B+YP2bxPyh/zOL/t/wxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/P+eP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5YxL/IQP5Yxb/QfljFv8R8scs/iPmj1n8B+ePWfxHyh+z+I+cP2bxHyV/zOI/JH/M4j9q/pjFf7T8MYv/6PljFv8x8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//H8scs/uPnj1n8J8gfs/h/PH/M4j9h/pjFf6L8MYv/J/LHLP4T549Z/D+ZP2bxnyR/zOI/af6YxX+y/DGL/+T5Yxb/KfLHLP6fyh+z+E+ZP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/T+ePWfynyx+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/9PljFv8Z8scs/jPmj1n8Z8ofs/jPnD9m8Z8lf8zi/6X8MYv/rPljFv/Z8scs/rPnj1n858gfs/h/OX/M4j9n/pjF/yv5Yxb/r+aPWfznyh+z+H8tf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOK/cP6YxX+R/DGL/9fzxyz+38gfs/gvmj9m8f9m/pjFf7H8MYv/t/LHLP7fzh+z+C+eP2bxXyJ/zOK/ZP6YxX+p/DGL/9L5Yxb/ZfLHLP7fyR+z+C+bP2bx/27+mMX/e/ljFv/l8scs/svnj1n8V8gfs/ivmD9m8f9+/pjFf6X8MYv/yvljFv8f5I9Z/FfJH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/mvljFv+18scs/j/MH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/j/KH7P4b5g/ZvHfKH/M4r9x/pjF/8f5Yxb/TfLHLP4/yR+z+G+aP2bx3yx/zOK/ef6Yxf+n+WMW/5/lj1n8t8gfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/+3yxyz+2+ePWfx3yB+z+O+YP2bx/3n+mMX/F/ljFv+d8scs/jvnj1n8d8kfs/jvmj9m8f9l/pjF/1f5Yxb/X+ePWfx3yx+z+O+eP2bx/03+mMX/t/ljFv898scs/r/LH7P475k/ZvHfK3/M4r93/pjF//f5Yxb/P+SPWfz/mD9m8d8nf8ziv2/+mMX/T/ljFv8/549Z/PfLH7P4758/ZvE/IH/M4v+X/DGL/1/zxyz+B+aPWfwPyh+z+P8tf8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/v+ePWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvAfNHhgyBP5Ywb/oev/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX/M4v9G/pjF/838MYn/qAP5Yxb/QfljFv8R8scs/iPmj1n8B+ePWfxHyh+z+I+cP2bxHyV/zOI/JH/M4j9q/pjFf7T8MYv/6PljFv8x8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//H8scs/uPnj1n8J8gfs/h/PH/M4j9h/pjFf6L8MYv/J/LHLP4T549Z/D+ZP2bxnyR/zOI/af6YxX+y/DGL/+T5Yxb/KfLHLP6fyh+z+E+ZP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/T+ePWfynyx+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/9PljFv8ZBga2+rCG9J+cxX/G1j9m8Z8pf8ziP3P+mMV/lvwxi/+X8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8zi/+X8MYv/nPljFv+v5I9Z/L+aP2bxnyt/zOL/tfwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/RfLHLP5fzx+z+H8jf8ziv2j+mMX/m/ljFv/F8scs/t/KH7P4fzt/zOK/eP6YxX+J/DGL/5L5Yxb/pfLHLP5L549Z/JfJH7P4fyd/zOK/bP6Yxf+7+WMW/+/lj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMX/+/ljFv+V8scs/ivnj1n8f5A/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv818scs/mvmj1n818ofs/j/MH/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8N8gfs/j/KH/M4r9h/pjFf6P8MYv/xvljFv8f549Z/DfJH7P4/yR/zOK/af6YxX+z/DGL/+b5Yxb/n+aPWfx/lj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+G+fP2bx3yF/zOK/Y/6Yxf/n+WMW/1/kj1n8d8ofs/jvnD9m8d8lf8ziv2v+mMX/l/ljFv9f5Y9Z/H+dP2bx3y1/zOK/e/6Yxf83+WMW/9/mj1n898gfs/j/Ln/M4r9n/pjFf6/8MYv/3vljFv/f549Z/P+QP2bx/2P+mMV/n/wxi/+++WMW/z/lj1n8/5w/ZvHfL3/M4r9//pjF/4D8MYv/X/LHLP5/zR+z+B+YP2bxPyh/zOL/t/wxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/P+eP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5YxL/0Qbyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5Y9Z/MfPH7P4T5A/ZvH/eP6YxX/C/DGL/0T5Yxb/T+SPWfwnzh+z+H8yf8ziP0n+mMV/0vwxi/9k+WMW/8nzxyz+U+SPWfw/lT9m8Z8yf8ziP1X+mMV/6vwxi/80+WMW/2nzxyz+n84fs/hPlz9m8f9M/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/6fPHLP4z5I9Z/GfMH7P4z5Q/ZvGfOX/M4j9L/pjF/0v5Yxb/WfPHLP6z5Y9Z/GfPH7P4z5E/ZvH/cv6YxX/O/DGL/1fyxyz+X80fs/jPlT9m8f9a/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8ziv1D+mMV/4fwxi/8i+WMW/6/nj1n8v5E/ZvFfNH/M4v/N/DGL/2L5Yxb/b+WPWfy/nT9m8V88f8ziv0T+mMV/yfwxi/9S+WMW/6Xzxyz+y+SPWfy/kz9m8V82f8zi/938MYv/9/LHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v/9/DGL/0r5Yxb/lfPHLP4/yB+z+K+SP2bxXzV/zOK/Wv6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/H+YP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/9fPHLP4b5I9Z/H+UP2bx3zB/zOK/Uf6YxX/j/DGL/4/zxyz+m+SPWfx/kj9m8d80f8ziv1n+mMV/8/wxi/9P88cs/j/LH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/tvlj1n8t88fs/jvkD9m8d8xf8zi//P8MYv/L/LHLP475Y9Z/HfOH7P475I/ZvHfNX/M4v/L/DGL/6/yxyz+v84fs/jvlj9m8d89f8zi/5v8MYv/b/PHLP575I9Z/H+XP2bx3zN/zOK/V/6YxX/v/DGL/+/zxyz+f8gfs/j/MX/M4r9P/pjFf9/8MYv/n/LHLP5/zh+z+O+XP2bx3z9/zOJ/QP6Yxf8v+WMW/7/mj1n8D8wfs/gflD9m8f9b/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/4vwxi/8l+WMW/0vzxyz+f88fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxif/oA/ljFv9B+WMW/xHyxyz+I+aPWfwH549Z/EfKH7P4j5w/ZvEfJX/M4j8kf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL/8fyxyz+4+ePWfwnyB+z+H88f8ziP2H+mMV/ovwxi/8n8scs/hPnj1n8P5k/ZvGfJH/M4j9p/pjFf7L8MYv/5PljFv8p8scs/p/KH7P4T5k/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv9P549Z/KfLH7P4fyZ/zOL/2fwxi//n8scs/p/PH7P4fyF/zOL/xfwxi//0+WMW/xnyxyz+M+aPWfxnyh+z+M+cP2bxnyV/zOL/pfwxi/+s+WMW/9nyxyz+s+ePWfznyB+z+H85f8ziP2f+mMX/K/ljFv+v5o9Z/OfKH7P4fy1/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvFfKH/M4r9w/pjFf5H8MYv/1/PHLP7fyB+z+C+aP2bx/2b+mMV/sfwxi/+38scs/t/OH7P4L54/ZvFfIn/M4r9k/pjFf6n8MYv/0vljFv9l8scs/t/JH7P4L5s/ZvH/bv6Yxf97+WMW/+Xyxyz+y4+aP2XxX6H1j1n8V8wfs/h/P3/M4r9S/pjFf+X8MYv/D/LHLP6r5I9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjFf838MYv/WvljFv8f5o9Z/NfOH7P4r5M/ZvFfN3/M4r9e/pjFf/38MYv/BvljFv8f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/j/DGL/yb5Yxb/n+SPWfw3zR+z+G+WP2bx3zx/zOL/0/wxi//P8scs/lvkj1n8t8wfs/hvlT9m8d9a5j/KB7ydxX8bmf8HzeK/bf6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/H+eP2bx/0X+mMV/p/wxi//O+WMW/13yxyz+u+aPWfx/mT9m8f9V/pjF/9f5Yxb/3fLHLP67549Z/H+TP2bx/23+mMV/j/wxi//v8scs/nvmj1n898ofs/jvnT9m8f99/pjF/w/5Yxb/P+aPWfz3yR+z+O+bP2bx/1P+mMX/z/ljFv/98scs/vvnj1n8D8gfs/j/JX/M4v/X/DGL/4H5Yxb/g/LHLP5/yx+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPyxd/wHhgwMfJT9T88fs6z/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/7/ljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMM/+ffK4T8w+qNtBZjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHLP5v5o9J/McYyB+z+A/KH7P4j5A/ZvEfMX/M4j84f8ziP1L+mMV/5Pwxi/8o+WMW/yH5Yxb/UfPHLP6j5Y9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8P5Y/ZvEfP3/M4j9B/pjF/+P5Yxb/CfPHLP4T5Y9Z/D+RP2bxnzh/zOL/yfwxi/8k+WMW/0nzxyz+k+WPWfwnzx+z+E+RP2bx/1T+mMV/yvwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+H86f8ziP13+mMX/M/ljFv/P5o9Z/D+XP2bx/3z+mMX/C/ljFv8v5o9Z/KfPH7P4z5A/ZvGfMX/M4j9T/pjFf+b8MYv/LPljFv8v5Y9Z/GfNH7P4z5Y/ZvGfPX/M4j9H/pjF/8v5Yxb/OfPHLP5fyR+z+H81f8ziP1f+mMX/a/ljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8ziv0D+mMV/wfwxi/9C+WMW/4Xzxyz+i+SPWfy/nj9m8f9G/pjFf9H8MYv/N/PHLP6L5Y9Z/L+VP2bx/3b+mMV/8fwxi/8S+WMW/yXzxyz+S+WPWfyXzh+z+C+TP2bx/07+mMV/2fwxi/9388cs/t/LH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/9/PHLP4r5Y9Z/FfOH7P4/yB/zOK/Sv6YxX9Vo/8HeMAW/9WM/h8gi//q+WMW/zXyxyz+a+aPWfzXyh+z+P8wf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfw3yB+z+P8of8ziv2H+mMV/o/wxi//G+WMW/x/nj1n8N8kfs/j/JH/M4r9p/pjFf7P8MYv/5vljFv+f5o9Z/H+WP2bx3yJ/zOK/Zf6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4r9j/pjF/+f5Yxb/X+SPWfx3yh+z+O+cP2bx3yV/zOK/a/6Yxf+X+WMW/1/lj1n8f50/ZvHfLX/M4r97/pjF/zf5Yxb/3+aPWfz3yB+z+P8uf8ziv2f+mMV/r/wxi//e+WMW/9/nj1n8/5A/ZvH/Y/6YxX+f/DGL/775Yxb/P+WPWfz/nD9m8d8vf8ziv3/+mMX/gPwxi/9f8scs/n/NH7P4H5g/ZvE/KH/M4v+3/DGL/8H5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8/54/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYv/m/ljEv8xB/LHLP6D8scs/iPkj1n8R8wfs/gPzh+z+I+UP2bxHzl/zOI/Sv6YxX9I/pjFf9T8MYv/aPljFv/R88cs/mPkj1n8x8wfs/iP9YH8X/r/blz/oVn8x279Yxb/cfLHLP7j5o9Z/MfLH7P4fyx/zOI/fv6YxX+C/DGL/8fzxyz+E+aPWfwnyh+z+H8if8ziP3H+mMX/k/ljFv9J8scs/pPmj1n8J8sfs/hPnj9m8Z8if8zi/6n8MYv/lPljFv+p8scs/lPnj1n8p8kfs/hPmz9m8f90/pjFf7r8MYv/Z/LHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+E+fP2bxnyF/zOI/Y/6YxX+m/DGL/8z5Yxb/WfLHLP5fyh+z+M+aP2bxny1/zOI/e/7Yv/gPu2ycD3lM/3/1Hv5z5I9Z1v+X88cs/nPmj1n8v5I/ZvH/av6YxX+u/DGL/9fyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/hfLHLP4L549Z/BfJH7P4fz1/zOL/jfwxi/+i+WMW/2/mj1n8F8sfs/h/K3/M4v/t/DGL/+L5Yxb/JfLHLP5L5o9Z/JfKH7P4L50/ZvFfJn/M4v+d/DGL/7L5Yxb/7+aPWfy/lz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/+/nj1n8V8ofs/ivnD9m8f9B/pjFf5X8MYv/qvljFv/V8scs/qvnj1n818gfs/ivmT9m8V8rf8zi/8P8MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8zi/6P8MYv/hvljFv+N8scs/hvnj1n8f5w/ZvHfJH/M4v+T/DGL/6b5Yxb/zfLHLP6b549Z/H+aP2bx/1n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/475Yxb/n+ePWfx/kT9m8d8pf8ziv3P+mMV/l/wxi/+u+f9T/5gJi/8v88cs/r/KH7P4/zp/zOK/W/6YxX/3/LGPqv+Q4fx/kz/2UfUfGM7/t/ljFv898scs/r/LH7P475k/ZvHfK3/M4r93/pjF//f5Yxb/P+SPWfz/mD9m8d8nf8ziv2/+mMX/T/ljFv8/549Z/PfLH7P4758/ZvE/IH/M4v+X/DGL/1/zxyz+B+aPWfwPyh+z+P8tf8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/v+ePWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/4PD+W/8vj+s/NIv/Q61/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZPybxH2sgf8ziPyh/zOI/Qv6YxX/E/DGL/+D8MYv/SPljFv+R88cs/qPkj1n8h+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvH/WP6YxX/8/DGL/wT5Yxb/j+ePWfwnzB+z+E+UP2bx/0T+mMV/4vwxi/8n88cs/pPkj1n8J80fs/hPlj9m8Z88f8ziP0X+mMX/U/ljFv8p88cs/lPlj1n8p84fs/hPkz9m8Z82f8zi/+n8MYv/dPljFv/P5I9Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bxnz5/zOI/Q/6YxX/G/DGL/0z5Yxb/mfPHLP6z5I9Z/L+UP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/L+ePWfznzB+z+H8lf8zi/9X8MYv/XPljFv+v5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/gvlj1n8F84fs/gvkj9m8f96/pjF/xv5Yxb/RfPHLP7fzB+z+C+WP2bx/1b+mMX/2/ljFv/F88cs/kvkj1n8l8wfs/gvlT9m8V86f8ziv0z+mMX/O/ljFv9l88cs/t/NH7P4fy9/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP7fzx+z+K+UP2bxXzl/zOL/g/wxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+K+RP2bxXzN/zOK/Vv6Yxf+H+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bxXz9/zOK/Qf6Yxf9H+WMW/w3zxyz+G+WPWfw3zh+z+P84f8ziv0n+mMX/J/ljFv9N88cs/pvlj1n8N88fs/j/NH/M4v+z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/j/PH7P4/yJ/zOK/U/6YxX/n/DGL/y75Yxb/XfPHLP6/zB+z+P8qf8zi/+v8MYv/bvljFv/d88cs/r/JH7P4/zZ/zOK/R/6Yxf93+WMW/z3zxyz+e+WPWfz3zh+z+P8+f8zi/4f8MYv/H/PHLP775I9Z/PfNH7P4/yl/zOL/5/wxi/9++WMW//3zxyz+B+SPWfz/kj9m8f9r/pjF/8D8MYv/QfljFv+/5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+J+SP2bxPzV/zOJ/Wv6Yxf/0/DGL/xn5Yxb/M/PHLP5n5Y9Z/M/OH7P4n5M/ZvE/N3/M4n9e/pjF//z8MYv/BfljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zi//f8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfk/iPPZA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8sf8ziP37+mMV/gvwxi//H88cs/hPmj1n8J8ofs/h/In/M4j9x/pjF/5P5Yxb/SfLHLP6T5v//Y+f+w7Wu6zuO3/wmytmnXZd6zTYcGnNtRiKjUQtRUTz+OGWimb9Rj0CCyA8JMAQ2Wqlj06VuFmxi4ZizVUscbq5fKxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+186ft18/14/ME593183ynP6+V9e3FdhbL0/zn9Q1n6D9c/lKX/UfqHsvT/ef1DWfqP0D+Upf/R+oey9D9G/1CW/q/RP5Sl/0j9Q1n6/4L+oSz9j9U/lKX/L+ofytL/tfqHsvT/Jf1DWfr/sv6hLP2P0z+Upf/r9A9l6T9K/1CW/q/XP5Sl//H6h7L0H61/KEv/E/QPZek/Rv9Qlv6/on8oS/+x+oey9H+D/qEs/X9V/1CW/uP0D2Xp/0b9Q1n6v0n/UJb+v6Z/KEv/N+sfytJ/vP6hLP1P1D+Upf8E/UNZ+p+kfyhL/5P1D2Xpf4r+oSz9J+ofytL/VP1DWfqfpn8oS/9J+oey9D9d/1CW/m36h7L0P0P/UJb+Z+ofytL/LP1DWfqfrX8oS/92/UNZ+r9F/1CW/m/VP5Sl/zn6h7L0f5v+oSz9z9U/lKX/ZP1DWfqfp38oS//z9Q9l6f92/UNZ+l+gfyhL/3foH8rS/0L9Q1n6X6R/KEv/i/UPZel/if6hLP0v1T+Upf9l+oey9L9c/1CW/lP0D2Xpf4X+oSz9r9Q/lKX/VfqHsvTv0D+Upf/V+oey9J+qfyhL/2n6h7L0n65/KEv/d+ofytL/Gv1DWfrP0D+Upf9M/UNZ+l+rfyhL/1n6h7L0v07/UJb+s/UPZek/R/9Qlv5z9Q9l6T9P/1CW/tfrH8rSf77+oSz936V/KEv/BfqHsvRfqH8oS/9F+oey9L9B/1CW/u/WP5Sl/2L9Q1n636h/KEv/JfqHsvRfqn8oS/9l+oey9P91/UNZ+v+G/qEs/ZfrH8rS/z36h7L0/039Q1n6v1f/UJb+79M/lKX/TfqHsvS/Wf9Qlv636B/K0v+39A9l6b9C/1CW/r+tfyhL/9/RP5Sl/636h7L0v03/UJb+v6t/KEv/9+sfytL/dv1DWfrfoX8oS/879Q9l6f97+oey9P99/UNZ+t+lfyhL/w/oH8rS/4P6h7L0X6l/KEv/VfqHsvT/A/1DWfr/of6hLP3v1j+Upf9q/UNZ+t+jfyhL/w/pH8rS/8P6h7L0X6N/KEv/e/UPZen/R/qHsvRfq38oS/8/1j+Upf99+oey9P8T/UNZ+t+vfyhL/4/oH8rS/0/1D2Xp/1H9Q1n6f0z/UJb+H9c/lKX/n+kfytL/E/qHsvR/QP9Qlv7r9A9l6f+g/qEs/f9c/1CW/uv1D2Xp/5D+oSz9/0L/UJb+f6l/KEv/h/UPZen/V/qHsvT/pP6hLP0/pX8oS/9P6x/K0v8z+oey9P+s/qEs/f9a/1CW/p/TP5Sl/+f1D2Xpv0H/UJb+X9A/lKX/3+gfytJ/o/6hLP0f0T+Upf8X9Q9l6f8l/UNZ+j+qfyhL/y/rH8rS/yv6h7L0/1v9Q1n6P6Z/KEv/r+ofytL/7/QPZen/Nf1DWfr/vf6hLP036R/K0v/r+oey9N+sfyhL/3/QP5Sl/z/qH8rS/xv6h7L0/yf9Q1n6f1P/UJb+39I/lKX/t/UPZen/uP6hLP3/Wf9Qlv5P6B/K0v9J/UNZ+m/RP5Sl/1P6h7L0/xf9Q1n6f0f/UJb+/6p/KEv/7+ofytJ/q/6hLP2f1j+Upf/39A9l6b9N/1CW/v+mfyhL/+36h7L0/3f9Q1n6P6N/KEv//9A/lKX/Dv1DWfrv1D+Upf9/6h/K0v/7+oey9N+lfyhL/x/oH8rS/1n9Q1n6/1D/UJb+z+kfytL/v/QPZen/vP6hLP1/pH8oS//d+oeS9H9lS/9Qlv799A9l6d9f/1CW/gP0D2XpP1D/UJb+g/QPZek/WP9Qlv5D9A9l6T9U/1CW/i/TP5Sl/zD9Q1n6v1z/UJb+r9A/lKX/IfqHsvT/Kf1DWfofqn/oJdcfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/5q5CxddM2XGjI45vvGNb3yz75sX+99MAADAT9qPP/S/2H8nAAAAAAAAAAAAAAAAAAAAkFcT/3diL/Y/IwAAAAAAAAAAAAAA/H/X1n7StgH9DnhqwP4PfvbRjj1fx+y6YNqaNQ+W7q9dPz4zeMn++z/YvXv37lXPjJ/Y9XBIq9Xq/F97ZdfjoT2PO19/6fCVR+x9VCZ87s7HL518yFlz1t028Ourbml/etCeZwe1Lr96+oyO1/dvtcopg1oLOh8c36/VKqcNat3a+WB054NJg1prOx+csOfBy1qf7nzwuitnzbiq84nTK/+ewUtFW/vS1oADFts64N8G++9/6fAnpnV/7eUlu19tYKtr/yPWffHwHj/r9gL77379clLP/ff5HxB4QX3b/7Obu7/28pL/4/3/Qxt3LYp+9sL77379crL9Q32Cz/8HbLTn5/4en/+PCl5y3/2JQzfe3rn/tvPue3XXUwP/N5//f/z65ZSe++9/wOf/zs/xE7s//w9ptcqpB/nbAam0tS/b1tv7f+/7H/gzPW767b//e7685RWd+7/3udbyrqcG9XH/E3t7/7+px98r0Ddt7at393j/78P+WyODl9y3/63rDtnz+X/L/Vcett/P+rL/U3vuf9S8mdeNmrtw0XHTZ06Z2jG149pxo8ceP2bcuLFjR+35RLD314P8TYEkDu79vzWsx02/Vqtj3/2G+26Z2Ln/7Q8t/3DXU0P7uP/Ten3/P8r7P4RG9G8NHtxaMGXevDnH7/21++Hovb/u/cuC/ffhv/+PPrbrL+v+M8N+rdYR++5HXjpuSOf+b5hd1nc9NbiP+5/U6/4nHPhnlUDfHOT7/1U9bg7Y/4lbb5zfuf9jvv+qLV1P9fW//0/vdf93e/+Hg9HW3qr1TbRz/ycMWXZGtevS5s//oD5N7H/4jlt3VrsuZ9g/1KeJ/U9e8aYrql2XM+0f6tPE/h+cedmKatflLPuH+jSx/+d/eueR1a7L2fYP9Wli/49956k11a5Lu/1DfZrY/wfuaj+h2nV5i/1DfZrY/3HX/2B8tevyVvuH+jSx/6tffu7aatflHPuH+jSx/zN2n3xYtevyNvuH+jSx/37Lvru02nU51/6hPk3s/8kpK2ZVuy6T7R/q08T+1w4f+Wy163Ke/UN9mtj/8qffMKnadTnf/qE+Tez/K3esfKzadXm7/UN9mtj/xy9+1cpq1+UC+4f6NLH/H454aFi16/IO+4f6NLH/TZvWPlDtulxo/1CfJva/au2AEdWuy0X2D/VpYv9LTp/6aLXrcrH9Q32a2P+YsV+6qNp1ucT+oT5N7P+Iz37zqWrX5VL7h/o0sf9zH54/t9p1ucz+oT5N7H/+kR/7UbXrcrn9Q32a2P+bO46cVu26TLF/qE8T+y+3DdtU7bpcYf9Qnyb2f+H21ROqXZcr7R/q08T+1x/6+Y9Wuy5X2T/Up4n975h97bhq16XD/qE+Tez/2+9Z8t5q1+Vq+4f6NLH/25/7Wql2XabaP9Snif1vHX3hxdWuyzT7h/o0sf/VZz3zSLXrMt3+oT5N7H/F+sfnVbsu77R/qE8T+9+w4cwnql2Xa+wf6tPE/o8ZOeqQatdlhv1DfZrY/6wLln+w2nWZaf9Qnyb2f8r9d7ym2nW51v6hPk3sf+hXx3+i2nWZZf9Qnyb2/6nx7/tktetynf1DfZrY/84JRx9b7brMtn+oTxP73/zA6DurXZc59g/1aWL/73/krorXZa79Q32a2P/s1z6/vdp1mWf/UJ8m9v/GyecvrHZdrrd/qE8T+z/s7klfqHZd5ts/1KeJ/V/yre+dU+26vMv+oT5N7P/ow694dbXrssD+oT5N7H/a9I03V7suC+0f6tPE/ieu2jym2nVZZP9Qnyb2f+iTc++pdl1usH+oTxP73zbg8LOrXZd3d+1/8bC9T9g//AQ1sf97Fz/8jWrXZbH3f6hPE/u/+aaPdFS7LjfaP9Snif1/ZtfgHdWuyxL7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9mBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1kH0bgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAUQAAAP//p0ziYA==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x9041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

5m37.656478137s ago: executing program 0 (id=1279):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe4, 0xc5, 0xad, 0x10, 0x61d, 0xc020, 0x9c15, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x10, 0x2d, 0xb0}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

5m37.372169492s ago: executing program 0 (id=1286):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)

5m37.266120396s ago: executing program 34 (id=1286):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)

5m1.699268606s ago: executing program 5 (id=1694):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x72, 0x0, 0x0, 0x8000008, 0x4, 0x2, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000000c0)={0x800080, 0x80, 0xffffffbc, 0x7, 0x0, 0x55a})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000200)={0x800080, 0x858, 0x8, 0x7, 0x43, 0x558})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

5m1.630026936s ago: executing program 5 (id=1695):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfffb}, {0xfff1, 0xffff}, {0x7, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)

5m1.538661462s ago: executing program 5 (id=1696):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f00000000c0)=0x2)
write(r0, &(0x7f0000000000)="5a000300010003", 0x7)

5m1.53835291s ago: executing program 5 (id=1697):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8004, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4118d39c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

5m1.19586464s ago: executing program 5 (id=1703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000007c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8801}, 0x30040004)

5m0.15048279s ago: executing program 5 (id=1705):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000804)

4m59.892553308s ago: executing program 35 (id=1705):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000804)

2m2.07808915s ago: executing program 3 (id=3747):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0xffff, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0)

2m2.029110816s ago: executing program 3 (id=3749):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="3800000002020500000000000000000002000007240002800c0002800482f700060000001400018008000100ac1414aa080002"], 0x38}, 0x1, 0x0, 0x0, 0x40840}, 0x4010)

2m1.967260802s ago: executing program 3 (id=3750):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@local}, @local, 0x0, 0x10000, 0x5e, 0x1ffffffffffe, 0x0, 0x0, 0x6})

2m1.967047378s ago: executing program 3 (id=3751):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c726573765f6c6576656c3d30303030303030303030303030303030303030302c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c646174613d77726974656261636b2c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00149e0cb4c679a55808f10855fc0d9b9d7241cc60c5c0b35a9ce6bd73d50a863d736b7f64cdbf2582b25c868128f5a0c3ca71ea7a85f79743e17bbb3291a3c43eb49fcfcab9a806f939773a5895370494ec438f24b77c23cb13a0c7c11503d4e4a25d5e8142cc163f75ca2557bc5b3dd2856dbf2f4fbffb092b1a8d3f410d0daefab8a2f41a23713a02fa9349bc76bc637fe28f733ee38a6de0e2174f54e7f4ebc705a06c4b7d76bcc94f8985dbf4791afe238c9f24f48c0f98d3898ad1f3597c15fdc241ce161617ca162b1d4a17900f12843677d372e706"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})

2m1.236466727s ago: executing program 3 (id=3755):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000001480)={@multicast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x800, 0x0, 0x4, 0x11, 0x0, @rand_addr=0x64010101, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

2m1.127243333s ago: executing program 3 (id=3759):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)

2m0.975592598s ago: executing program 36 (id=3759):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)

1m7.684852014s ago: executing program 4 (id=4271):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0xd6, &(0x7f0000000480)={0x0, 0xe0df, 0x100, 0x3, 0xffffffff}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47b8, 0x2669, 0x0, 0x0, 0x0)

1m6.784837472s ago: executing program 4 (id=4274):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000400)=""/203, 0xcb}, {&(0x7f0000002080)=""/4084, 0xff4}, {&(0x7f0000000740)=""/191, 0xbf}, {&(0x7f0000002000)=""/78, 0x4e}, {&(0x7f00000037c0)=""/227, 0xe3}], 0x5}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)

1m6.699631517s ago: executing program 4 (id=4276):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x8)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000240), 0x4)

1m6.64567505s ago: executing program 4 (id=4278):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@lazytime}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
pwrite64(r0, &(0x7f0000000880)='u', 0x1, 0x83)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})
chdir(&(0x7f00000001c0)='./file0\x00')
creat(&(0x7f0000000040)='./file1\x00', 0x5e)

1m6.483505878s ago: executing program 4 (id=4284):
syz_emit_ethernet(0x6e, &(0x7f0000000000)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x4, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0xff, @mcast2, @ipv4={'\x00', '\xff\xff', @multicast2}, [@hopopts={0x33}]}}}}}}}, 0x0)

1m5.713848254s ago: executing program 4 (id=4286):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="580000001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac710d1070000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

1m5.591134888s ago: executing program 37 (id=4286):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="580000001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac710d1070000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

4.490658798s ago: executing program 6 (id=4860):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0xc01, 0x3, 0x1b8, 0x100, 0x5002004a, 0x0, 0x100, 0x0, 0x190, 0x3c8, 0x3c8, 0x190, 0x3c8, 0x3, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x12}, @private=0xa010101, 0x0, 0xffffffff, 'veth0_macvtap\x00', 'macvtap0\x00', {}, {0xff}, 0x1, 0x2, 0x3a}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1c}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0xff, 'ipvlan0\x00', 'pimreg1\x00', {}, {0x4d46f109675848}, 0x36, 0x2, 0x1}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x218)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

4.37424332s ago: executing program 6 (id=4862):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
recvfrom$inet(r0, &(0x7f0000000340)=""/4096, 0x1000, 0x140, 0x0, 0x0)

3.473905113s ago: executing program 6 (id=4877):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0xa00010, &(0x7f0000008940), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x20200, 0x0, 0xfe, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')

3.282294192s ago: executing program 6 (id=4880):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000002c0)='./bus\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="646973636172643d3078303030303030303030303030303030342c75737271756f74612c696f636861727365743d61736369692c6572726f72733d72656d6f756e742d726f2c6e6f696e746567726974792c6e6f71756f74612c6e6f64697363617264006e6f71756f74612c6e6f696e746567726573697a652c646973636172643d3078303030303030303030303030303433612c696f6368617273657423ad8ccfb725cd9fcaeb67a029573d6d6163726f6d616e69616e2c6e6f696e7465677269646973636172642c646f6e745f61707072616973652c646566636f6e746578743d73797361646d5f752c7375626a5f747970653d7b5b2c736d61636b66736465663d6e6f696e746565726974792c66756e633d43524544535f434c45434b2c61756469", @ANYRES8, @ANYBLOB="2c6d65b47d7189617375"], 0x1, 0x61e2, &(0x7f000000d7c0)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288Szk92uU8c7a8/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vB2udiLj287RgJeIz0YvoRiyV9WpELK2u5PX7EfFc7DXHsxExWIgob7/3z9MRr0bER09F7OxurpeLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAGiboiiKTvqYfyZ9vu823SkAYCby63+R5OWnvv71P9/6yzz1R61Wq9XqGdRVxXj3qkVEbFVvU75ncDgeAE6Yrfi46S7QIPm3Wj8inmi6E8Bc6zTdAY7Fzu7meifl26m+Hqzut+dzQUby3+o8uL5j0nSa+jkms3p8bUcvnpnQn6UZ9WGe5Py79fyv7bcP03rHnf+sTMp/uH/pU+vk/Hv1/GtOT/7dsfm3Vc6//0j59+QPAAAAAABzLP///0rDx38Xjr4ph/JJx39XZ9QHAAAAAAAAAHjcjjr+3wPG/wMAAIC5VX5WL/3mqYNlk76LrVx+tRPxZG19oGXSxTLLTfcDAAAAAAAAAAAAANqkv38O79VOxCAinlxeLoqi/Kmq14/qqLc/6dq+/dBmTT/JAwDAvo+eql3L34lYjIir6bv+BsvLy0WxuLRcLBdLC/n97HBhsViqfK7N03LZwvAQb4j7w6L8ZYuV21VN+7w8rb3++8r7Gha9Q3TsMRmkv+aE5obCBoBk/9VoxyvSKVMUT0968wEj7P+n0EqsNP24Yv41/TAFAAAAjl9RFEUnfZ33mXTMv9t0pwCAmciv//XjAkequxPaIx7P71er1Wq1Wv2p6qpivHvVIiK2qrcp3zMYjh8ATpit+LjpLtAg+bdaPyKea7oTwFzrNN0BjsXO7uZ6J+Xbqb4epPHd87kgI/lvdfZul28/bjpN/RyTWT2+tqMXz0zoz7Mz6sM8yfl36/lf228fpvWOO/9ZmZT/cO+SufbJ+ffq+decnvy7Y/Nvq5x//5Hy78kfAAAAAADmWP7//xXHf/MmAwAAAAAAAMCJs7O7uZ6ve83H/z83Zj3Xf55OOf/Oo+a/lOblf6Ll/Lu1/L9cW69Xmb//5sH+/+/dzfXf3/nXZ/P0sPkv5JlOemR10iOik+6p00/To2zdw7YHvWF5T4NOt9dP5/wUg3fiRtyMjbgwsm43/T0O2tdG2sueDkbaL4609x9qvzTSPkjfO1As5fZzsR4/iZvx9l572bYwZfsXp7QXU9pz/j3P/62U8+9Xfsr8l1N7pzYt3f+w+9B+X52Ou583bnz+lxeOf3Om2o7eg22rKrfvbAP92fubPDGMn93euHXu7vU7d26tRZqMLL0YafKY5fwHez8LB8//L+y35+f96v56/8PhI+c/L7ajPzH/Fyrz5fa+NOO+NSHnP0w/Of+3U/v4/f8k5z95/3+5gf4AAAAAAAAAAAAAAADAJymKYu8S0Tci4nK6/qepazMBgNnKr/9Fkper1Wq1Wq0+fXVVMd7r1SIi/lq9Tfme4RfjfhkAMM/+FxH/aLoTNEb+LZa/76+cvth0Z4CZuv3+Bz+6fvPmxq3bTfcEAAAAAAAAAPi08vifq5Xxn1+MiJXaeiPjv74Zq0cd/7OfZx4MMPqYB/qeYLs77HUrw40/H3vjc5+bNP732Xh4/O88Jm6vuh0TDKa0D6e0L0xpXxy79CCtsRd6VOT8n6+Md17mf6Y2/Hobxn+tj3nfBjn/s5XHc5n/l2rrVfMvfjt3+W8ddsXt6I7kf/7Oez89f/v9D1658d71dzfe3fjxpbW1C5cuX75y5cr5d27c3Liw/+/x9HoO5Pzz2NfOA22XnH/OXP7tkvP/Qqrl3y45/y+mWv7tkvPP7/fk3y45//zZR/7tkvN/KdXyb5ec/1dSLf922dndXCjzfznV8m+XvP9/NdXyb5ec/yupln+75PzPpVr+7ZLzP5/qQ+Tv6+FPkZx/PsJl/2+XnP9aquXfLjn/i6mWf7vk/C+lWv7tkvN/NdXyb5ec/9dSLf92yflfTrX82yXn//VUHzL/aac9c0Lk/K+k2v7fLjn/b6Ra/u2S8/9mquXfLjn/11It/3bJ+X8r1fJvl5z/t1Mt/3bJ+X8n1fJvl5z/66mWf7scfP+/GTNmzOSZpp+ZAAAAAAAAAAAAAIC6WZxO3PQ2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2LvXGLnO8g7gZ/bmtUOIgRCc1JC1Y4xxluz6El9oXUwIlwYoBZIAvWC73rVZ8A2vXQJFsmmgRMKoqKIi/dAWUNRGqiqsig+0Smk+VL18atoP9EtFVQmpUWWigIrUVjRbzZz3fXdmdnZm1ztenz3n95OSZ3fmnDnvnHnP2Xl2/Z8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLMtb5v+Yi3Lsvp/jf9tzLKX1b9eP7axcdubb/YIAQAAgJX6v8b/X7wt3XB4CSs1LfN3r/vHb8/Nzc1lHx78veGvzs2lO8aybHhdljXui67++0dqzcsEj2ejtYGm7wd6bH6wx/1DPe4f7nH/SI/71/W4f7TH/Qt2wALr89/HNB5sW+PLjfkuzW7Phhv3beuw1uO1dQMD8Xc5DbXGOnPDJ7KZ7FQ2nU22LJ8vW2ss/8yW+rbelcVtDTRta3N9hvzos8fjGGphH29r2db8Y0Y/fGs29uMfffb4H1+4dmen2nM3tDxePs4dW+vj/Hy4JR9rLVuX9kkc50DTODd3eE0GW8ZZa6xX/7p9nC8ucZyD88NcVe2v+Wg20Pj6ucZ+Gmr+tV7aT5vDbf99T5Zll+eH3b7Mgm1lA9mGllsG5l+f0XxG1h+jPpVemQ0ta55uWcI8rdepba3ztP2YiK//lrDe0CJjaH6Zfvi5kQWv+3LnaVR/1osdK+1zsN/HSlHmYJwXzzWe9BMd5+C28Pw/u33xOdhx7nSYg+l5N83Brb3m4MDIYGPM6UWoNdaZn4O7WpYfbGyp1qjPb+8+BycunD43Mfvpz7xp5vSxk9Mnp8/s2bVrcs++fQcOHJg4MXNqejL//3Xu7eLbkA2kY2Br2HfxGHhD27LNU3XuG/07Dke7HIcb25bt93E41P7kaqtzQC6c0/mx8XB9p49eGcgWOcYar8/OlR+H6Xk3HYdDTcdhx58pHY7DoSUch/Vlzu1c2nuWoab/Oo3hRv0s2Ng0B9vfj7TPwX6/HynKHBwN8+Jfdy7+s2BzGO8T48t9PzK4YA6mpxvOPfVb0vv90QON0mle3lW/45aR7OLs9Pn7Hjt24cL5XVkoq+JVTXOlfb5uaHpO2YL5OrDs+Xp45nVP3NXh9o1hX42+qf6/0UVfq/oye+/r/lo1frp13p8tt+7OQumz1d6fnX6a1/dn6iW77M/6Mp+fWPl78dSXNp1/hxc5/8a+/6V8e+mhHh8cHsqP38G0d4ZbzsetL9VQ49xVa2z7xYmlnY+Hw3+rfT6+vcv5eFPbsv0+Hw+3P7l4Pq71+m3HyrS/nqNhnpya7H4+ri+zafdy5+RQ1/PxPaHWwv5/Y+gUUl/UNHcWm7dpW0NDw+F5DcUttM7TPS3LD4ferL6tp3df3zzdcU/+WIPp2c1brXk61rZsv+dpOl8tNk9rvX77dn3aX8/RMC9u39N9ntaXeXbvys+d6+OXTefOkV5zcHhwpD7m4TQJ8/P93Po4B+/Ljmdns1PZVOPekcZ8qjW2NX7/0ubgSPhvtc+Vm7rMwR1ty/Z7DqafY4vNvdrQwiffB+2v52iYF0/e330O1pd5cH9/37vuCLekZZreu7b/fm2x33nd1babbuTvvOrj/Jv93X83W1/m1IHl9pnd99O94ZZbOuyn9uN3sWNqKlud/bQpjPPagcX3U3089WW+enCJ8+lwlmWXPvlA4/e94e8rf37xe99u+btLp7/pXPrkAy/ceuJvlzN+ANa+l/KyIf9Z1/SXqaX8/R8AAABYE2LfPxBqov8HAACA0oh9f/xX4Yn+HwAAAEoj9v1DoSYV6f83PXht5qVLWUrmzwXx/rQbHsqXixnXyfD92Ny8+u0PPDX9k7+8tLRtD2RZ9tOHfrPj8pseiuPKjYVxXn176+0LV7y0pO0ffWR+ueb8+tfD48fns9Rp0CmCO5ll2TO3fbmxnbGPXGnUZx862qgfuPzE4/VlXjyYfx/Xf/5V+fJ/EMK/h08ca1n/+bAffhDq5Ls774+43reuvHHz/kfntxfXq219eeNpP/nR/HHj5+R85fF8+bifFxv/X33p6W/Vl3/s9Z3Hf2mg8/ifDo/7VKj/89p8+ebXoP59XO8LYfxxe3G9+7753Y7jv/rFfPlz78iXOxpq3P6O8P22d1ybad5fj9WOtTyv7J35cnH7k9/7ncb98fHi47ePf/TIlZb90T4/nv3n/HEm2paPt8ftRH/Rtv364zTPz7j9p3/7aMt+7rX9qx94/rX1x23f/r1tyw22rd/+iU1/+IUvd9xeHM/hPzvX8nwOvz8cx2H7T340zMdw//9e/XLLdqOj7289/8Tlv77xUsvzid7143z7V99yslH/Y+wnv3/Ly259+eW76/suy577YP54vbZ/8o/Otoz/G3fsbLwe8f6Y0W/f/mLi9s9/avzM2dmLM1NNe7Xx2TnvycezbnT9hvp4bwvn1vbvj5y98LHp82OTY5NZNlbej9C7bt8M9YW8XF7u+jsfCa/nXV97ZsP2f/pSvP1fHs5vv/Lu/OfWG8JyXwm3b8xfv7naCrf/5JY7Gsd37dn8+5Ycex9s3vafB5a0YHj+7e8L4nw/9+qPNfZD/b7Gz414XK9w/N+fyh/nO2G/zoVPZt56x/z2mpePn41w5YP58b7i/RdOc/F1/ZPwer/3B/njx3HF5/v98D7mu5taz3dxfnzn0kD74zc+xeNyOJ9kl/P741Jxf1958Y6Ow4ufQ5JdvrPx/e+mx7lzWU9zMbOfnp04NXPm4mMTF6ZnL0zMfvozR06fvXjmwpHGZ3ke+Xiv9efPTxsa56ep6X17s8n1WZadzSZX4YR1Y8Zf/2pp4z/3yPGp/ZPbp6ZPHLt44sIj56bPnzw+O3t8emp2+7ETJ6Y/1Wv9malDu3Yf3LN/9/jJmalDBw4e3HNwfObM2fow8kH1sG/yE+Nnzh9prDJ7aO/BXfffv3dy/PTZqelD+ycnxy/2Wr/xs2m8vvZvjJ+fPnXswszp6fHZmc9MH9p1cN++3T0/DfD0uROzYxPnL56ZuDg7fX4ify5jFxo313/29Vqfcpr9t/z9bLta/kF82fvu3Zc+n7Xuqc8t+lD5Im0fIHotfBbNP7zi3IGlfB/7/uFQk4r0/wAAAFAFse8fCTXR/wMAAEBpxL5/XaiJ/h8AAABKI/b9o6EmFen/5f/l/5eW/8/vl/+vVv7/3CfzXOlaz//H/Lz8fzXc5Pz/irffh/z/3d3ulP/vQf7/pubnV2Tg5o9f/l/+n4WKlv+Pff/6LKtk/w8AAABVEPv+DaEm+n8AAAAojdj33xJqov8HAACA0oh9/8tCTSrS/8v/Lyn/v7tX4Kr8+X/X/1+9/P/8eUj+P7ei/H98ceT/K2PZ+ftHH275tgT5/67k/3uQ/1+7+f8CjF/+X/6fdsOL3nOz8v+x77811KQi/T8AAABUQez7Xx5qov8HAACA0oh9/22hJvp/AAAAKI3Y928MNalI/y//f93X/x9t/kb+v3X88v+tXP8/zIe1eP3/psHI/68Nrv/fnfx/D9ed/x+V/1+L+f/h/o6/2Pn/nsOX/+eGKNr1/2Pf/4pQk4r0/wAAAFAFse9/ZaiJ/h8AAABKI/b9rwo10f8DAABAacS+//ZQk4r0//L/153/byH/3zp++f/O80P+fw3m/7te/z//Sv6/WOT/u5P/78H1/6uV/+/z+Iud/+/39f+H396+vvw/nRQt/x/7/leHmlSk/wcAAIAqiH3/HaEm+n8AAAAojdj3vybURP8PAAAApRH7/k2hJhXp/+X/5f/l/+X/5f87b793/j8n/18s8v/dyf/3IP8v/y//v7T8f4c3v/L/dFK0/H/s++8MNalI/w8AAABVEPv+u0JN9P8AAABQGrHv/5lQE/0/AAAAlEbs+zeHmlSk/9/04LVHv9b4Sv4/k/+X/69A/v/eEfl/+f9yk//vTv6/B/l/+X/5/yVe/3+h5eT/1/V6MEqjaPn/2Pe/NtRkQePX/o4UAAAAWCti3/+6UJOK/P0fAAAAqiD2/XeHmuj/AQAAoDRi3z8WarL2+v8PDVzHSq7/X678/5/+9ZN3Z/L/8v89tl/S/H+cBvL/FSf/3538fw/y//L/8v+rkv+nOoqW/499/5ZQk7XX/wMAAACLiH3/1lAT/T8AAACURuz77wk10f8DAABAacS+f1uoSUX6f/n/cuX/I/l/+f9u2y9p/j+R/682+f8Omg7SNZL/H5P/l/9fi+MvR/4/vvuV/6c/ipb/j33/60NNKtL/AwAAQBXEvn97qIn+HwAAAEoj9v1vCDXR/wMAAEBpxL5/R6hJRfp/+X/5f/l/+X/5/87bl/9fm+T/u1tu/n/E9f/l/+X/K5b/d/1/+qto+f/Y978x1KQi/T8AAABUQez7d4aa6P8BAACgNOK/38z/3av+HwAAAMoo9v3joSYV6f9XkP+fG5T/T+T/W8df1Px/Tf5f/l/+v/Tk/7tbI9f/l/8vUP6/frv8v/y//D/Xq2j5/9j3vynUpCL9PwAAAFRB7PvvCzXR/wMAAEBpxL5/ItRE/w8AAAClEfv+yVCTivT/rv9fufz/uirn/13/X/5f/r/85P+7k//vQf7f9f/Llv/PMvl/bqqi5f9j378r1KQi/T8AAABUQez7d4ea6P8BAACgNGLfvyfURP8PAAAApRH7/r2hJhXp/+X/K5f/r/T1/+X/5f/l/8tP/r87+f8e5P/l/8uW/3f9f26youX/Y99/f6hJRfp/AAAAqILY9+8LNdH/AwAAQGnEvn9/qEno/zv9u24AAABgbYl9/4FQk4r8/V/+vyT5/9/6+5Zty//L/3fbfn/y/+vl/0OV/y+Wkub/2w+L6yb/34P8v/y//L/8P31VtPx/7PsPhppUpP8HAACAKoh9/5tDTfT/AAAAUBqx7//ZUBP9PwAAAJRG7Pt/LtSkIv2//H9J8v9t5P/l/7tt3/X/5f/LrKT5/74pVf5/QP5f/r9Y45f/l/9noRuf/49fLS3/H/v+Q6EmFen/AQAAoApi3//zoSb6fwAAACiN2Pe/JdRE/w8AAAClEfv+w6EmFen/5f/l/+X/5f9vTP7/LVm7Iub/65NH/r9c5P+7K1X+3/X/5f8LNn75f/l/Fira9f9j3//WUJOK9P8AAABQBbHvfyDURP8PAAAApRH7/reFmuj/AQAAoDRi3/9gqElF+n/5f/l/+X/5f9f/77x9+f+1Sf6/O/n/HuT/5f/l/+X/6aui5f9j3//2UJOK9P8AAABQBbHvf0eoif4fAAAASiP2/e8MNdH/AwAAQGnEvv9doSYV6f/l/+X/i5T/H2kbv/y//H8m/y//v0zy/93J//cg/y//L/8v/09fFS3/H/v+Xwg1qUj/DwAAAFUQ+/6HQk30/wAAAFAase9/d6iJ/h8AAABKI/b97wk1qUj/L/8v/1+k/H/m+v/y/5XJ/2cte1X+v3/k/7uT/+9B/l/+X/5f/p++Klr+P/b97w01qUj/DwAAAFUQ+/5fDDXR/wMAAEBpxL7/faEm+n8AAAAojdj3/1KoSUX6f/l/+f9i5f/nLmWu/5/I/+f6kv+vr1So/L/r/98o8v/dyf/30CH/v07+X/5f/l/+n+tWtPx/7PvfH2pSkf4fAAAAqiD2/R8INdH/AwAAQGnEvv+DoSb6fwAAACiN2Pc/HGpSkf5f/r+S+f/0lIuX/3f9f/n/qlz/X/7/RpH/707+vwfX/5f/l/+X/6evipb/j33/I6EmFen/AQAAoApi3/9oqIn+HwAAAEoj9v0fCjXR/wMAAEBpxL7/w6EmFen/5f8rmf8v8PX/y5b/H2qZHzcm/7+ukPn/0abXM81L+X/5/1Ug/9+d/H8P8v8hP58NyP8XMP8fZvP6RdaX/6eIipb/j33/R0JNKtL/AwAAQBXEvv+XQ030/wAAAFAase//lVAT/T8AAACURuz7fzXUpCL9v/y//L/8v+v/u/5/5+3L/69N8v/dyf/3IP/v+v9Fzv/3IP9PERUt/x/7/l8LNVm08Xvhv5bwNAEAAIACiX3/R0NNKvL3fwAAAKiC2PcfCTXR/wMAAEBpxL7/aKhJRfp/+f/2/H+8oqr8v/z/msv/D8n/5+T/q61/+f/X3Jpl8v/y//L/8v/y//L/rETR8v+x7z8WalKR/h8AAACqIPb9vx5qov8HAACA0oh9//FQE/0/AAAAlEbs+6dCTSrS/8v/u/5/v/L/P5X/v9n5f9f/D+T/q831/7uT/+9B/l/+X/5f/p++Klr+P/b906EmFen/AQAAoMTSr4Nj338i1ET/DwAAAKUR+/6ToSb6fwAAACiN2Pd/LNSkIv2//L/8v+v/34z8/1DL8vL/Ofl/+f9+kP/vTv6/B/l/+X/5f/l/+qpo+f/Y98+EmlSk/wcAAIAqiH3/x0NN9P8AAABQGrHv/0Soif4fAAAASiP2/adCTSrS/8v/y/9XPf9fy7LLrv8v/99p+/L/a5P8f3fy/z3I/8v/y//L/9NXRcv//z979/Fk11nmcfyOx5bUs/H8CbOZDSuWsDIb9mzZUcXaRJODbXIGkzFgwOScczI554wJJudooqFKlFvP86hb9/Y5kvp033Pe9/PZPCMNct+2BdQP1bfe3P1Xxi2d7H8AAADoQe7+e8Ut9j8AAAA0I3f/veMW+x8AAACakbv/PnFLJ/tf/6//773/X23l/f/9/3r9/xn6f/3/FNb6+0sv7Ncf2P/f8U5X3UP/r//X/w/S/+v/9f+ca279f+7++8Ytnex/AAAA6EHu/vvFLfY/AAAANCN3//3jFvsfAAAAmpG7/6q4pZP9r//X/+v/9f/7+v+b9P/6/2Xz/v8w/f8I/b/+X/+v/2dSc+v/c/c/IG7pZP8DAABAD3L3PzBusf8BAACgGbn7HxS32P8AAADQjNz9D45bOtn/+n/9v/5/Kf3/Ce//n/P96P/1/5vo/4fp/0fo//X/+n/9P5OaW/+fu/8hcUsn+x8AAAB6kLv/oXGL/Q8AAADNyN3/sLjF/gcAAIBm5O5/eNzSyf7X/+v/9f9L6f+P6f1//b/+f+FuXJ39zwT9/zr9/4iR/n+10v8POe9+fvO3t5zPfwD9v/6fdXPr/3P3PyJuuctqdeJiv0kAAABgVnL3PzJu6eTP/wEAAKAHufuvjlvsfwAAAGhG7v5r4pZO9r/+X/+v/9f/6/83f339/zKdX39/8sBfr/8PB/b/d/jfK+/Zb//v/f9h3v/X/+v/Odfc+v/c/dfGLZ3sfwAAAOhB7v5HxS32PwAAADQjd/+j4xb7HwAAAJqRu/8xcUsn+1//31r//9/7ft2e/n+3dtH/6//1//r/1h22v9f/h67f/9+pH+r/9f/6f/0/hzO3/j93/2Pjlk72PwAAAPQgd//j4hb7HwAAAJqRu//xcYv9DwAAAM3I3f+EuKWT/a//b63/3//rvP+v/9/09fX/+v+W6f+H6f9HtPL+/0X+rtl2P39Y2/78+n/9P+vm1v/n7n9i3NLJ/gcAAIAe5O5/Utxi/wMAAEAzcvc/OW6x/wEAAKAZufufErd0sv/1//r/ZfT/+RX0//r/o+//k/5/mfT/w/T/I1rp/y/Stvv5pX9+/b/+n3Vz6/9z9z81bulk/wMAAEAPcvc/LW6x/wEAAKAZufufHrfY/wAAANCM3P3PiFs62f/6f/3/Mvp/7//r/73/r/8/P/r/Yfr/Efp//b/+X//PpObW/+fuvy5u6WT/AwAAQA9y9z8zbrH/AQAAoBm5+58Vt9j/AAAA0Izc/c+OWzrZ//p//b/+X/+v/9/89fX/y6T/H6b/H6H/1//r//X/TGpG/f+eX3Vq9Zy4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/+v/Z9P/7+Z8bfX/O6vV6qL7/7vq/5fd/+/s+edZvy/1//r/Y6D/H6b/H6H/1//r//X/TGpG/f/uj3P3vyBu6WT/AwAAQA9y918ft9j/AAAA0Izc/S+MW+x/AAAAaEbu/hfFLZ3sf/3/bPr/XW31/97/P/f3R0/9v/f/1+n/j4f+f5j+f4T+X/+v/9f/M6m59f+5+18cN5247KK/RQAAAGBmcvffELd08uf/AAAA0IPc/S+JW+x/AAAAWKjr1n4md/9L45ZO9r/+f9r+/8Sen9P/6//P/f2h/9f/6/+Pnv5/mP5/hP5f/6//1/8zqbn1/7n7Xxa3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pfHLfY/AAAANCN3/yvilk72v/7f+//6f/2//n/z19f/L5P+f5j+f4T+X/+/3f7/5Nn/U/9PGy6g/z99+vTVR97/5+5/ZdzSyf4HAACAHuTuf1XcYv8DAABAM3L3vzpusf8BAACgGbn7XxO3dLL/9f9H0f+fqRVn3f/nb/Vl9f/XrFb6f/2//l//P0z/P0z/P0L/r//3/r/+n0nN7f3/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+18ct9j8AAAA0I3f/G+KWTva//t/7/wvq/73/r//f9/0srP+/baX/PxaL6P93Dv76c+//r9X/6/8HdNf/3+3O+36o/9f/s25u/X/u/jfGLZ3sfwAAAOhB7v43xS32PwAAADQjd/+b4xb7HwAAAJqRu/8tcdOlnex//b/+X/+v/9f/b/76x/z+/4nVaqX/n8Ai+v8Bc+//vf+v/x/SXf9/Dv2//p91c+v/c/e/NW7pZP8DAABAD3L3vy1usf8BAACgGbn73x632P8AAADQjNz974hbOtn/+n/9v/5f/998/3/tIvp/7/9PRP8/TP8/Qv+v/9f/6/85Ftvq/3P3vzNu6WT/AwAAQA9y978rbrH/AQAAoBm5+98dt9j/AAAA0Izc/e+JWzrZ//p//f+F9P/5OfX/bfX/J2fX/5/a99fr5P1//f9E9P/D9P8j9P/6f/3/dfp/pjS39/9z9783bulk/wMAAEAPcve/L279T7f2PwAAADQjd//74xb7HwAAAJqRu/8DcUsn+1//r//3/r/+v/n3//X/XdH/D9P/j9D/6//1/97/Z1Jz6/9z938wbulk/wMAAEAPcvd/KG6x/wEAAKAZufs/HLfY/wAAANCM3P03xS2d7H/9v/5f/6//1/+f+Weo/2+D/n/Y8fT/O/p//X/18/8V/y7Q/+v/x349bZpb/5+7/yNxSyf7HwAAAHqQu/+jcYv9DwAAAM3I3f+xuMX+BwAAgEW6dMPP5e7/eNzSyf7X/+v/9f/6f/3/5q+v/18m/f8w7/8f5H+u3/sj/f/59vP/t+9HS3v//9z//tL/6/+Z3tz6/9z9n4hbOtn/AAAA0IPc/Z+MW+x/AAAAaEbu/k/FLfY/AAAANCN3/6fjlk72v/5f/99M/3/7h9D/6//1/93T/w/T/4/w/v9W389f+ufX/+v/WTe3/j93/2filk72PwAAAPQgd/9n4xb7HwAAAJqRu/9zcYv9DwAAAM3Y3f0Zl3W4//X/W+v/d//6+n/v/+v/9f/6/2np/4fp/0fo//X/+n/9P5OaW///+d1fdWr1hbilk/0PAAAAPcjd/8W4xf4HAACAZuTu/1LcYv8DAABAM3L3fzlu6WT/6/+9/7+M/v/06dNX6//1//u/n7P9/y36f4r+f5j+f4T+X/+v/9f/M6m59f+5+78St3Sy/wEAAKAHufu/GrfY/wAAANCM3P1fi1vsfwAAAGhG7v6vxy2d7H/9/+2f4/L6+aPt/2/4/439/yn9v/f/9f8r7//r/yei/99sJ67+f0SL/f+p8//2t93PH9a2P7/+X//Purn1/7n7vxG3dLL/AQAAoAe5+78Zt6zt/5uP8VMBAAAAU8rd/624xZ//AwAAQDNy9387bulk/+v/j+/9/9v/3vXy/v/OavPn1//r//X/+v+jpv8fpv8f0WL/fwG23c8v/fPr//X/rJtb/5+7/ztxy/7hd9mFfZcAAADAnOTu/27c0smf/wMAAEAPcvffHLfY/wAAANCM3P3fi1s62f/6/+Pr//f28633/8fz/v8p/b/+f8r+/xL9fxv0/8P0/yOOrP8/kX99/f8R2vbn1//v7f/zd7P+v3dz6/9z938/bulk/wMAAEAPcvf/IG6x/wEAAKAZuft/GLfY/wAAANCM3P23xC179v+mtrsV+n/9/3L7f+//6/+9/6//X6f/3xn8/55v/39ydbj+P+n/vf+v/++1//f+P2fMrf/P3f+juMWf/wMAAMDiXHbAz+fu/3HcYv8DAABAM3L3/yRusf8BAACgGbn7fxq33HrJtj7SsdL/6//1//p//f/mr6//Xyb9/zDv/4/Q/0/Rz1+h/2+j/1+t9P8c3tz6/9z9P4tb/Pk/AAAANCN3/8/jFvsfAAAAmpG7/xdxi/0PAAAAzcjd/8u4pZP9r//X/x+y/99NM/X/Z+j/z9D/b6b/Px76/2H6/xH6f+//6/+9/8+k5tb/5+7/VdzSyf4HAACAHuTu/3XcYv8DAABAM3L3/yZusf8BAACgGbn7fxu3dLL/t9b/x99q/f92+/9LvP+/S/+v/9/09fX/y6T/H6b/H6H/1//r//X/TGpu/X/u/t/FLZ3sfwAAAOhB7v7fxy32PwAAADQjd/8f4hb7HwAAAJqRu/+PcUsn+9/7/333/xO8/6//H+7/T+79Ovp//b/+/+jp/4fp/zerf1D6f/2//l//z6Tm1v/n7v9T3NLJ/gcAAIAe5O7/c9xi/wMAAEAzcvffGrfY/wAAANCM3P1/iVs62f/6f/2//t/7//r/zV9f/79M+v9h2+z/7375+Jf1/v/W+//8CPp//b/+n0nMrf/P3f/XuKWT/Q8AAAA9yN3/t7jF/gcAAIBm5O7/e9xi/wMAAEAzcvf/I27pZP+P9P9n3y7X/w/S/+///Pr/zb8/9P/6f/3/0dP/D/P+/wj9v/f/9f/6fyY1t/4/d/8/45ZO9j8AAAD0IHf/bXGL/Q8AAADNyN3/r7jF/gcAAIBm5O7/d9zSyf73/v+S+v8r9P/6f/2//l//P0L/P0z/P0L/r//X/+v/mdTc+v/c/f8JAAD///dEVNI=")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='.\x00')

3.016824849s ago: executing program 6 (id=4886):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000440)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x1f5}}, {@grpjquota, 0x2e}, {@barrier}, {@nolazytime}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWbI+kB2uvmr/H4ieWDh4A/HCe/OZbzvUQGDNZJ9NOxYt7cn/pvOfX8CdKNHHoUsVn/jZ99/isZ7jj0679mz2PFmN/2b+qK3pjTT7fjRY+8be02T7Yyusf2tEnJj9++PsEQ2vQwAArK6vs/HP443Gf2ncUyq3PZ9DGYyIgxGxMyLuiohdEXF3RLXsvRFx3zLrr9ySXzz++XlTW4G1KBv/PZPPbdWP/9K8RDKf21aNvy95/fTU5KF8nwxF34YsP7pEHd88/8uHzdZVSuO/7JHVX4wF83b80buhfpuT4zPjKwi5zrV3I/b0Noo/mZ8JyPbA7ojY08brZ/vs9GOf7cvS27csXn/7+JewCvNMc59GPFo7/rNxS/yFpFZTs/nJkY0xNXlopDgrFvvxp6svlfN9pXRd/Btbi2lju8E2kB3/zQ3P/zz+ohsU87XTy6/j6m8fNP1Os/j4J3Fitlyidv6npSXZ+d+fvFJN9+fL3h6fmbkwGtGfL6hbPrawbZEvymfxDx1o3P93RvzzSb7d3ojITuL7I+KBiNift/3BiHgoIg4sEf/3zz38xtJ7qM3zfxVk8Z9c6vhHDCbl+fo2Ej1nvvuqWf2tvf8dqaaG8iWtvP+12sCV7DsAAAD4v0irc9BJOlykSxendsXmdOr89MzBSrx17mRtrnow+tLiStdA6XroaH5tuMiP3ZI/HBE7qv9ptKmaH544P7Wtk4ED1Xt16vp/pOnwcG3d783+6QW4cyxrHq18d+AXX65+Y4B15X5N6F76P3Qv/R+6l/4P3atR/78ScbMDTQHWmc9/6F76P3Qv/R+6l/4PXWnxLfHFz620c6f/QmLn8RVtvuaJuYE1eeXZ5W/Vs0aRRvlHO5omkohor4pIly7T30LtHUukty1zrM3dsozE/jyxISJa3erKuu3Vzr4vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArJZ/AwAA//+crdzy")

2.866227299s ago: executing program 6 (id=4888):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x2, 0x1, 0x4})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0585609, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x1})

2.799593961s ago: executing program 38 (id=4888):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x2, 0x1, 0x4})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0585609, &(0x7f00000000c0)={0x0, 0x1, 0x4, 0x0, 0x1})

2.011003676s ago: executing program 7 (id=4891):
openat$incfs(0xffffffffffffff9c, &(0x7f0000000700)='.log\x00', 0x80, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000006c0)={'erspan0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0x10}}}, 0x24}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x18, 0x0, 0x0)
syz_read_part_table(0x5e3, &(0x7f0000000000)="$eJzs009rXFUUAPDzxk6ntVMnSMGFLoSGghCtWsSCGbCUYeimKfUPXbguVNBFoIsuhoRk1rV+AUNMAiGbfIGAm5gEQgLJKmQZZuMyQZBB5Ml78/JHyUqDMenvBzPv3jv3nHOHe15wppWiVu2N0kpE/HH5mD19EVE5mP10pRhUrsQXc41KvP3gzsPP46MkvoqIxlvVIm+Wspc16cWX8iLlXvC9y7ExuXp3b65v7frmcv9UqUi6UIrIMnyzM137y1nySXaKixcP8vPSm68v1cbbw83nz+qVaLY6tx4nEb/lPw0mEaOPikbJ+iou5cNLJ1s/68m8/pOtZqvTv3F7Zj0d2v3h6nvl5Y3uhyv5rtfyd4Dz59NXIqJ9eP8T18a2x7r3b8w+vTlwIRZHXhQX/2vx/CT7+no0yqd5aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fyary91oz3cfP6s/mSr2ercevxu483vGt9+//GPgyNfvjH4qJTtSiL9/djw8gnUr42399O0OuW4PbOeDu3G1eFs4dX9fQPJ0agL/7Ys/xPvlCPGj/TfxLX3Pxjr3r8x+/TmwOvbiyMvintP/x74y8opnBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAsaMZqmdx6WIpL4OTlcTyu9Z1J89g0V6/cqnyWTq3f35vrWrm8u9089KNYXqlHNBzvTtf/sT/CP/RkAAP//4Vt03w==")

1.101362769s ago: executing program 8 (id=4898):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000440)=@newsa={0x138, 0x1a, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@loopback, 0x0, 0xfffd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0xffffffffffffffff}, {@in=@remote, 0x16, 0x3c}, @in=@loopback, {0x0, 0x0, 0x0, 0xffffffe7ffffffff, 0x0, 0xfffffffffffffffc, 0x1000000000000000, 0x80}, {0x0, 0x4, 0x0, 0x1}, {0x0, 0x5}, 0x0, 0x1, 0x2, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4004050}, 0x0)

1.003247758s ago: executing program 8 (id=4899):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x3c}]}, &(0x7f0000000740)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x2}, 0x94)

918.978442ms ago: executing program 8 (id=4900):
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x1000000, &(0x7f0000000080)={[{@nodecompose}, {@umask={'umask', 0x3d, 0x4}}, {@nodecompose}, {@gid={'gid', 0x3d, 0xee01}}, {@nobarrier}, {@gid}, {@nls={'nls', 0x3d, 'cp1250'}}]}, 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0)
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file1\x00', 0x0, 0x221008, 0x0)

771.189506ms ago: executing program 8 (id=4901):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x11a020, 0x0)

771.028459ms ago: executing program 9 (id=4889):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0xc)

716.723982ms ago: executing program 8 (id=4902):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x48084, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_COPY$syz(r0, 0x3b83, &(0x7f00000000c0)={0x28, 0x4, 0x0, r1, 0xffffffffffffff27, 0x7, 0x1, 0x2ce8da})

716.558073ms ago: executing program 9 (id=4903):
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x406}}}, 0x7)

716.393496ms ago: executing program 8 (id=4904):
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)

716.284161ms ago: executing program 9 (id=4905):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001517ee40f00a057a0000090203010902120001000000000904000000ff"], 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000700)={0x2c, &(0x7f00000003c0)={0x40, 0xe, 0x1e, "e23dc34b7edc8b90f44ca7a63785ede1243b51ae859a55b653078ec3310b"}, 0x0, &(0x7f0000000500)={0x0, 0x8, 0x1, 0x76}, 0x0, 0x0})

482.59955ms ago: executing program 7 (id=4906):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x20108c2, &(0x7f0000000e40)=ANY=[], 0xfe, 0x6231, &(0x7f0000003140)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQYlFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjyW7XqeOdtefzkZyZ3zyz3mf83dmXzMw+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE97/3g5VORNz4eVqwFPGZ6EV0IxbKejkiFpaX8vr9iHgudpvj2YgYzEWUt9/95+mIVyPio7MR2zsbq+Xiy4fsx3f/+Pff/fDMW3/7w+Dif/+03ntt3Hr37v3qP3++f7RtBgAAgLYpiqLopI/559Ln+27TnQIApiK//hdJXn7q61//862/zFJ/1Gq1Wq2eQl1VjHa/WkTEZvU25XsGh+MB4ITZjI+b7gINkn+r9SPiTNOdAGZap+kOcCy2dzZWOynfTvX1YHmvPZ8LciD/zc7D6zvGTSepn2MyrcfXVvTimTH9WZhSH2ZJzr9bz//GXvswrXfc+U/LuPyHe5c+tU7Ov1fPv+b05N8dmX9b5fz7j5V/T/4AAAAAADDD8v//LzV8/Hfu6JtyKJ90/Hd5Sn0AAAAAAAAAgCftqOP/PWT8PwAAAJhZ5Wf10m/O7i8b911s5fLrnYinausDLZMulllsuh8AAAAAAAAAAAAA0Cb9vXN4r3ciBhHx1OJiURTlT1W9flxHvf1J1/bthzZr+kkeAAD2fHS2di1/J2I+Iq6n7/obLC4uFsX8wmKxWCzM5fezw7n5YqHyuTZPy2Vzw0O8Ie4Pi/KXzVduVzXp8/Kk9vrvK+9rWPQO0bEnZJD+mmOaGwobAJK9V6Ntr0inTFE8Pe7NBxxg/z+FlmKp6ccVs6/phykAAABw/IqiKDrp67zPpWP+3aY7BQBMRX79rx8XOFLdHdMe8WR+v1qtVqvV6k9VVxWj3a8WEbFZvU35nsFw/ABwwmzGx013gQbJv9X6EfFc050AZlqn6Q5wLLZ3NlY7Kd9O9fUgje+ezwU5kP9mZ/d2+fajppPUzzGZ1uNrK3rxzJj+PDulPsySnH+3nv+NvfZhWu+485+WcfkPdy+Za5+cf6+ef83pyb87Mv+2qj7vHz7/nvwBAAAAAGCG5eM/S47/5k0GAAAAAAAAgBNne2djNV/3mo//f27Eeq7/PJ1y/p3HzX8hzcv/RMv5d2v5f7m2Xq8y/+DN/f3/3zsbq79f/9dn8/Sw+c/lmU56ZHXSI6KT7qnTT9OjbN2jtga9YXlPg06310/n/BSDd+JW3I61uHRg3W76e+y3rxxoL3s6ONB++UB7/5H2KwfaB+l7B4qF3H4hVuMncTve3m0v2+YmbP/8hPZiQnvOv+f5v5Vy/v3KT5n/Ymrv1KalBx92H9nvq9NR9/PGrc//8tLxb85EW9F7uG1V5fadb6A/u3+TM8P42d21Oxfu3Vxfv7MS926uD1Lzw6WXI02esJz/YPdnbv/5/4W99vy8X91fH3w4fOz8Z8VW9Mfm/0Jlvtzel6bctybk/IfpJ+f/dmofvf+f5PzH7/8vN9AfAAAAAAAAAAAAAAAA+CRFUexeIvpGRFxN1/80dW0mADBd+fW/SPJytVqtVqvVp6+uKkZ7vVpExF+rtynfM/xi1C8DAGbZ/yLiH013gsbIv8Xy9/2V0xeb7gwwVXff/+BHN2/fXrtzt+meAAAAAAAAAACfVh7/c7ky/vOLEbFUW+/A+K9vxvJRx//s55mHA4w+4YG+x9jqDnvdynDjz8fu+NwXxo3/fT4eHf87j4nbq27HGIMJ7cMJ7XMT2udHLt1Pa+SFHhU5/+cr452X+Z+rDb/ehvFf62Pet0HO/3zl8Vzm/6XaetX8i9/OXP6bh11xK7oH8r+4/t5PL959/4NXbr138921d9d+fGVl5dKVq1evXbt28Z1bt9cu7f17PL2eATn/PPa180DbJeefM5d/u+T8v5Bq+bdLzv+LqZZ/u+T88/s9+bdLzj9/9pF/u+T8X0q1/Nsl5/+VVMu/XbZ3NubK/F9OtfzbJe//X021/Nsl5/9KquXfLjn/C6mWf7vk/C+m+hD5+3r4UyTnn49w2f/bJee/kmr5t0vO/3Kq5d8uOf8rqZZ/u+T8X021/Nsl5/+1VMu/XXL+V1Mt/3bJ+X891fJvl5z/tVTLv11y/t9ItfzbJef/zVTLv11y/q+lWv7tkvP/Vqrl3y45/2+nWv7tkvP/Tqrl3y45/9dTLf922f/+fzNmzJjJM00/MwEAAAAAAAAAAAAAddM4nbjpbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30/8DN7sdcOIQZCcPI3sHaMMc6SXV/iC/+6MSEJaQKluZb0Etv1rp0F3+K1S5JGsmmgRMJRUUXV9EVbQFEbqaqwKl7QKqV5UfXyirQv6JuKqhJSoypEARWprWi2mjnP83hmPDtn1ztez57z+Uj2b3fmzJwzZ87M7nft7x4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLb+Y1NfqmVZVv/T+GtNlr2t/vGq0TWNyz5ytbcQAAAAWKz/bfz95nXpgn3zuFHTMn/3vu9+a3Z2djb79ODvDn91djZdMZplwyuzrHFddOHfHq01LxM8m43UBpo+HyhY/WDB9UMF1w8XXL+i4PqVBdePFFx/yQ64xKr85zGNO9vY+HBNvkuz67PhxnUbO9zq2drKgYH4s5yGWuM2s8OHs+nsaDaVTbQsny9bayz/8vr6uu7J4roGmta1rn6E/OiZQ3EbamEfb2xZ18X7jH740Wz0xz965tAfn379xk6zcDe03F++nZs31LfzC+GSfFtr2cq0T+J2DjRt57oOz8lgy3bWGrerf9y+nW/OczsHL27mkmp/zkeygcbHrzb201Dzj/XSfloXLvuvm7MsO3dxs9uXuWRd2UC2uuWSgYvPz0h+RNbvo34ovTMbWtBxun4ex2l9Tm5sPU7bXxPx+V8fbjc0xzY0P00//PyKS573hR6nUf1Rz/VaaT8Ge/1a6ZdjMB4XrzYe9HMdj8GN4fE/s2nuY7DjsdPhGEyPu+kY3FB0DA6sGGxsc3oSao3bXDwGt7YsP9hYU60xX9vU/RgcP33s5PjMU09/ePrYwSNTR6aOb9+6dWL7zp27d+8ePzx9dGoi//sy93b/W50NpNfAhrDv4mvgg23LNh+qs1/v3etwpMvrcE3bsr1+HQ61P7ja0rwgLz2m89fGQ/WdPnJ+IJvjNdZ4frYs/nWYHnfT63Co6XXY8WtKh9fh0Dxeh/VlTm6Z3/csQ01/Om3DlfpasKbpGGz/fqT9GOz19yP9cgyOhOPiX7bM/bVgXdje58YW+v3I4CXHYHq44b2nfkn6fn9kd2N0Oi5vql9xzYrszMzUqVufPHj69KmtWRhL4l1Nx0r78bq66TFllxyvAws+XvdNv++5mzpcvibsq5EP1/8amfO5qi+z49buz1Xjq1vn/dly6bYsjB5b6v3Z6at5fX+mLNllf9aX+cL44r8XT7m06f13eI7335j738rXl+7q2cHhofz1O5j2znDL+3HrUzXUeO+qNdb95vj83o+Hw5+lfj++vsv78dq2ZXv9fjzc/uDi+3Gt6Kcdi9P+fI6E4+ToRPf34/oya7ct9Jgc6vp+fHOYtbD/PxSSQspFTcfOXMdtWtfQ0HB4XENxDa3H6faW5YdDNquv66Vtl3ecbr45v6/B9OguWqrjdLRt2V4fp+n9aq7jtFb007fL0/58joTj4vrt3Y/T+jKv7Fj8e+eq+GHTe+eKomNweHBFfZuH00GYv9/ProrH4K3ZoexEdjSbbFy7onE81RrrGrttfsfgivCnF++VRT/3bLa2yzG4uW3ZXh+D6evYXMdebejSB98D7c/nSDguXrit+zFYX+bOXb393nVzuCQt0/S9a/vP1+b6mddNbbvpSv7Mq76df7Or+89m68sc3b3QnNl9P90SLrmmw35qf/3O9ZqazJZmP60N2/n67rn3U3176st8dc88j6d9WZadfeKOxs97w7+v/PmZ732r5d9dOv2bztkn7njj2sN/u5DtB2D5eysfq/OvdU3/MjWff/8HAAAAloWY+wfCTOR/AAAAKI2Y++P/Ck/kfwAAACiNmPuHwkwqkv/X3vn69Ftns9TMnw3i9Wk33JsvFzuuE+Hz0dmL6pff8eLUT/7y7PzWPZBl2U/v/Y2Oy6+9N25XbjRs54W7Wi+/9IZn57X+Aw9fXK65v/61cP/x8cz3MOhUwZ3Isuzl655vrGf00fON+cq9BxrzgXPPPVtf5s09+efx9q+9K1/+D0L5d9/hgy23fy3shx+EOXFf5/0Rb/fN8x9at+uRi+uLt6tteHvjYb/wWH6/8ffkfOXZfPm4n+fa/r/68kvfrC//5Ac6b//Zgc7b/1K43xfD/O/35ss3Pwf1z+Ptvhi2P64v3u7Wb3yn4/Zf+FK+/Mm78+UOhBnXvzl8vvHu16eb99eTtYMtjyv7eL5cXP/E9367cX28v3j/7ds/sv98y/5oPz5e+af8fsbblo+Xx/VEf9G2/vr9NB+fcf0v/daBlv1ctP4LD7z23vr9tq//lrblBttu3/4bm/7wi893XF/cnn1/drLl8ey7P7yOw/pfeCwcj+H6/7nwfMt6owP3t77/xOW/tuZsy+OJ7vlxvv4Ltx9pzH8f/cnvX/O2a99+7v31fZdlrz6Y31/R+o/80YmW7f/6DVsaz0e8Pnb029c/l7j+U58bO35i5sz0ZNNebfzunE/k27NyZNXq+vZeF95b2z/ff+L041OnRidGJ7JstLy/Qu+yfSPMN/JxbqG33/JweD5v+r2XV2/6xy/Hy//5ofzy8/flX7c+GJb7Srh8Tf78zdYWuf4X1t/QeH3XXsk/b+mx98C6jf+xe14Lhsff/n1BPN5Pvvvxxn6oX9f4uhFf14vc/u9P5vfz7bBfZ8NvZt5ww8X1NS8ffzfC+Qfz1/ui9194m4vP65+E5/uTP8jvP25XfLzfD9/HfGdt6/tdPD6+fXag/f4bv8XjXHg/yc7l18el4v4+/+YNHTcv/h6S7NyNjc9/J93PjQt6mHOZeWpm/Oj08TNPjp+emjk9PvPU0/uPnThz/PT+xu/y3P+ZottffH9a3Xh/mpzauSObWJVl2YlsYgnesK7M9tc/mt/2n3z40OSuiU2TU4cPnjl8+uGTU6eOHJqZOTQ1ObPp4OHDU58ruv305N6t2/Zs37Vt7Mj05N7de/Zs3zM2ffxEfTPyjSqwc+KzY8dP7W/cZGbvjj1bb7ttx8TYsROTU3t3TUyMnSm6feNr01j91r8+dmrq6MHT08emxmamn57au3XPzp3bCn8b4LGTh2dGx0+dOT5+Zmbq1Hj+WEZPNy6uf+0ruj3lNPOv+fez7Wr5L+LLPnXLzvT7Wete/Pycd5Uv0vYLRF8Pv4vmH95xcvd8Po+5fzjMpCL5HwAAAKog5v4VYSbyPwAAAJRGzP0rw0zkfwAAACiNmPtHwkwqkv/1//X/59f/z6/X/69W///kE3mvdLn3/2N/ftn1/4fzN2X9/4W5yv3/Ra9f/1//v3z9//n355f79uv/6/9zqX7r/8fcvyrLKpn/AQAAoApi7l8dZiL/AwAAQGnE3H9NmIn8DwAAAKURc//bwkwqkv/1/+fV/99WVLgqf//f+f/1/7Pl2f+PT85y7P87//9lWXD//pGHWj7V/w/0//X/9f/1//X/WbThOa+5Wv3/mPuvDTOpSP4HAACAKoi5/+1hJvI/AAAAlEbM/deFmcj/AAAAUBox968JM6lI/tf/d/5//X/9/1L3/xd7/v+mjdH/Xx6c/z9qfyXl9P8LXHb/f0T/fzn2/4d7u/393f8v3Hz9f66Ifjv/f8z97wgzqUj+BwAAgCqIuf+dYSbyPwAAAJRGzP3vCjOR/wEAAKA0Yu6/PsykIvlf/1//X/9f/1//v/P6i8//n3+k/99f9P+70/8v4Pz/1er/93j7+7v/v9Dz/6/Ksqxb/3/4rvbb6//TSb/1/2Puf3eYSUXyPwAAAFRBzP03hJnI/wAAAFAaMfe/J8xE/gcAAIDSiLl/bZhJRfK//r/+v/6//r/+f+f1F/f/c/r//UX/vzv9/wL6//r/+v/zO/9/h29+9f/ppN/6/zH33xhmUpH8DwAAAFUQc/9NYSbyPwAAAJRGzP3/L8xE/gcAAIDSiLl/XZhJRfK//r/+v/5/tfr/t6zQ/9f/Lzf9/+70/wvo/+v/6//Pr//fwUL6/yuL7ozS6Lf+f8z97w0zqUj+BwAAgCqIuf99YSbyPwAAAJRGzP3vDzOR/wEAAKA0Yu4fDTOpSP7X/y9X//9P//qF92f6//r/Besvaf8/Hgb6/xWn/9+d/n8B/X/9f/3/Jen/Ux391v+PuX99mElF8j8AAABUQcz9G8JM5H8AAAAojZj7bw4zkf8BAACgNGLu3xhmUpH8r/9frv5/pP+v/99t/SXt/ydXq/9f9H6h/7809P87aHqR6v8X0P/X/698/z9+NdP/pzf6rf8fc/8Hwkwqkv8BAACgCmLu3xRmIv8DAABAacTc/8EwE/kfAAAASiPm/s1hJhXJ//r/+v/6//r/+v+d1+/8/8uT/n93C+3/r9D/1//X/69Y/9/5/+mtfuv/x9z/oTCTiuR/AAAAqIKY+7eEmcj/AAAAUBrx/2/m/+9V/gcAAIAyirl/LMykIvlf/1//v0r9/5r+v/6//n/p6f935/z/BfT/9f/1//X/6al+6//H3P/hMJOK5H8AAACogpj7bw0zkf8BAACgNGLuHw8zkf8BAACgNGLunwgzqUj+1//X/69S/9/5//X/9f/LT/+/O/3/Avr/+v9l6/9nmf4/V1W/9f9j7t8aZlKR/A8AAABVEHP/tjAT+R8AAABKI+b+7WEm8j8AAACURsz9O8JMKpL/9f/1//X/9f/1/zuvX/9/edL/707/v4D+v/5/2fr/zv/PVdZv/f+Y+28LM6lI/gcAAIAqiLl/Z5iJ/A8AAAClEXP/rjCTkP87/b9uAAAAYHmJuX93mElF/v1f/78k/f/f/PuWdev/6/93W39v+v+r9P/D1P/vLyXt/7e/LC6b/n8B/X/9f/1//X96qt/6/zH37wkzqUj+BwAAgCqIuf8jYSbyPwAAAJRGzP3/P8xE/gcAAIDSiLn/Z8JMKpL/9f9L0v9vo/+v/99t/c7/r/9fZiXt//dMqfr/A/r/+v/9tf36//r/XOrK9//jR/Pr/8fcvzfMpCL5HwAAAKog5v6fDTOR/wEAAKA0Yu6/PcxE/gcAAIDSiLl/X5hJRfK//r/+v/6//v/i+v+jc/T/b8/a9WP/v37w6P+Xi/5/d6Xq/zv/v/5/p+3/rv6//j/9pN/O/x9z/0fDTCqS/wEAAKAKYu6/I8xE/gcAAIDSiLn/Y2Em8j8AAACURsz9d4aZVCT/6//r/+v/6/87/3/n9ev/L0/6/93p/xfQ/1/+/X/n/9f/p6/0W/8/5v67wkwqkv8BAACgCmLuvzvMRP4HAACA0oi5/+NhJvI/AAAAlEbM/feEmVQk/+v/6//r/+v/6/93Xr/+//Kk/9+d/n8B/X/9f/1//X96qt/6/zH3/1yYSUXyPwAAAFRBzP33hpnI/wAAAFAaMfffF2Yi/wMAAEBpxNz/iTCTiuR//X/9f/1//X/9/87r1/9fnkrc/799offVif5/Af1//X/9f/1/eqrf+v8x938yzKQi+R8AAACqIOb+nw8zkf8BAACgNGLu/1SYifwPAAAApRFz/y+EmVQk/+v/6//3V/9/9mzz7fT/9f+zXvX/6zfS/6+EEvf/e0L/v0CH/v9K/X/9f/1//X8uW7/1/2Puvz/MpCL5HwAAAKog5v4HwkzkfwAAACiNmPsfDDOR/wEAAKA0Yu5/KMykIvlf/7+S/f/0kPuv/+/8//r/zv+v/784+v/d6f8XcP5//X/9f/1/eqrf+v8x9z8cZlKR/A8AAABVEHP/I2Em8j8AAACURsz9vxhmIv8DAABAacTc/+kwk4rkf/3/Svb/+/j8/2Xr/w+1HB9V6v+PND2f6bjU/9f/XwL6/93p/xfQ/9f/7+f+fziaV81xe/1/+lG/9f9j7n80zKQi+R8AAACqIOb+Xwozkf8BAACgNGLu/+UwE/kfAAAASiPm/l8JM6lI/tf/1//X/3f+f+f/77x+/f/lSf+/O/3/Avr/+v/93P8voP9PP+q3/n/M/b8aZjJn8HvjP+fxMAEAAIA+EnP/Y2EmFfn3fwAAAKiCmPv3h5nI/wAAAFAaMfcfCDOpSP7X/2/v/8czqur/6//r/+v/6/8vR73r/7/n2izT/9f/1//X/9f/1/9nMfqt/x9z/8Ewk4rkfwAAAKiCmPt/LcxE/gcAAIDSiLn/UJiJ/A8AAAClEXP/ZJhJRfL/Vez/D/dn/9/5/y+3//9T/X/9/0D/vzP9/6Xh/P/d6f8X0P/X/9f/1/+np/qt/x9z/1SYSUXyPwAAACxTI/NYJv04OOb+w+03lf8BAACgNGLuPxJmIv8DAABAacTc/3iYSUXyv/P/6/87/397/79+11e6/z/Usrz+f07/X/+/F/T/u9P/L6D/r/+v/6//T0/1W/8/5v7pMJOK5H8AAACogpj7PxNmIv8DAABAacTc/9kwE/kfAAAASiPm/qNhJhXJ//r/+v9V7//Xsuyc8//r/3dav/7/8qT/353+fwH9f/1//X/9f3qq3/r/MfcfCzOpSP4HAACAKoi5/3iYifz/f+zdx5Nl5XnH8WPMzPSs8J/gtVde2iv8D7jKW+9c5WKpQgHlAChnCZQDCihnoZyFck4oZ5SzkIQiompU9DzPMx1un9vh9r3nvO/ns3k8U7S7W2qwfx5/9QIAAEAzcvdfHbfY/wAAANCM3P33jlva3v8Vo+n/9f+99//Dvvf/9f/6/4v0//O0r7+/fPFfd1AUfmD//+//cc3/6f/1//r/Ufp//b/+n72m1v/n7r9P3NL2/gcAAICu5O6/b9xi/wMAAEAzcvffL26x/wEAAKAZufuviVs62f8N9P9370r79P+7Pk7/r/9f9PlH+/9b9f/6/3nz/v84/f8S+n/9v/5f/89KTa3/z91//7ilk/0PAAAAPcjd/4C4xf4HAACAZuTuf2DcYv8DAABAM3L3Pyhu6WT/N9D/7/lA/f+g/2+0/z/r/f8934/+X/+/yHr7/9vq4/T/+n/9v/5f/6//Z7+p9f+5+x8ctywafluH/S4BAACAKcnd/5C4pZM//wcAAIAe5O5/aNxi/wMAAEAzcvc/LG45eP+fO/2van30//p//f9c+v81vf+v/9f/z9zNw6V/Jnj/fz/9/xJL+v9h0P+POXQ/v/jbm8/XfwD9v/6f/abW/+fuf3jc8l/DcPa43yQAAAAwKbn7HxG3+P//BwAAgGbk7r82brH/AQAAoBm5+6+LWzrZ//p//b/+X/+v/1/8+fX/87Te9/977P//7V/u9f/99v/e/x/n/f9V9//3/GTo/5m3qfX/ufuvj1s62f8AAADQg9z9j4xb7H8AAABoRu7+R8Ut9j8AAAA0I3f/o+OWTva//r+1/v+fd33cjv5/u3bR/+v/9f+n2v+PPhur/18P/f847/8vsf2PufP1y3n2/1tH+pZ32nQ/f1Kb/voP2/+fOeDjvf9Pi6bW/+fuf0zc0sn+BwAAgB7k7n9s3GL/AwAAQDNy9z8ubrH/AQAAoBm5+x8ft3Sy//X/rfX/uz/O+//6/0WfX//v/f+W6f/H6f+XaOX9/2P+1Gy6nz+pTX/9q3//X//P/E2t/8/d/4S4pZP9DwAAAD3I3f/EuMX+BwAAgGbk7n9S3GL/AwAAQDNy9z85bulk/+v/9f/z6P/zM+j/9f+H7P/PHr//T/r/edL/j9P/L9FK/39Mm+7n5/716//1/+w3tf4/d/9T4pZO9j8AAAD0IHf/U+MW+x8AAACakbv/aXGL/Q8AAADNyN3/9Lilk/2v/9f/z6P/9/6//v9k7/9fNXj/vxf6/3H6/yX0//p//b/+n5WaWv+fu/+GuKWT/Q8AAAA9yN1/Y9xi/wMAAEAzcvc/I26x/wEAAKAZufufGbd0sv/1//p//b/+v4f+/yjv/5+o/79lOJD+fz30/+P0/0vo//X/+n/9Pys1of5/x0dtDc+KWzrZ/wAAANCD3P3PjlvsfwAAAGhG7v7nxC32PwAAADQjd/9z45ZO9r/+fzL9/3bO11b/f34YBv3/0Gn/f37Hv5/1c9lD/z9C/78e+v9x+v8l9P/6f/2//p+VmlD/v/3r3P3Pi1s62f8AAADQg9z9z49b7H8AAABoRu7+F8Qt9j8AAAA0I3f/C+OWTva//n8y/f+2tvp/7//v/fnoqf/v9v3/Efr/9dD/j9P/L6H/1//r//X/rNTU+v/c/TfFTWfPHPtbBAAAACbmpjuG7d3/omHo8s//AQAAoAe5+18ct9j/AAAAMFM37Pud3P0viVs62f/6/9X2/2d3/J7+X/+/9+dD/6//1/+fPv3/OP3/Evp//b/+X//PSk2t/8/d/9K4pZP9DwAAAD3I3X9z3GL/AwAAQDNy978sbrH/AQAAoBm5+18et3Sy//X/3v/X/+v/9f+LP7/+f570/+P0/0vo//X/m+3/z136L/X/tOEI/f+FCxeuPfX+P3f/K+KWTvY/AAAA9CB3/yvjFvsfAAAAmpG7/1Vxi/0PAAAAzcjd/+q4pZP9r//vtP/PH/V59f/XDYP+X/+v/9f/jztSf//f+39L/x/0//p//b/3//X/rMDU3v/P3f+auKWT/Q8AAAA9yN3/2rjF/gcAAIBm5O5/Xdxi/wMAAEAzcve/Pm7pZP/r/zvt/73/r//X/6+7/79r0P+vxSze/z9/8Oefev9/vf5f/z+iu/7/f/5z1y/1//p/9pta/5+7/w1xSyf7HwAAAHqQu/+NcYv9DwAAAM3I3f+muMX+BwAAgGbk7n9z3HR5J/tf/6//1//r//X/iz//mt//PzsMg/5/BWbR/4+Yev+/mvf/9/5dfon+X/8/569f/6//Z7+p9f+5+2+JWzrZ/wAAANCD3P1viVvsfwAAAGhG7v63xi32PwAAADQjd//b4pZO9r/+/6T9/8WfGf3/7q9f/7+b/j9+HjbV/18/i/7f+/8rov8fN43+/2D6f/3/nL9+/b/+n8PbVP+fu//tcUsn+x8AAAB6kLv/HXGL/Q8AAADNyN3/zrjF/gcAAIBm5O5/V9zSyf7X/3v//yj9f36d+v+2+v9zk+v/t3b99+vk/X/9/4ro/8fp/5fQ/+v/9f836P9Zpam9/5+7/91xSyf7HwAAAHqQu/89cev/dGv/AwAAQDNy9783brH/AQAAoBm5+98Xt3Sy//X/+n/v/+v/D/H+/6If8VN9/3/nfwKA/l//fxT6/3H6/yX0//p//b/3/1mpqfX/ufvfH7d0sv8BAACgB7n7PxC32P8AAADQjNz9H4xb7H8AAABoRu7+W+OWTva//l//r/8/dP9/xTAMvfb/YV3v/++2jv7/Mv1/M/T/49bT/5/X/+v/q5//p/i7QP+v/1/28bRpav1/7v4PxS2d7H8AAADoQe7+D8ct9j8AAAA0I3f/R+IW+x8AAABm6fIFv5e7/6NxSyf7X/+v/9f/e/9f/7/48+v/52kj/X/+UOj/vf8f+un//3XXr+b2/v/e//ml/9f/s3pT6/9z938sbulk/wMAAEAPcvd/PG6x/wEAAKAZufs/EbfY/wAAANCM3P2fjFs62f/6f/2//l//r/9f/PlX1P/nX6b/XxPv/4/T/y+h/9/o+/lz//r1//p/9pta/5+7/1Nxy4HD79whvksAAABgSnL3fzpu6eTP/wEAAKAHufs/E7fY/wAAANCM7d2fcVmH+1//r//X/+v/9f+LP7/3/+dJ/z9O/7+E/l//r//X/7NSU+v/P7v9UVvD5+KWTvY/AAAA9CB3/+fjFvsfAAAAmpG7/wtxi/0PAAAAzcjd/8W4pZP9r//X/8+j/79w4cK1+n/9/+7v51L/f7v+n6L/H6f/X0L/r//X/+v/Wamp9f+5+78Ut3Sy/wEAAKAHuftvi1vsfwAAAGhG7v4vxy32PwAAADQjd/9X4pZO9r/+fwL9/5b+3/v/+v/B+//6/xXR/4/T/y/RYv+/dfhvf9P9/Elt+uvX/+v/2W9q/X/u/q/GLZ3sfwAAAOhB7v6vxS32PwAAADQjd//X4xb7HwAAAJqRu/8bcUsn+1//v77+/55/7Xp5///8sPjr1//r//X/+v/Tpv8fp/9fosX+/wg23c/P/evX/+v/2W9q/X/u/m/GLbuH35mjfZcAAADAlOTu/1bc0smf/wMAAEAPcvd/O26x/wEAAKAZufu/E7d0sv/1/xN4/7/B/t/7/4t/PvT/k+7/L9P/t0H/P07/v4T+X/+v/19R/58/zfr/3k2t/8/d/924pZP9DwAAAD3I3f+9uMX+BwAAgGbk7v9+3GL/AwAAQDNy998et+zY/4va7lbo//X/+n/9v/5/8eev/j9+Q/8/D/r/cYft/88NJ+v/k/5f/6//77X/9/4/F51i/3/1cIz+P3f/D+IWf/4PAAAAs3PmgN/P3f/DuMX+BwAAgGbk7v9R3GL/AwAAQDNy9/84brnzsk19SWul/9f/6//1//r/xZ/f+//zdIz+/qobd/xC/x+8/6//P34/f6X+v43+fxj0/5zcKfb/247a/+fu/0nc4s//AQAAoBm5+38at9j/AAAA0Izc/T+LW+x/AAAAaEbu/p/HLZ3sf/2//v+E/f92mqn/v0j/f5H+fzH9/3p4/3+c/n8J/b/3//X/3v9npabW/+fu/0Xc0sn+BwAAgB7k7v9l3GL/AwAAQDNy9/8qbrH/AQAAoBm5+38dt3Sy/zfW/8e/1Pr/2ff/3v/X/+v/9f+Tov8fp/9fQv+v/9f/6/9Zqan1/7n7fxO3dLL/AQAAoAe5+38bt9j/AAAA0Izc/XfELfY/AAAANCN3/+/ilk72v/f/9f8t9P/5+fX/+v9B/9+nHf8Q0f+P0/8vVv9G6f/1//p//T8rNbX+P3f/7+OWTvY/AAAA9CB3/x/iFvsfAAAAmpG7/864xf4HAACAZuTu/2Pc0sn+1//r/1vo/73/r//X/5P0/+M22f//7xXLP633/zfe/+eXoP/X/+v/WYmp9f+5+/8Ut3Sy/wEAAKAHufv/HLfY/wAAANCM3P1/iVvsfwAAAGhG7v6/xi2d7P8l/f+5+gv1/6P0/7u/fv3/4p8P/f80+//zB3x+/f88Hau/3/FDp/8Pnb3/X/T/3v/X/+v/Wamp9f+5+/8Wt3Sy/wEAAGC+tg79V+buv2vvx9n/AAAA0Izc/X+PW+x/AAAAaEbu/rvjlk72v/f/59T/X6n/1//r/73/r/9fwvv/4/T/S+j/9/fz9/yviPp//b/+n2OaWv+fu/8fAQAA//8Mk08i")
llistxattr(&(0x7f0000000140)='./file1\x00', 0x0, 0x0)

192.034444ms ago: executing program 7 (id=4907):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
sendmmsg(r0, &(0x7f0000002dc0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="86", 0x1}, {&(0x7f0000000100)="8f24895a1a02e2f5", 0x8}], 0x2}}], 0x1, 0x0)

84.594687ms ago: executing program 7 (id=4908):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_open_dev$usbmon(0x0, 0x2, 0x1e5040)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f00000000c0)=0x32)
syz_open_dev$sg(0x0, 0x0, 0x8002)
r1 = socket(0x10, 0x2, 0x0)
sendto$inet6(r1, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d27000b000a00070849935ade4a460c89b6ec0cff3959547f509058ad86c902007a00004a32000407160012000a0000000000e000e21800003b6ed538f6523250", 0x78, 0x2251197285d76a80, 0x0, 0x0)

83.515198ms ago: executing program 7 (id=4909):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000002300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x6f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32, @ANYBLOB="14000600fe800000000000000000000000000015140007"], 0x68}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)

0s ago: executing program 7 (id=4910):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096010006010083000000002a90a02700000000b3"], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

7239][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  405.660877][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  405.714885][T17324] lo speed is unknown, defaulting to 1000
[  405.834945][T17323] loop6: detected capacity change from 0 to 32768
[  405.873414][T17324] chnl_net:caif_netlink_parms(): no params data found
[  405.977673][T17324] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.980696][T17324] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.983668][T17324] bridge_slave_0: entered allmulticast mode
[  406.000777][T17324] bridge_slave_0: entered promiscuous mode
[  406.010268][T17324] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.013521][T17324] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.017397][T17324] bridge_slave_1: entered allmulticast mode
[  406.021993][T17324] bridge_slave_1: entered promiscuous mode
[  406.078978][T17324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.094535][T17324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.170941][T17324] team0: Port device team_slave_0 added
[  406.174430][T17324] team0: Port device team_slave_1 added
[  406.219521][T17343] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3767'.
[  406.247848][T17324] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.252186][T17324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.276152][T17324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  406.281980][T17324] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.284800][T17324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.294522][T17346] loop4: detected capacity change from 0 to 164
[  406.300413][T17346] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  406.305094][T17346] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  406.319832][T17346] rock: directory entry would overflow storage
[  406.323882][T17346] rock: sig=0x4f50, size=4, remaining=3
[  406.325904][T17346] iso9660: Corrupted directory entry in block 4 of inode 1792
[  406.337241][T17324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.430878][T17324] hsr_slave_0: entered promiscuous mode
[  406.433964][T17324] hsr_slave_1: entered promiscuous mode
[  406.437817][T17324] debugfs: 'hsr0' already exists in 'hsr'
[  406.440156][T17324] Cannot create hsr debugfs directory
[  406.557353][ T5900] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  406.610523][T17324] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  406.618765][T17324] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  406.624319][T17324] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  406.632316][T17324] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  406.637318][ T5920] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  406.712980][T17324] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.720278][ T5900] usb 7-1: config 0 has an invalid interface number: 101 but max is 0
[  406.726077][ T5900] usb 7-1: config 0 has no interface number 0
[  406.728174][ T5900] usb 7-1: config 0 interface 101 has no altsetting 0
[  406.733801][ T5900] usb 7-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=ef.18
[  406.741662][T17324] 8021q: adding VLAN 0 to HW filter on device team0
[  406.745693][ T5900] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.749184][ T5900] usb 7-1: Product: syz
[  406.750682][ T5900] usb 7-1: Manufacturer: syz
[  406.752306][ T5900] usb 7-1: SerialNumber: syz
[  406.757077][ T5900] usb 7-1: config 0 descriptor??
[  406.767922][ T5900] usb 7-1: bad CDC descriptors
[  406.770457][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.770778][ T5900] option 7-1:0.101: GSM modem (1-port) converter detected
[  406.773526][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.801136][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.804187][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.808902][ T5920] usb 5-1: Using ep0 maxpacket: 8
[  406.813233][ T5920] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7
[  406.820305][ T5920] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  406.827009][ T5920] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  406.830512][ T5920] usb 5-1: Product: syz
[  406.832294][ T5920] usb 5-1: Manufacturer: syz
[  406.834304][ T5920] usb 5-1: SerialNumber: syz
[  406.980406][T11124] usb 7-1: USB disconnect, device number 28
[  406.983926][T11124] option 7-1:0.101: device disconnected
[  407.004096][T17324] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.052524][ T5920] usb 5-1: Handspring Visor / Palm OS: No valid connect info available
[  407.055823][ T5920] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  407.060259][ T5920] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  407.063412][ T5920] usb 5-1: Handspring Visor / Palm OS: Number of ports: 2
[  407.188575][T17324] veth0_vlan: entered promiscuous mode
[  407.199500][T17324] veth1_vlan: entered promiscuous mode
[  407.228197][T17324] veth0_macvtap: entered promiscuous mode
[  407.233992][T17324] veth1_macvtap: entered promiscuous mode
[  407.249588][T17324] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.253242][ T5920] visor 5-1:1.0: Handspring Visor / Palm OS converter detected
[  407.257224][T17324] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.270707][ T5920] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  407.274309][ T5893] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.280694][ T5893] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.284775][ T5920] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  407.295315][ T5893] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.304491][ T5893] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.401328][ T3825] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.404742][ T3825] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.430027][ T3825] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.433520][ T3825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.464225][   T10] usb 5-1: USB disconnect, device number 31
[  407.486553][   T10] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  407.494627][   T10] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  407.505487][   T10] visor 5-1:1.0: device disconnected
[  407.552845][T17370] loop6: detected capacity change from 0 to 4096
[  407.726877][ T5849] Bluetooth: hci0: command tx timeout
[  409.823069][ T5849] Bluetooth: hci0: command tx timeout
[  409.903967][T17430] loop6: detected capacity change from 0 to 2048
[  409.945254][T17431] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  410.007656][T17431] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  410.014657][T17431] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4)
[  410.029102][T17431] Remounting filesystem read-only
[  410.066888][T12112] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  410.110006][T17437] loop8: detected capacity change from 0 to 8
[  410.120816][   T33] audit: type=1326 audit(410.007:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.129236][T17437] Dev loop8: unable to read RDB block 8
[  410.131622][T17437]  loop8: unable to read partition table
[  410.134239][T17437] loop8: partition table beyond EOD, truncated
[  410.138237][   T33] audit: type=1326 audit(410.007:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.150543][T17437] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5)
[  410.165923][   T33] audit: type=1326 audit(410.007:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.188537][   T33] audit: type=1326 audit(410.017:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.202130][   T33] audit: type=1326 audit(410.017:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.214093][T17441] netlink: 'syz.6.3801': attribute type 2 has an invalid length.
[  410.217671][   T33] audit: type=1326 audit(410.017:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.224965][T17441] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3801'.
[  410.233142][   T33] audit: type=1326 audit(410.017:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  410.242653][   T33] audit: type=1326 audit(410.017:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17438 comm="syz.6.3798" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  410.276155][   T10] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  410.358915][T17449] loop7: detected capacity change from 0 to 512
[  410.375748][T17449] EXT4-fs (loop7): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  410.401186][T17449] Quota error (device loop7): v2_read_file_info: Free block number 58381 out of range (1, 6).
[  410.407374][T17449] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  410.431845][   T10] usb 5-1: Using ep0 maxpacket: 32
[  410.435513][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  410.440429][   T10] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  410.443654][T17445] loop6: detected capacity change from 0 to 32768
[  410.444746][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  410.451869][T17445] jfs_mount: Mount Failure: superblock is corrupt!
[  410.453501][   T10] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  410.459191][T17445] Mount JFS Failure: -22
[  410.460875][T17445] jfs_mount failed w/return code = -22
[  410.473841][T17324] EXT4-fs (loop7): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  410.477315][   T10] usb 5-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[  410.481222][   T10] usb 5-1: Product: syz
[  410.504287][   T10] usb 5-1: Manufacturer: syz
[  410.506855][   T10] usb 5-1: SerialNumber: syz
[  410.514742][   T10] usb 5-1: config 0 descriptor??
[  410.721819][T17461] netlink: 172 bytes leftover after parsing attributes in process `syz.6.3809'.
[  410.738195][T17461] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  410.746292][T17459] loop7: detected capacity change from 0 to 8192
[  410.854210][T17465] loop6: detected capacity change from 0 to 128
[  410.867280][T17465] zonefs: Unexpected value for 'explicit-open'
[  410.933253][   T10] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  411.361766][   T10] gs_usb 5-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  411.367180][   T10] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  411.375072][   T10] usb 5-1: USB disconnect, device number 32
[  411.486411][T11124] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  411.636191][T11124] usb 7-1: Using ep0 maxpacket: 8
[  411.645076][T11124] usb 7-1: New USB device found, idVendor=2040, idProduct=b910, bcdDevice=18.c2
[  411.651074][T11124] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.654591][T11124] usb 7-1: Product: syz
[  411.656597][T11124] usb 7-1: Manufacturer: syz
[  411.658025][T11124] usb 7-1: SerialNumber: syz
[  411.662660][T11124] usb 7-1: config 0 descriptor??
[  411.666182][T11124] smsusb:smsusb_probe: board id=8, interface number 1
[  411.669588][T11124] smsusb:smsusb_probe: board id=8, interface number 0
[  411.730601][T17474] loop7: detected capacity change from 0 to 32768
[  411.740955][T17474] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3814 (17474)
[  411.750991][T17474] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  411.754980][T17474] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  411.791977][T17474] BTRFS info (device loop7): enabling ssd optimizations
[  411.794329][T17474] BTRFS info (device loop7): enabling free space tree
[  411.816793][T17324] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  411.878193][ T5849] Bluetooth: hci0: command tx timeout
[  411.890197][T11124] usb 7-1: USB disconnect, device number 29
[  411.911646][T17494] loop4: detected capacity change from 0 to 512
[  411.936785][T17494] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3816: casefold flag without casefold feature
[  411.946726][T17494] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3816: couldn't read orphan inode 15 (err -117)
[  411.952374][T17494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.008422][T10401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.107041][T17504] netlink: 'syz.7.3819': attribute type 29 has an invalid length.
[  412.450570][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.467780][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.543519][T17515] loop4: detected capacity change from 0 to 40427
[  412.560055][T17515] F2FS-fs (loop4): Image doesn't support compression
[  412.575639][T17515] F2FS-fs (loop4): build fault injection rate: 690
[  412.629638][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.633446][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.669790][T17515] F2FS-fs (loop4): invalid crc value
[  412.735418][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.755374][T17521] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3822'.
[  412.851539][T17515] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  412.855812][T17515] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  412.869684][   T33] audit: type=1800 audit(412.757:580): pid=17515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3824" name="file1" dev="loop4" ino=10 res=0 errno=0
[  412.890917][T17515] syz.4.3824: attempt to access beyond end of device
[  412.890917][T17515] loop4: rw=34817, sector=45104, nr_sectors = 2072 limit=40427
[  412.904943][T10401] syz-executor: attempt to access beyond end of device
[  412.904943][T10401] loop4: rw=2049, sector=57352, nr_sectors = 8 limit=40427
[  412.914958][T10401] CPU: 1 UID: 0 PID: 10401 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  412.914977][T10401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  412.914985][T10401] Call Trace:
[  412.914990][T10401]  <TASK>
[  412.914996][T10401]  dump_stack_lvl+0x189/0x250
[  412.915019][T10401]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.915033][T10401]  ? __pfx_queue_work_on+0x10/0x10
[  412.915045][T10401]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  412.915062][T10401]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  412.915115][T10401]  f2fs_handle_critical_error+0x37c/0x540
[  412.915139][T10401]  f2fs_write_end_io+0x886/0xb60
[  412.915167][T10401]  __submit_merged_bio+0x27a/0x6a0
[  412.915189][T10401]  __submit_merged_write_cond+0x255/0x530
[  412.915212][T10401]  f2fs_write_data_pages+0x261d/0x3000
[  412.915261][T10401]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  412.915335][T10401]  ? folios_put_refs+0x559/0x640
[  412.915359][T10401]  ? __pfx_folios_put_refs+0x10/0x10
[  412.915371][T10401]  ? rcu_is_watching+0x15/0xb0
[  412.915391][T10401]  ? __lock_acquire+0xab9/0xd20
[  412.915421][T10401]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  412.915438][T10401]  do_writepages+0x32e/0x550
[  412.915464][T10401]  ? do_raw_spin_unlock+0x4d/0x240
[  412.915482][T10401]  filemap_fdatawrite+0x199/0x240
[  412.915498][T10401]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  412.915554][T10401]  ? do_raw_spin_unlock+0x4d/0x240
[  412.915573][T10401]  f2fs_sync_dirty_inodes+0x31f/0x830
[  412.915596][T10401]  f2fs_write_checkpoint+0x95a/0x1df0
[  412.915628][T10401]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  412.915685][T10401]  ? kill_f2fs_super+0x298/0x6c0
[  412.915704][T10401]  kill_f2fs_super+0x2c3/0x6c0
[  412.915722][T10401]  ? __pfx_kill_f2fs_super+0x10/0x10
[  412.915732][T10401]  ? radix_tree_delete_item+0x2b6/0x400
[  412.915756][T10401]  ? shrinker_free+0x2ce/0x3e0
[  412.915772][T10401]  deactivate_locked_super+0xbc/0x130
[  412.915789][T10401]  cleanup_mnt+0x425/0x4c0
[  412.915803][T10401]  ? lockdep_hardirqs_on+0x9c/0x150
[  412.915823][T10401]  task_work_run+0x1d4/0x260
[  412.915842][T10401]  ? __pfx_task_work_run+0x10/0x10
[  412.915856][T10401]  ? __x64_sys_umount+0x122/0x160
[  412.915876][T10401]  ? exit_to_user_mode_loop+0x40/0x110
[  412.915897][T10401]  exit_to_user_mode_loop+0xec/0x110
[  412.915914][T10401]  do_syscall_64+0x2bd/0x3b0
[  412.915950][T10401]  ? lockdep_hardirqs_on+0x9c/0x150
[  412.915967][T10401]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.915979][T10401]  ? exc_page_fault+0x9f/0xf0
[  412.915998][T10401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.916009][T10401] RIP: 0033:0x7f8de1d8ff17
[  412.916022][T10401] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  412.916033][T10401] RSP: 002b:00007fffa16f9008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  412.916048][T10401] RAX: 0000000000000000 RBX: 00007f8de1e11c05 RCX: 00007f8de1d8ff17
[  412.916056][T10401] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffa16f90c0
[  412.916087][T10401] RBP: 00007fffa16f90c0 R08: 0000000000000000 R09: 0000000000000000
[  412.916096][T10401] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffa16fa150
[  412.916104][T10401] R13: 00007f8de1e11c05 R14: 0000000000064c6f R15: 00007fffa16fa190
[  412.916130][T10401]  </TASK>
[  413.029268][    C1] vkms_vblank_simulate: vblank timer overrun
[  413.041476][T10401] F2FS-fs (loop4): Remounting filesystem read-only
[  413.089854][T17536] loop6: detected capacity change from 0 to 128
[  413.297174][T17544] loop7: detected capacity change from 0 to 1024
[  413.311750][T17544] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.528257][T17324] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.976236][ T5849] Bluetooth: hci0: command tx timeout
[  414.122481][   T47] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  414.276207][   T47] usb 5-1: Using ep0 maxpacket: 32
[  414.283497][   T47] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  414.289091][   T47] usb 5-1: config 0 has no interface number 0
[  414.291785][   T47] usb 5-1: config 0 interface 12 has no altsetting 0
[  414.302520][   T47] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  414.314527][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.322967][   T47] usb 5-1: Product: syz
[  414.324683][   T47] usb 5-1: Manufacturer: syz
[  414.334310][   T47] usb 5-1: SerialNumber: syz
[  414.344845][   T47] usb 5-1: config 0 descriptor??
[  414.687239][   T10] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[  414.868903][   T10] usb 7-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  414.874107][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.880700][   T10] usb 7-1: Product: syz
[  414.882756][   T10] usb 7-1: Manufacturer: syz
[  414.884984][   T10] usb 7-1: SerialNumber: syz
[  414.897931][   T10] usb 7-1: config 0 descriptor??
[  415.172160][   T47] f81534 5-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  415.180853][   T47] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71
[  415.183472][   T47] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  415.187429][   T47] f81534 5-1:0.12: probe with driver f81534 failed with error -71
[  415.199962][   T47] usb 5-1: USB disconnect, device number 33
[  415.347091][   T10] airspy 7-1:0.0: Board ID: 00
[  415.349447][   T10] airspy 7-1:0.0: Firmware version: 
[  416.158271][   T10] airspy 7-1:0.0: usb_control_msg() failed -71 request 0f
[  416.182583][   T10] airspy 7-1:0.0: Registered as swradio24
[  416.185066][   T10] airspy 7-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  416.195408][   T10] usb 7-1: USB disconnect, device number 30
[  416.448856][T17594] loop4: detected capacity change from 0 to 32768
[  416.452150][T17594] XFS: ikeep mount option is deprecated.
[  416.479252][T17594] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  416.498779][T17594] XFS (loop4): Ending clean mount
[  416.501708][T17594] XFS (loop4): Quotacheck needed: Please wait.
[  416.533190][T17594] XFS (loop4): Quotacheck: Done.
[  416.563796][T10401] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  417.036160][   T10] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  417.186396][   T10] usb 7-1: Using ep0 maxpacket: 32
[  417.199464][   T10] usb 7-1: config 0 has an invalid interface number: 66 but max is 0
[  417.202624][   T10] usb 7-1: config 0 has no interface number 0
[  417.215030][   T10] usb 7-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=3d.a2
[  417.222365][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.225476][   T10] usb 7-1: Product: syz
[  417.228505][   T10] usb 7-1: Manufacturer: syz
[  417.230342][   T10] usb 7-1: SerialNumber: syz
[  417.240569][   T10] usb 7-1: config 0 descriptor??
[  417.247515][   T10] gspca_main: jl2005bcd-2.14.0 probing 0979:0227
[  417.249976][   T10] command write [95] error -22
[  417.448369][   T10] usb 7-1: USB disconnect, device number 31
[  417.679325][T17621] loop4: detected capacity change from 0 to 128
[  417.694261][T17621] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  417.730227][T10401] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  417.981477][T17633] loop6: detected capacity change from 0 to 512
[  418.018746][T17633] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.051101][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.146452][   T10] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  418.174763][T17641] smc: net device bond0 applied user defined pnetid SYZ0
[  418.179808][T17641] smc: net device bond0 erased user defined pnetid SYZ0
[  418.297965][   T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  418.301706][   T10] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  418.305527][   T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  418.316328][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.322548][T17631] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  418.329836][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  418.526141][ T1272] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  418.532877][ T5901] usb 5-1: USB disconnect, device number 34
[  418.676098][ T1272] usb 7-1: Using ep0 maxpacket: 32
[  418.679491][ T1272] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.685091][ T1272] usb 7-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  418.689530][ T1272] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.692346][ T1272] usb 7-1: Product: syz
[  418.694140][ T1272] usb 7-1: Manufacturer: syz
[  418.696680][ T1272] usb 7-1: SerialNumber: syz
[  418.704503][ T1272] usb 7-1: config 0 descriptor??
[  418.709297][ T1272] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[  418.917796][   T24] usb 7-1: USB disconnect, device number 32
[  419.512006][T17657] loop6: detected capacity change from 0 to 64
[  419.971614][T17663] loop4: detected capacity change from 0 to 2048
[  419.981271][ T6064] udevd[6064]: incorrect nilfs2 checksum on /dev/loop4
[  419.984359][T17663] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  419.988652][T17663] NILFS (loop4): mounting unchecked fs
[  420.007889][ T6064] udevd[6064]: incorrect nilfs2 checksum on /dev/loop4
[  420.015480][T17663] NILFS (loop4): recovery complete
[  420.018939][T17664] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  420.636073][ T5900] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  420.791352][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  420.796238][ T5900] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  420.801521][ T5900] usb 5-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[  420.805391][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.814245][ T5900] usb 5-1: config 0 descriptor??
[  420.823664][T17684] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  421.120650][T17689] loop6: detected capacity change from 0 to 131072
[  421.124717][T17689] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  421.127639][T17689] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  421.144624][T17689] F2FS-fs (loop6): invalid crc value
[  421.198115][T17689] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  421.203482][T17689] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  421.207070][T17689] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  421.245234][ T5900] hid (null): report_id 57294 is invalid
[  421.258141][ T5900] asus 0003:0B05:18C6.001B: collection stack underflow
[  421.265294][ T5900] asus 0003:0B05:18C6.001B: item 0 1 0 12 parsing failed
[  421.269989][ T5900] asus 0003:0B05:18C6.001B: Asus hid parse failed: -22
[  421.273024][ T5900] asus 0003:0B05:18C6.001B: probe with driver asus failed with error -22
[  421.447647][ T5900] usb 5-1: USB disconnect, device number 35
[  422.538266][T17720] loop4: detected capacity change from 0 to 32768
[  422.649712][T17720] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  422.649731][T17720]   allowing incompatible features above 0.0: (unknown version)
[  422.649739][T17720]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  422.667601][T17720] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  422.670660][T17720] bcachefs (loop4): initializing new filesystem
[  422.679316][T17720] bcachefs (loop4): going read-write
[  422.687708][T17720] bcachefs (loop4): marking superblocks
[  422.697086][T17720] bcachefs (loop4): initializing freespace
[  422.702067][T17720] bcachefs (loop4): done initializing freespace
[  422.708316][T17720] bcachefs (loop4): reading snapshots table
[  422.710858][T17720] bcachefs (loop4): reading snapshots done
[  422.778132][T17720] bcachefs (loop4): done starting filesystem
[  423.322686][T10401] bcachefs (loop4): shutting down
[  423.324509][T10401] bcachefs (loop4): going read-only
[  423.329804][T10401] bcachefs (loop4): finished waiting for writes to stop
[  423.334173][T10401] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  423.376837][T10401] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  423.380850][T10401] bcachefs (loop4): clean shutdown complete, journal seq 4
[  423.383702][T10401] bcachefs (loop4): marking filesystem clean
[  423.399224][T10401] bcachefs (loop4): shutdown complete
[  423.472685][T17750] syz_tun: entered allmulticast mode
[  423.479556][T17750] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3911'.
[  423.524379][T17750] syz_tun (unregistering): left allmulticast mode
[  423.680494][T17759] libceph: resolve '0.' (ret=-3): failed
[  423.760821][T17763] loop6: detected capacity change from 0 to 512
[  423.771491][T17763] EXT4-fs: Ignoring removed bh option
[  423.786521][T17763] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  423.823221][T17766] loop7: detected capacity change from 0 to 128
[  423.827115][T17763] EXT4-fs (loop6): 1 truncate cleaned up
[  423.832740][T17763] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.849708][T17766] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  423.948415][T17324] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  424.272498][   T33] audit: type=1800 audit(424.107:581): pid=17772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3916" name="bus" dev="loop6" ino=18 res=0 errno=0
[  424.686022][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.773030][T17785] Bluetooth: MGMT ver 1.23
[  425.971827][T17810] loop6: detected capacity change from 0 to 1024
[  426.137469][T17822] loop4: detected capacity change from 0 to 256
[  426.149798][T17822] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  426.322054][T17832] loop4: detected capacity change from 0 to 512
[  426.328889][T17832] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 33619980: comm syz.4.3943: invalid block
[  426.340362][T17832] EXT4-fs (loop4): Remounting filesystem read-only
[  426.351729][T17832] EXT4-fs (loop4): 1 truncate cleaned up
[  426.354813][T17832] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.373922][T10401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.444272][T17838] netlink: 79 bytes leftover after parsing attributes in process `syz.4.3945'.
[  426.515688][T17844] loop4: detected capacity change from 0 to 128
[  426.524990][T17844] EXT4-fs: Ignoring removed nobh option
[  426.536465][T17844] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  426.564432][T10401] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  426.624794][T17847] could not allocate digest TFM handle sm3
[  426.956303][ T5900] usb 5-1: new full-speed USB device number 36 using dummy_hcd
[  427.118172][ T5900] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  427.122405][ T5900] usb 5-1: too many endpoints for config 1 interface 0 altsetting 7: 255, using maximum allowed: 30
[  427.126941][ T5900] usb 5-1: config 1 interface 0 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  427.132440][ T5900] usb 5-1: config 1 interface 0 has no altsetting 0
[  427.136056][ T5900] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  427.139318][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  427.142343][ T5900] usb 5-1: SerialNumber: syz
[  427.147433][ T5900] cdc_acm 5-1:1.0: invalid descriptor buffer length
[  427.150330][ T5900] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  427.153011][ T5900] cdc_acm 5-1:1.0: This needs exactly 3 endpoints
[  427.155577][ T5900] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22
[  427.352074][ T5900] usb 5-1: USB disconnect, device number 36
[  427.901291][T17868] loop7: detected capacity change from 0 to 32768
[  427.938116][ T6064]  loop7: p9 p11 p16
[  427.972958][T17868]  loop7: p9 p11 p16
[  428.111002][T17885] loop7: detected capacity change from 0 to 512
[  428.135460][T17885] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  428.154491][ T6684] udevd[6684]: inotify_add_watch(7, /dev/loop7p11, 10) failed: No such file or directory
[  428.160474][ T9459] udevd[9459]: inotify_add_watch(7, /dev/loop7p16, 10) failed: No such file or directory
[  428.166540][ T6064] udevd[6064]: inotify_add_watch(7, /dev/loop7p9, 10) failed: No such file or directory
[  428.211572][ T6064] udevd[6064]: inotify_add_watch(7, /dev/loop7p9, 10) failed: No such file or directory
[  428.224080][ T9459] udevd[9459]: inotify_add_watch(7, /dev/loop7p16, 10) failed: No such file or directory
[  428.328264][ T6684] udevd[6684]: inotify_add_watch(7, /dev/loop7p11, 10) failed: No such file or directory
[  428.767980][T17889] loop6: detected capacity change from 0 to 32768
[  428.781321][T17889] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  428.837662][T17889] XFS (loop6): Ending clean mount
[  428.851698][T17889] XFS (loop6): Quotacheck needed: Please wait.
[  428.873246][T17903] loop4: detected capacity change from 0 to 64
[  428.921696][T17889] XFS (loop6): Quotacheck: Done.
[  428.953769][   T33] audit: type=1326 audit(428.837:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  428.974890][   T33] audit: type=1326 audit(428.837:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.000283][T17889] XFS (loop6): User initiated shutdown received.
[  429.029234][   T33] audit: type=1326 audit(428.847:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.046951][   T33] audit: type=1326 audit(428.847:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.060897][T17889] XFS (loop6): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  429.067388][   T33] audit: type=1326 audit(428.847:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.079270][   T33] audit: type=1326 audit(428.847:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.087914][   T33] audit: type=1326 audit(428.847:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17904 comm="syz.4.3970" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de1d8ebe9 code=0x7ffc0000
[  429.088711][T17889] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  429.099657][   T33] audit: type=1800 audit(428.887:589): pid=17889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3967" name="file1" dev="loop6" ino=9286 res=0 errno=0
[  429.156391][T12112] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  429.402696][T17914] loop4: detected capacity change from 0 to 32768
[  429.535774][T17914] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,read_only,nocow
[  429.535795][T17914]   allowing incompatible features above 1.28: inode_has_case_insensitive
[  429.535804][T17914]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  429.553324][T17914] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  429.556856][T17914] bcachefs (loop4): initializing new filesystem
[  429.565681][T17914] bcachefs (loop4): going read-write
[  429.594916][T17914] bcachefs (loop4): marking superblocks
[  429.602775][T17914] bcachefs (loop4): initializing freespace
[  429.609436][T17914] bcachefs (loop4): done initializing freespace
[  429.613883][T17914] bcachefs (loop4): reading snapshots table
[  429.616534][T17914] bcachefs (loop4): reading snapshots done
[  429.656527][T17914] bcachefs (loop4): going read-only
[  429.658747][T17914] bcachefs (loop4): finished waiting for writes to stop
[  429.667232][T17914] bcachefs (loop4): flushing journal and stopping allocators, journal seq 1
[  429.748018][T17914] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  429.756235][T17940] loop6: detected capacity change from 0 to 128
[  429.761341][T17914] bcachefs (loop4): clean shutdown complete, journal seq 5
[  429.761892][T17940] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  429.764908][T17914] bcachefs (loop4): marking filesystem clean
[  429.773326][T17940] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  429.774347][T17914] bcachefs (loop4): done starting filesystem
[  429.810817][T10401] bcachefs (loop4): shutting down
[  429.860122][T10401] bcachefs (loop4): shutdown complete
[  430.250579][T17948] loop7: detected capacity change from 0 to 32768
[  430.277765][T17948] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  430.297617][   T33] audit: type=1800 audit(430.187:590): pid=17948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3987" name="file1" dev="loop7" ino=17058 res=0 errno=0
[  430.332573][T17324] ocfs2: Unmounting device (7,7) on (node local)
[  430.754396][T17959] loop7: detected capacity change from 0 to 32768
[  430.793677][   T33] audit: type=1800 audit(430.677:591): pid=17959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3990" name="file1" dev="loop7" ino=4 res=0 errno=0
[  431.050515][T17967] loop6: detected capacity change from 0 to 512
[  431.071785][T17967] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  431.086620][T17967] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  431.091294][T17967] System zones: 0-1, 15-15, 18-18, 34-34
[  431.093830][T17967] EXT4-fs (loop6): orphan cleanup on readonly fs
[  431.105357][T17967] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[  431.110918][T17967] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  431.117874][T17967] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  431.122502][T17967] EXT4-fs (loop6): 1 truncate cleaned up
[  431.132184][T17967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  431.195188][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.248456][T17964] loop4: detected capacity change from 0 to 32768
[  431.269439][   T33] audit: type=1800 audit(431.157:592): pid=17964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3984" name="bus" dev="loop4" ino=7 res=0 errno=0
[  431.319556][T17977] loop7: detected capacity change from 0 to 256
[  431.475195][T17979] loop6: detected capacity change from 0 to 32768
[  431.482094][T17979] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3999 (17979)
[  431.491857][T17979] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  431.497403][T17979] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  431.500874][T17979] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  431.539649][T17979] BTRFS info (device loop6): rebuilding free space tree
[  431.555137][T17979] BTRFS info (device loop6): disabling free space tree
[  431.558126][T17979] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  431.562045][T17979] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  431.575245][T17979] BTRFS info (device loop6): allowing degraded mounts
[  431.578061][T17979] BTRFS info (device loop6): enabling ssd optimizations
[  431.580611][T17979] BTRFS info (device loop6): enabling disk space caching
[  431.583232][T17979] BTRFS info (device loop6): force clearing of disk cache
[  431.585872][T17979] BTRFS info (device loop6): use zlib compression, level 3
[  431.655241][T12112] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  432.533686][T18013] loop4: detected capacity change from 0 to 128
[  432.646860][T18011] loop7: detected capacity change from 0 to 32768
[  432.791172][T18017] loop7: detected capacity change from 0 to 128
[  432.795192][T18017] FAT-fs (loop7): Invalid FSINFO signature: 0x41075252, 0x80417272 (sector = 1)
[  432.804221][T18017] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00070003)
[  432.812102][T18017] FAT-fs (loop7): Filesystem has been set read-only
[  432.816053][   T10] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  432.899348][T18015] loop6: detected capacity change from 0 to 32768
[  432.921770][T18015] JBD2: Ignoring recovery information on journal
[  432.986437][   T10] usb 5-1: Using ep0 maxpacket: 16
[  432.989611][T18015] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  433.003687][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.007801][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.015842][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  433.027465][   T10] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  433.040234][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.047398][   T10] usb 5-1: config 0 descriptor??
[  433.093470][T12112] (syz-executor,12112,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 22
[  433.100593][T12112] ocfs2: Unmounting device (7,6) on (node local)
[  433.280188][T18031] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4015'.
[  433.540971][T18042] loop7: detected capacity change from 0 to 4096
[  434.347752][   T10] hid (null): report_id 0 is invalid
[  434.349641][   T10] hid (null): bogus close delimiter
[  434.351321][   T10] hid (null): invalid report_count 1939077990
[  434.353297][   T10] hid (null): invalid report_count 56161
[  434.355524][   T10] hid (null): bogus close delimiter
[  434.357812][   T10] hid (null): nested delimiters
[  434.359569][   T10] hid (null): unknown global tag 0xd
[  434.371235][T18038] loop6: detected capacity change from 0 to 262144
[  434.375843][T18038] F2FS-fs (loop6): invalid crc value
[  434.404412][T18038] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  434.409490][T18038] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  434.413699][   T10] usb 5-1: USB disconnect, device number 37
[  434.477842][T18050] loop7: detected capacity change from 0 to 2048
[  434.500873][T18050] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.535435][T18050] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  434.552553][T18050] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[  434.565906][T18050] EXT4-fs (loop7): This should not happen!! Data will be lost
[  434.565906][T18050] 
[  434.578450][T18050] EXT4-fs (loop7): Total free blocks count 0
[  434.586576][T18050] EXT4-fs (loop7): Free/Dirty block details
[  434.598001][T18050] EXT4-fs (loop7): free_blocks=66060288
[  434.600217][T18050] EXT4-fs (loop7): dirty_blocks=16
[  434.602104][T18050] EXT4-fs (loop7): Block reservation details
[  434.604376][T18050] EXT4-fs (loop7): i_reserved_data_blocks=1
[  434.633361][T17324] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.822360][T18062] loop7: detected capacity change from 0 to 2048
[  434.833913][T18062] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  435.407583][T18068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4028'.
[  435.411259][T18068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4028'.
[  435.561487][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  435.594422][   T10] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  435.867939][T18086] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  435.867939][T18086]    program syz.4.4035 not setting count and/or reply_len properly
[  436.392412][T18093] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  436.620764][T18099] loop4: detected capacity change from 0 to 736
[  436.944997][T18106] loop4: detected capacity change from 0 to 32768
[  437.086076][T18106] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  437.086094][T18106]   allowing incompatible features above 0.0: (unknown version)
[  437.086102][T18106]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  437.100011][T18106] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  437.103263][T18106] bcachefs (loop4): initializing new filesystem
[  437.112155][T18106] bcachefs (loop4): going read-write
[  437.160821][T18106] bcachefs (loop4): marking superblocks
[  437.168312][T18106] bcachefs (loop4): initializing freespace
[  437.173121][T18106] bcachefs (loop4): done initializing freespace
[  437.177299][T18106] bcachefs (loop4): reading snapshots table
[  437.179692][T18106] bcachefs (loop4): reading snapshots done
[  437.212358][T18106] bcachefs (loop4): done starting filesystem
[  437.416796][T10401] bcachefs (loop4): shutting down
[  437.422530][T10401] bcachefs (loop4): going read-only
[  437.430454][T10401] bcachefs (loop4): finished waiting for writes to stop
[  437.441582][T10401] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  437.497747][T10401] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  437.502073][T10401] bcachefs (loop4): clean shutdown complete, journal seq 4
[  437.505365][T10401] bcachefs (loop4): marking filesystem clean
[  437.533096][T10401] bcachefs (loop4): shutdown complete
[  438.558121][T18150] CIFS: VFS: Malformed UNC in devname
[  438.911038][T18167] loop7: detected capacity change from 0 to 7
[  438.913966][T18167] Dev loop7: unable to read RDB block 7
[  438.915797][T18167]  loop7: AHDI p1 p2
[  438.919066][T18167] loop7: partition table partially beyond EOD, truncated
[  438.921898][T18167] loop7: p1 start 1702000233 is beyond EOD, truncated
[  438.974175][T18173] loop6: detected capacity change from 0 to 128
[  438.985255][T18173] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  438.987527][T18175] syz_tun: entered promiscuous mode
[  438.992294][T18175] syz_tun: left promiscuous mode
[  438.998520][   T24] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  439.289030][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  439.325460][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  439.339062][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  439.344776][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  439.383300][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.523150][   T47] libceph: connect (1)[c::]:6789 error -101
[  439.553533][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  439.636961][   T24] usb 5-1: config 0 descriptor??
[  439.644628][   T24] em28xx 5-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  439.830247][   T24] libceph: connect (1)[c::]:6789 error -101
[  439.832822][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  439.910536][T18184] ceph: No mds server is up or the cluster is laggy
[  439.960672][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  439.963448][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  440.231207][T18198] loop6: detected capacity change from 0 to 4096
[  440.565286][   T33] audit: type=1800 audit(440.447:593): pid=18193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.4072" name="/" dev="fuse" ino=0 res=0 errno=0
[  442.523187][ T1272] usb 5-1: USB disconnect, device number 38
[  442.599118][T18225] loop4: detected capacity change from 0 to 512
[  442.639060][T18225] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #17: comm syz.4.4082: iget: bogus i_mode (0)
[  442.643574][T18225] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4082: couldn't read orphan inode 17 (err -117)
[  442.652532][T18225] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.692404][T10401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.027285][T18251] loop6: detected capacity change from 0 to 4096
[  443.035445][T18251] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  443.062386][T18251] ntfs3(loop6): Failed to load root (-22).
[  443.376091][   T10] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  443.546589][   T10] usb 7-1: Using ep0 maxpacket: 32
[  443.552482][   T10] usb 7-1: config 4 has an invalid interface number: 10 but max is 0
[  443.556184][   T10] usb 7-1: config 4 has no interface number 0
[  443.558860][   T10] usb 7-1: config 4 interface 10 has no altsetting 0
[  443.564088][   T10] usb 7-1: New USB device found, idVendor=0979, idProduct=0280, bcdDevice=98.4c
[  443.568049][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.571213][   T10] usb 7-1: Product: syz
[  443.572696][   T10] usb 7-1: Manufacturer: syz
[  443.574421][   T10] usb 7-1: SerialNumber: syz
[  443.809362][   T10] gspca_main: jeilinj-2.14.0 probing 0979:0280
[  443.830538][   T10] usb 7-1: USB disconnect, device number 33
[  443.896259][   T24] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  444.066321][   T24] usb 5-1: Using ep0 maxpacket: 32
[  444.070428][   T24] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=66.3d
[  444.074259][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.082116][   T24] usb 5-1: config 0 descriptor??
[  444.088900][   T24] cx82310_eth 5-1:0.0: probe with driver cx82310_eth failed with error -22
[  444.094195][   T24] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19!
[  444.297243][   T24] usb 5-1: USB disconnect, device number 39
[  444.581968][T18302] loop6: detected capacity change from 0 to 40427
[  444.587570][T18302] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  444.590823][T18302] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  444.612315][T18302] F2FS-fs (loop6): invalid crc value
[  444.653606][T18302] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  444.657935][T18302] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  444.660390][T18302] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  444.697250][T18302] syz.6.4095: attempt to access beyond end of device
[  444.697250][T18302] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  444.704284][T18302] syz.6.4095: attempt to access beyond end of device
[  444.704284][T18302] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  444.737437][T12112] syz-executor: attempt to access beyond end of device
[  444.737437][T12112] loop6: rw=2051, sector=45096, nr_sectors = 16 limit=40427
[  444.744531][T12112] F2FS-fs (loop6): Issue discard(5637, 5637, 2) failed, ret: -5
[  445.106280][   T10] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  445.266246][   T10] usb 5-1: Using ep0 maxpacket: 32
[  445.270552][   T10] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  445.274046][   T10] usb 5-1: config 0 has no interface number 0
[  445.279684][   T10] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  445.283738][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.287504][   T10] usb 5-1: Product: syz
[  445.289377][   T10] usb 5-1: Manufacturer: syz
[  445.291415][   T10] usb 5-1: SerialNumber: syz
[  445.296711][   T10] usb 5-1: config 0 descriptor??
[  445.304088][   T10] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  445.514086][   T10] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  445.531400][   T10] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  445.852466][T18349] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4105'.
[  445.928755][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  445.938010][   T10] usb 5-1: USB disconnect, device number 40
[  445.944310][   T10] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  445.955304][   T10] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  445.963875][   T10] quatech2 5-1:0.51: device disconnected
[  446.189717][T18384] loop6: detected capacity change from 0 to 8192
[  446.485514][T18399] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4117'.
[  447.669441][T18446] loop6: detected capacity change from 0 to 512
[  447.704488][T18446] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.4132: Parent and EA inode have the same ino 15
[  447.722338][T18446] EXT4-fs (loop6): 1 orphan inode deleted
[  448.177397][T18446] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.561148][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.637129][T18472] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4139'.
[  448.671034][T18476] loop6: detected capacity change from 0 to 256
[  448.689890][T18476] vfat: Bad value for 'umask'
[  448.749568][T18486] loop4: detected capacity change from 0 to 4096
[  448.754808][T18486] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  448.782991][T18486] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  448.811956][T18486] overlayfs: upper fs does not support tmpfile.
[  448.838136][T18486] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  449.727844][T18538] loop6: detected capacity change from 0 to 32768
[  450.396126][ T5901] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  450.424133][T18555] netlink: 'syz.6.4161': attribute type 1 has an invalid length.
[  450.429436][T18555] netlink: 1 bytes leftover after parsing attributes in process `syz.6.4161'.
[  450.559500][ T5901] usb 5-1: Using ep0 maxpacket: 16
[  450.568498][ T5901] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  450.571908][ T5901] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  450.578638][ T5901] usb 5-1: config 0 has no interface number 0
[  450.587968][ T5901] usb 5-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  450.601371][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.604744][ T5901] usb 5-1: Product: syz
[  450.606611][ T5901] usb 5-1: Manufacturer: syz
[  450.608651][ T5901] usb 5-1: SerialNumber: syz
[  450.619197][ T5901] usb 5-1: config 0 descriptor??
[  450.634591][ T5901] uvcvideo 5-1:0.105: probe with driver uvcvideo failed with error -22
[  450.959754][   T24] usb 5-1: USB disconnect, device number 41
[  451.734344][T18606] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  451.780193][T18607] netlink: 14 bytes leftover after parsing attributes in process `syz.6.4175'.
[  451.786893][   T24] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  451.958056][   T24] usb 5-1: Using ep0 maxpacket: 8
[  451.979267][   T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  451.993778][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  452.002105][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  452.006041][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  452.010108][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  452.016179][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  452.020033][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.503468][   T24] usb 5-1: usb_control_msg returned -32
[  452.506344][   T24] usbtmc 5-1:16.0: can't read capabilities
[  452.927086][T18622] usbtmc 5-1:16.0: stb usb_control_msg returned -32
[  452.933601][   T24] usb 5-1: USB disconnect, device number 42
[  453.266942][T18634] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  453.674302][T18659] loop6: detected capacity change from 0 to 24
[  453.689085][T18659] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  453.713592][T18659] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  454.328111][T18679] loop6: detected capacity change from 0 to 4096
[  454.373132][T18679] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  455.007226][T18700] loop4: detected capacity change from 0 to 128
[  455.010541][T18700] EXT4-fs: Ignoring removed nomblk_io_submit option
[  455.013881][T18700] EXT4-fs: Ignoring removed nomblk_io_submit option
[  455.039252][T18700] EXT4-fs (loop4): Test dummy encryption mode enabled
[  455.050559][T18700] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  455.093699][T10401] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  455.137623][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.192073][T18711] loop6: detected capacity change from 0 to 1024
[  455.196376][T18711] EXT4-fs: Ignoring removed nobh option
[  455.201014][T18711] EXT4-fs: Ignoring removed bh option
[  455.212733][T18711] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  455.222703][T18711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.538993][T18745] loop4: detected capacity change from 0 to 2048
[  455.553430][T18745] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  455.560266][T18745] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  455.564201][T18745] UDF-fs: Scanning with blocksize 512 failed
[  455.570565][T18745] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  455.638744][T18752] loop4: detected capacity change from 0 to 47
[  455.698665][T18758] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4214'.
[  455.985357][T18764] loop4: detected capacity change from 0 to 32768
[  455.990070][T18764] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4216 (18764)
[  456.004559][T18764] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  456.008935][T18764] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  456.094239][T18764] BTRFS info (device loop4): rebuilding free space tree
[  456.103493][T18764] BTRFS info (device loop4): enabling ssd optimizations
[  456.108993][T18764] BTRFS info (device loop4): using spread ssd allocation scheme
[  456.112438][T18764] BTRFS info (device loop4): enabling free space tree
[  456.119485][T18764] BTRFS info (device loop4): force clearing of disk cache
[  456.163922][T10401] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  456.722464][T18814] loop6: detected capacity change from 0 to 4096
[  457.177773][T18822] loop4: detected capacity change from 0 to 40427
[  457.188552][T18822] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  457.191034][T18822] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  457.252018][T18822] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  457.262359][T18822] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  457.264832][T18822] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  457.294622][T18822] fscrypt (loop4, inode 3): Error -61 getting encryption context
[  457.394622][T18839] loop6: detected capacity change from 0 to 32768
[  457.411270][T18839] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  457.458519][T18839] XFS (loop6): Ending clean mount
[  457.520764][T12112] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  457.763009][T18890] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  457.785703][T18893] loop4: detected capacity change from 0 to 256
[  457.792649][T18893] exfat: Deprecated parameter 'utf8'
[  457.800791][T18893] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  457.813082][T18897] loop6: detected capacity change from 0 to 256
[  457.828982][T18897] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  458.148974][T18936] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  458.189399][T18942] loop4: detected capacity change from 0 to 2048
[  458.204485][T18942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  458.218400][   T33] audit: type=1800 audit(457.602:594): pid=18942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4258" name="file2" dev="loop4" ino=16 res=0 errno=0
[  458.269685][T10401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  458.350872][   T10] usb 7-1: new full-speed USB device number 34 using dummy_hcd
[  458.523874][   T10] usb 7-1: config 0 has no interfaces?
[  458.525899][   T10] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  458.529199][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.536225][   T10] usb 7-1: config 0 descriptor??
[  459.244099][T18985] cgroup: fork rejected by pids controller in /syz4
[  459.675586][T19037] loop4: detected capacity change from 0 to 512
[  459.683070][T19037] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  459.696662][T19037] EXT4-fs (loop4): 1 truncate cleaned up
[  459.704471][T19037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  459.722678][   T33] audit: type=1800 audit(459.014:595): pid=19037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4278" name="file1" dev="loop4" ino=15 res=0 errno=0
[  459.833857][T10401] EXT4-fs error (device loop4): ext4_lookup:1787: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[  459.858243][T10401] EXT4-fs error (device loop4): ext4_lookup:1787: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[  460.320078][T10401] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.887258][T19060] bridge0: entered promiscuous mode
[  460.891144][T19060] macsec1: entered promiscuous mode
[  460.939218][ T5853] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  460.951594][ T5853] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  460.956351][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  460.961244][ T5853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  460.969424][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  461.059129][T19063] lo speed is unknown, defaulting to 1000
[  461.328761][ T5901] usb 7-1: USB disconnect, device number 34
[  461.649006][T19105] loop6: detected capacity change from 0 to 32768
[  461.653187][T19105] btrfs: Deprecated parameter 'usebackuproot'
[  461.656042][T19105] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  461.660468][T19105] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4293 (19105)
[  461.681392][T19105] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  461.685156][T19105] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  461.768734][ T5893] bond0 (unregistering): Released all slaves
[  461.792057][T19105] BTRFS info (device loop6): rebuilding free space tree
[  461.804929][T19105] BTRFS info (device loop6): allowing degraded mounts
[  461.807754][T19105] BTRFS info (device loop6): enabling ssd optimizations
[  461.812276][T19105] BTRFS info (device loop6): turning on flush-on-commit
[  461.820511][T19105] BTRFS info (device loop6): turning on sync discard
[  461.835656][T19105] BTRFS info (device loop6): enabling free space tree
[  461.838597][T19105] BTRFS info (device loop6): force clearing of disk cache
[  461.865029][T19105] BTRFS info (device loop6): trying to use backup root at mount time
[  461.872006][T19105] BTRFS info (device loop6): use lzo compression, level 0
[  461.874971][T19105] BTRFS info (device loop6): max_inline set to 0
[  461.928746][T12112] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  462.388856][ T5893] hsr_slave_0: left promiscuous mode
[  462.410672][ T5893] hsr_slave_1: left promiscuous mode
[  462.568545][ T5893] pim6reg (unregistering): left allmulticast mode
[  463.175440][ T5853] Bluetooth: hci2: command tx timeout
[  464.411863][T19194] bridge2: entered promiscuous mode
[  464.770808][T19063] chnl_net:caif_netlink_parms(): no params data found
[  465.077312][T19063] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.084896][T19063] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.090061][T19063] bridge_slave_0: entered allmulticast mode
[  465.095179][T19063] bridge_slave_0: entered promiscuous mode
[  465.103759][T19063] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.109654][T19063] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.114357][T19063] bridge_slave_1: entered allmulticast mode
[  465.119564][T19063] bridge_slave_1: entered promiscuous mode
[  465.179135][T19063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  465.194020][T19063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  465.230576][T19063] team0: Port device team_slave_0 added
[  465.236656][T19063] team0: Port device team_slave_1 added
[  465.270003][T19063] batman_adv: batadv0: Adding interface: batadv_slave_0
[  465.272516][T19063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  465.285204][T19063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  465.292056][T19063] batman_adv: batadv0: Adding interface: batadv_slave_1
[  465.294778][T19063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  465.305671][T19063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  465.412911][T19063] hsr_slave_0: entered promiscuous mode
[  465.414689][ T5853] Bluetooth: hci2: command tx timeout
[  465.432671][T19063] hsr_slave_1: entered promiscuous mode
[  465.435634][T19063] debugfs: 'hsr0' already exists in 'hsr'
[  465.441025][T19063] Cannot create hsr debugfs directory
[  465.702979][T19063] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  465.713443][T19063] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  465.727700][T19063] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  465.733832][T19063] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  466.193677][T19063] 8021q: adding VLAN 0 to HW filter on device bond0
[  466.206859][T19063] 8021q: adding VLAN 0 to HW filter on device team0
[  466.214079][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.216677][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  466.235514][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.238024][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  466.376218][T19063] 8021q: adding VLAN 0 to HW filter on device batadv0
[  466.493227][T19063] veth0_vlan: entered promiscuous mode
[  466.498938][T19063] veth1_vlan: entered promiscuous mode
[  466.517239][T19063] veth0_macvtap: entered promiscuous mode
[  466.518206][   T47] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  466.524397][T19063] veth1_macvtap: entered promiscuous mode
[  466.534456][T19063] batman_adv: batadv0: Interface activated: batadv_slave_0
[  466.542865][T19063] batman_adv: batadv0: Interface activated: batadv_slave_1
[  466.549283][ T5879] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.556475][ T5879] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.563902][ T5879] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  466.567767][ T5879] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  466.650450][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.653689][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.702821][   T47] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  466.717859][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.722158][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.735332][   T47] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  466.739218][   T47] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  466.748407][   T47] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.760582][T19545] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  466.776832][   T47] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  467.045181][ T1272] usb 7-1: USB disconnect, device number 35
[  467.619686][ T5853] Bluetooth: hci2: command tx timeout
[  467.688112][T19633] loop8: detected capacity change from 0 to 32768
[  467.736444][T19633] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  467.816987][T19633] XFS (loop8): Ending clean mount
[  467.829467][T19633] XFS (loop8): Quotacheck needed: Please wait.
[  467.879809][T19665] loop6: detected capacity change from 0 to 256
[  467.880811][T19633] XFS (loop8): Quotacheck: Done.
[  467.898529][T19665] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  467.960754][T19063] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  468.846718][T19694] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4342'.
[  468.948370][T19699] netlink: 'syz.7.4344': attribute type 21 has an invalid length.
[  468.951567][T19699] netlink: 132 bytes leftover after parsing attributes in process `syz.7.4344'.
[  468.955405][T19699] netlink: 'syz.7.4344': attribute type 1 has an invalid length.
[  469.426091][ T5880] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  469.588463][T19731] netlink: 'syz.7.4355': attribute type 2 has an invalid length.
[  469.592530][T19731] netlink: 'syz.7.4355': attribute type 2 has an invalid length.
[  469.606365][ T5880] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  469.610668][ T5880] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.615098][ T5880] usb 7-1: Product: syz
[  469.620554][ T5880] usb 7-1: Manufacturer: syz
[  469.624894][ T5880] usb 7-1: SerialNumber: syz
[  469.630001][ T5880] usb 7-1: config 0 descriptor??
[  469.652076][T19736] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4356'.
[  469.853039][ T5880] usb 7-1: USB disconnect, device number 36
[  469.856980][ T5853] Bluetooth: hci2: command tx timeout
[  470.482916][T19768] syz_tun: entered allmulticast mode
[  470.866985][T19777] loop6: detected capacity change from 0 to 16
[  470.939524][T19777] erofs (device loop6): mounted with root inode @ nid 36.
[  471.224102][T19784] loop6: detected capacity change from 0 to 8192
[  471.769867][T19796] netlink: del zone limit has 4 unknown bytes
[  471.997384][T19806] loop8: detected capacity change from 0 to 1024
[  472.056191][T19806] hfsplus: Unknown parameter ''
[  472.121049][   T33] audit: type=1326 audit(470.613:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19809 comm="syz.6.4371" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  472.132488][   T33] audit: type=1326 audit(470.613:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19809 comm="syz.6.4371" exe="/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  472.139394][   T33] audit: type=1326 audit(470.613:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19809 comm="syz.6.4371" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  472.147413][   T33] audit: type=1326 audit(470.613:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19809 comm="syz.6.4371" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f128158ebe9 code=0x7ffc0000
[  473.765839][T19850] tipc: Failed to remove unknown binding: 66,3,3/0:3556675375/3556675376
[  474.707097][   T10] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  474.978029][   T10] usb 7-1: Using ep0 maxpacket: 32
[  474.985960][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  474.995370][   T10] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  475.000822][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.003973][   T10] usb 7-1: Product: syz
[  475.005748][   T10] usb 7-1: Manufacturer: syz
[  475.008404][   T10] usb 7-1: SerialNumber: syz
[  475.021276][   T10] usb 7-1: config 0 descriptor??
[  475.024961][T19887] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  475.032678][   T10] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  475.251245][   T47] usb 7-1: USB disconnect, device number 37
[  476.094358][T19961] netlink: 'syz.7.4406': attribute type 4 has an invalid length.
[  476.117488][T19963] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4407'.
[  476.123150][T19963] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4407'.
[  476.131061][   T47] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  476.299778][T19983] overlayfs: workdir and upperdir must be separate subtrees
[  476.300041][   T47] usb 7-1: Using ep0 maxpacket: 8
[  476.307519][   T47] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7
[  476.314111][   T47] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  476.321629][   T47] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  476.332122][   T47] usb 7-1: Product: syz
[  476.333996][   T47] usb 7-1: Manufacturer: syz
[  476.335966][   T47] usb 7-1: SerialNumber: syz
[  476.654067][   T47] usb 7-1: Invalid connection information received from device
[  476.793971][T20007] loop8: detected capacity change from 0 to 128
[  476.816963][T20007] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  476.832812][T20007] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  476.875921][ T5920] usb 7-1: USB disconnect, device number 38
[  477.362933][ T5880] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  477.561494][ T5880] usb 9-1: Using ep0 maxpacket: 8
[  477.566662][ T5880] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  477.574132][ T5880] usb 9-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  477.580314][ T5880] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.593335][ T5880] usb 9-1: config 0 descriptor??
[  477.607677][ T5880] gspca_main: vc032x-2.14.0 probing 046d:0892
[  478.143566][T20083] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  478.151891][T20081] IPVS: stopping backup sync thread 20083 ...
[  478.634632][T20072] loop6: detected capacity change from 0 to 262144
[  478.642755][T20072] F2FS-fs (loop6): invalid crc value
[  478.680446][T20072] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  478.689554][T20072] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  478.862306][ T5880] gspca_vc032x: reg_r err -71
[  478.864382][ T5880] vc032x 9-1:0.0: probe with driver vc032x failed with error -71
[  478.877293][ T5880] usb 9-1: USB disconnect, device number 2
[  479.451101][T20134] loop6: detected capacity change from 0 to 1024
[  479.456257][T20134] EXT4-fs: Ignoring removed orlov option
[  479.484412][T20134] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  479.540965][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.618159][T20152] loop6: detected capacity change from 0 to 4096
[  479.622032][T20152] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  479.660081][T20152] ntfs3(loop6): ino=1d, mi_enum_attr
[  479.662390][T20152] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  479.666054][T20152] ntfs3(loop6): ino=1d, mi_enum_attr
[  479.669399][T20152] ntfs3(loop6): ino=1d, mi_enum_attr
[  479.895511][ T5880] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  480.194524][ T5880] usb 9-1: Using ep0 maxpacket: 8
[  480.255962][ T5880] usb 9-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  480.265436][ T5880] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.270784][ T5880] usb 9-1: Product: syz
[  480.272674][ T5880] usb 9-1: Manufacturer: syz
[  480.274782][ T5880] usb 9-1: SerialNumber: syz
[  480.284624][ T5880] usb 9-1: config 0 descriptor??
[  480.289579][ T5880] gspca_main: se401-2.14.0 probing 047d:5003
[  480.767622][ T5880] gspca_se401: ExtraFeatures: 117
[  480.770002][ T5880] gspca_se401: Too many frame sizes
[  480.796814][T20179] loop6: detected capacity change from 0 to 2048
[  480.799276][T20179] journal_path: Non-blockdev passed as './file0'
[  480.801607][T20179] EXT4-fs: error: could not find journal device path
[  481.115056][ T5880] usb 9-1: USB disconnect, device number 3
[  481.725899][T20205] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4465'.
[  481.872322][T20215] fuse: Bad value for 'fd'
[  481.941573][ T5853] Bluetooth: hci0: adv larger than maximum supported
[  481.941628][ T5853] Bluetooth: hci0: Malformed LE Event: 0x0d
[  482.089187][T20216] loop8: detected capacity change from 0 to 32768
[  482.107488][T20216] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  482.134869][T20216] XFS (loop8): Ending clean mount
[  482.141184][T20216] XFS (loop8): Quotacheck needed: Please wait.
[  482.180611][T20216] XFS (loop8): Quotacheck: Done.
[  482.228783][T20225] loop6: detected capacity change from 0 to 32768
[  482.231939][T19063] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  482.272318][T20225] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  482.286373][T20225] XFS (loop6): Ending clean mount
[  482.479801][T12112] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  482.662777][T20260] loop8: detected capacity change from 0 to 4096
[  482.692818][T20260] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  482.722583][T20260] ntfs3(loop8): Failed to load $UpCase (-22).
[  482.946008][T20294] loop6: detected capacity change from 0 to 512
[  482.989510][T20299] loop8: detected capacity change from 0 to 512
[  482.994458][T20294] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.004638][T20299] EXT4-fs: Ignoring removed nomblk_io_submit option
[  483.040487][T20299] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  483.043904][T20299] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  483.115504][T20299] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.4488: Allocating blocks 41-42 which overlap fs metadata
[  483.125454][T20299] EXT4-fs (loop8): Remounting filesystem read-only
[  483.127768][T20299] Quota error (device loop8): write_blk: dquota write failed
[  483.133606][T20299] Quota error (device loop8): find_free_dqentry: Can't write quota data block 5
[  483.137270][T20299] Quota error (device loop8): write_blk: dquota write failed
[  483.139990][T20299] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  483.147217][T20299] EXT4-fs (loop8): 1 truncate cleaned up
[  483.151598][T20299] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.194525][T20294] EXT4-fs error (device loop6): ext4_add_entry:2417: inode #12: comm syz.6.4486: Directory hole found for htree leaf block 0
[  483.202445][T19063] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.263802][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.550432][T20350] loop6: detected capacity change from 0 to 4096
[  483.578396][T20350] ntfs3(loop6): ino=1a, mi_enum_attr
[  483.583480][T20350] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  483.593083][T20332] loop8: detected capacity change from 0 to 32768
[  483.598576][T20332] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.4497 (20332)
[  483.681462][T20332] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  483.700091][T20332] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[  484.134073][T20332] BTRFS info (device loop8): rebuilding free space tree
[  484.143160][T20332] BTRFS info (device loop8): allowing degraded mounts
[  484.145633][T20332] BTRFS info (device loop8): enabling ssd optimizations
[  484.149143][T20332] BTRFS info (device loop8): enabling free space tree
[  484.152726][T20332] BTRFS info (device loop8): force clearing of disk cache
[  484.155647][T20332] BTRFS info (device loop8): use zstd compression, level 3
[  484.159787][T20332] BTRFS info (device loop8): max_inline set to 0
[  484.212202][T19063] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  484.522590][T20384] loop6: detected capacity change from 0 to 32768
[  484.544644][T20384] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  484.621435][T20384] XFS (loop6): Ending clean mount
[  484.626516][T20384] XFS (loop6): Quotacheck needed: Please wait.
[  484.665212][T20384] XFS (loop6): Quotacheck: Done.
[  484.690334][T12112] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  484.880718][T20414] netlink: 64859 bytes leftover after parsing attributes in process `syz.6.4512'.
[  485.974980][T20434] loop8: detected capacity change from 0 to 32768
[  485.980170][T20434] bcachefs (/dev/loop8): error validating superblock: Invalid superblock section replicas: no devices in entry sb: 33/0 []
[  485.980170][T20434] replicas (size 24):
[  485.980170][T20434] btree: 0/1 [2] sb: 33/0 [] (unknown data_type 144): 56/184 [0 0 0 0 0 0 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 0 5 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 2 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 3 5 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 6 0 0 0 0 11 0 0 0 0 0 0 3 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 0 0 0 0 0 0 0 0 2 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 16 0]
[  485.980170][T20434] 
[  486.001935][T20434] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  486.026931][T20440] loop6: detected capacity change from 0 to 512
[  486.031570][T20440] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  486.064176][T20440] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  486.171073][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.358961][T20458] loop8: detected capacity change from 0 to 1024
[  486.609713][T20478] @: renamed from bond_slave_0 (while UP)
[  487.412560][T20496] team_slave_0: entered promiscuous mode
[  487.415636][T20496] team_slave_1: entered promiscuous mode
[  487.422040][T20496] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  487.425373][T20496] team0: Device macvtap1 is already an upper device of the team interface
[  487.432826][T20496] team_slave_0: left promiscuous mode
[  487.435187][T20496] team_slave_1: left promiscuous mode
[  488.385894][T20521] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4536'.
[  490.540728][T20539] loop6: detected capacity change from 0 to 32768
[  491.181418][T11124] usb 7-1: new full-speed USB device number 39 using dummy_hcd
[  491.353626][T11124] usb 7-1: not running at top speed; connect to a high speed hub
[  491.357316][T11124] usb 7-1: config 95 has an invalid interface number: 1 but max is 0
[  491.360106][T11124] usb 7-1: config 95 has no interface number 0
[  491.362543][T11124] usb 7-1: config 95 interface 1 has no altsetting 0
[  491.372108][T11124] usb 7-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f
[  491.377126][T11124] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.379934][T11124] usb 7-1: Product: syz
[  491.381517][T11124] usb 7-1: Manufacturer: syz
[  491.383090][T11124] usb 7-1: SerialNumber: syz
[  491.716603][T11124] usb 7-1: USB disconnect, device number 39
[  491.806299][T20589] netlink: 'syz.7.4554': attribute type 1 has an invalid length.
[  491.816294][ T6064] udevd[6064]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  491.835461][T20589] bond1: entered promiscuous mode
[  491.838469][T20589] 8021q: adding VLAN 0 to HW filter on device bond1
[  491.869266][T20589] bond1: (slave bridge3): making interface the new active one
[  491.872591][T20589] bridge3: entered promiscuous mode
[  491.888302][T20589] bond1: (slave bridge3): Enslaving as an active interface with an up link
[  492.436979][T20649] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4563'.
[  492.440517][T20649] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4563'.
[  493.247523][T20688] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4573'.
[  493.277863][   T24] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  493.373726][T20695] loop8: detected capacity change from 0 to 1024
[  493.392130][T20695] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.411694][T20695] EXT4-fs warning (device loop8): ext4_empty_dir:3099: inode #11: comm syz.8.4576: directory missing '..'
[  493.446199][T19063] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.580282][   T24] usb 7-1: config 0 has an invalid interface number: 255 but max is 0
[  493.583621][   T24] usb 7-1: config 0 has no interface number 0
[  493.586291][   T24] usb 7-1: config 0 interface 255 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  493.604306][   T24] usb 7-1: config 0 interface 255 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  493.619752][   T24] usb 7-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79
[  493.638471][T20709] binder: 20708:20709 ioctl c0306201 200000000480 returned -14
[  493.979388][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.983076][   T24] usb 7-1: Product: syz
[  493.984958][   T24] usb 7-1: Manufacturer: syz
[  493.987076][   T24] usb 7-1: SerialNumber: syz
[  493.994092][   T24] usb 7-1: config 0 descriptor??
[  494.023652][   T24] vmk80xx 7-1:0.255: driver 'vmk80xx' failed to auto-configure device.
[  494.032128][   T24] vmk80xx 7-1:0.255: probe with driver vmk80xx failed with error -22
[  494.220043][ T5920] usb 7-1: USB disconnect, device number 40
[  495.204193][T20760] binder: 20758:20760 ioctl 4018620d 0 returned -22
[  495.238796][T20760] loop6: detected capacity change from 0 to 256
[  495.507032][T20760] FAT-fs (loop6): Directory bread(block 64) failed
[  495.509716][T20760] FAT-fs (loop6): Directory bread(block 65) failed
[  495.517476][T20760] FAT-fs (loop6): Directory bread(block 66) failed
[  495.526823][T20760] FAT-fs (loop6): Directory bread(block 67) failed
[  495.529954][T20760] FAT-fs (loop6): Directory bread(block 68) failed
[  495.538991][T20760] FAT-fs (loop6): Directory bread(block 69) failed
[  495.568405][T20760] FAT-fs (loop6): Directory bread(block 70) failed
[  495.571598][T20760] FAT-fs (loop6): Directory bread(block 71) failed
[  495.575484][T20760] FAT-fs (loop6): Directory bread(block 72) failed
[  495.579185][T20760] FAT-fs (loop6): Directory bread(block 73) failed
[  496.035799][T20776] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  496.782843][T20781] syz.8.4599 (20781): drop_caches: 2
[  497.879911][T20806] sctp: [Deprecated]: syz.7.4608 (pid 20806) Use of struct sctp_assoc_value in delayed_ack socket option.
[  497.879911][T20806] Use struct sctp_sack_info instead
[  497.939282][T20812] loop6: detected capacity change from 0 to 256
[  497.956086][T20812] exfat: Deprecated parameter 'namecase'
[  498.005366][T20812] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d)
[  498.590920][T20828] loop8: detected capacity change from 0 to 4096
[  498.613362][T20828] ntfs3(loop8): ino=3, Correct links count -> 2.
[  498.633421][T20828] ntfs3(loop8): ino=1a, mi_enum_attr
[  498.635745][T20828] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  499.438095][T20842] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4615'.
[  500.299150][T20855] loop6: detected capacity change from 0 to 2048
[  500.470408][T20855] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #2: comm syz.6.4619: pblk 0 bad header/extent: too large eh_depth - magic f30a, entries 1, max 4(4), depth 25349(25349)
[  500.478091][T20855] EXT4-fs (loop6): Remounting filesystem read-only
[  500.480434][T20855] EXT4-fs (loop6): get root inode failed
[  500.483805][T20855] EXT4-fs (loop6): mount failed
[  501.194716][T20864] loop6: detected capacity change from 0 to 40427
[  501.204932][T20864] F2FS-fs (loop6): Image doesn't support compression
[  501.207783][T20864] F2FS-fs (loop6): build fault injection rate: 690
[  501.238198][T20864] F2FS-fs (loop6): invalid crc value
[  501.315317][T20864] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  501.320742][T20864] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  501.378581][T12112] syz-executor: attempt to access beyond end of device
[  501.378581][T12112] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  501.384267][T12112] CPU: 0 UID: 0 PID: 12112 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  501.384285][T12112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  501.384293][T12112] Call Trace:
[  501.384298][T12112]  <TASK>
[  501.384304][T12112]  dump_stack_lvl+0x189/0x250
[  501.384327][T12112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.384364][T12112]  ? __pfx_queue_work_on+0x10/0x10
[  501.384377][T12112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  501.384394][T12112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  501.384420][T12112]  f2fs_handle_critical_error+0x37c/0x540
[  501.384444][T12112]  f2fs_write_end_io+0x886/0xb60
[  501.384473][T12112]  __submit_merged_bio+0x27a/0x6a0
[  501.384496][T12112]  __submit_merged_write_cond+0x255/0x530
[  501.384519][T12112]  f2fs_write_data_pages+0x261d/0x3000
[  501.384566][T12112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  501.384621][T12112]  ? __mod_zone_page_state+0xd7/0x140
[  501.384648][T12112]  ? folios_put_refs+0x560/0x640
[  501.384670][T12112]  ? __pfx_folios_put_refs+0x10/0x10
[  501.384682][T12112]  ? rcu_is_watching+0x15/0xb0
[  501.384703][T12112]  ? __lock_acquire+0xab9/0xd20
[  501.384735][T12112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  501.384753][T12112]  do_writepages+0x32e/0x550
[  501.384779][T12112]  ? do_raw_spin_unlock+0x4d/0x240
[  501.384819][T12112]  filemap_fdatawrite+0x199/0x240
[  501.384838][T12112]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  501.384896][T12112]  ? do_raw_spin_unlock+0x4d/0x240
[  501.384914][T12112]  f2fs_sync_dirty_inodes+0x31f/0x830
[  501.384940][T12112]  f2fs_write_checkpoint+0x95a/0x1df0
[  501.384973][T12112]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  501.385027][T12112]  ? kill_f2fs_super+0x298/0x6c0
[  501.385049][T12112]  kill_f2fs_super+0x2c3/0x6c0
[  501.385067][T12112]  ? __pfx_kill_f2fs_super+0x10/0x10
[  501.385077][T12112]  ? radix_tree_delete_item+0x2b6/0x400
[  501.385100][T12112]  ? shrinker_free+0x2ce/0x3e0
[  501.385116][T12112]  deactivate_locked_super+0xbc/0x130
[  501.385133][T12112]  cleanup_mnt+0x425/0x4c0
[  501.385146][T12112]  ? lockdep_hardirqs_on+0x9c/0x150
[  501.385165][T12112]  task_work_run+0x1d4/0x260
[  501.385183][T12112]  ? __pfx_task_work_run+0x10/0x10
[  501.385197][T12112]  ? __x64_sys_umount+0x122/0x160
[  501.385218][T12112]  ? exit_to_user_mode_loop+0x40/0x110
[  501.385238][T12112]  exit_to_user_mode_loop+0xec/0x110
[  501.385255][T12112]  do_syscall_64+0x2bd/0x3b0
[  501.385291][T12112]  ? lockdep_hardirqs_on+0x9c/0x150
[  501.385306][T12112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.385318][T12112]  ? exc_page_fault+0x9f/0xf0
[  501.385336][T12112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.385348][T12112] RIP: 0033:0x7f128158ff17
[  501.385359][T12112] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  501.385370][T12112] RSP: 002b:00007ffdbe2220b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  501.385383][T12112] RAX: 0000000000000000 RBX: 00007f1281611c05 RCX: 00007f128158ff17
[  501.385391][T12112] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbe222170
[  501.385399][T12112] RBP: 00007ffdbe222170 R08: 0000000000000000 R09: 0000000000000000
[  501.385406][T12112] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbe223200
[  501.385413][T12112] R13: 00007f1281611c05 R14: 0000000000079929 R15: 00007ffdbe223240
[  501.385437][T12112]  </TASK>
[  501.386060][T12112] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  501.813686][T20898] netlink: 212 bytes leftover after parsing attributes in process `syz.7.4630'.
[  501.817949][T20898] netlink: 'syz.7.4630': attribute type 6 has an invalid length.
[  501.890686][T20900] loop6: detected capacity change from 0 to 1024
[  501.907082][T20900] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  501.925764][T20900] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  501.938055][T20900] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  501.955377][T20900] JBD2: no valid journal superblock found
[  501.958031][T20900] EXT4-fs (loop6): Could not load journal inode
[  502.096157][T20913] loop6: detected capacity change from 0 to 1024
[  502.156341][T20897] loop8: detected capacity change from 0 to 32768
[  502.182704][   T36] hfsplus: b-tree write err: -5, ino 8
[  502.190538][T20897] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  502.252220][T20897] XFS (loop8): Ending clean mount
[  502.283674][T20897] XFS (loop8): Quotacheck needed: Please wait.
[  502.345050][T20938] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  502.351617][T20897] XFS (loop8): Quotacheck: Done.
[  502.536954][T19063] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  502.855873][T20962] 9pnet_fd: Insufficient options for proto=fd
[  502.929053][T20968] loop8: detected capacity change from 0 to 2048
[  502.932297][   T33] audit: type=1800 audit(499.423:600): pid=20965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4647" name="/" dev="9p" ino=2 res=0 errno=0
[  502.954103][T20968] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  503.379724][ T5880] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  503.553481][ T5880] usb 9-1: config 0 has an invalid interface number: 3 but max is 0
[  503.556846][ T5880] usb 9-1: config 0 has no interface number 0
[  503.559090][ T5880] usb 9-1: config 0 interface 3 altsetting 0 endpoint 0xD has an invalid bInterval 104, changing to 10
[  503.564039][ T5880] usb 9-1: config 0 interface 3 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  503.570379][ T5880] usb 9-1: New USB device found, idVendor=1660, idProduct=1921, bcdDevice=1f.84
[  503.574822][ T5880] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.578228][ T5880] usb 9-1: Product: syz
[  503.580101][ T5880] usb 9-1: Manufacturer: syz
[  503.582226][ T5880] usb 9-1: SerialNumber: syz
[  503.587712][ T5880] usb 9-1: config 0 descriptor??
[  503.811050][ T5880] dvb-usb: found a 'Medion CTX1921 DVB-T USB' in warm state.
[  503.822273][ T5880] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  503.827099][ T5880] dvbdev: DVB: registering new adapter (Medion CTX1921 DVB-T USB)
[  503.831982][ T5880] usb 9-1: media controller created
[  503.851606][ T5880] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  503.903417][ T5880] DVB: Unable to find symbol dib7000p_attach()
[  503.905900][ T5880] dvb-usb: no frontend was attached by 'Medion CTX1921 DVB-T USB'
[  503.956632][ T5880] rc_core: IR keymap rc-dib0700-rc5 not found
[  503.959359][ T5880] Registered IR keymap rc-empty
[  503.961564][ T5880] dvb-usb: could not initialize remote control.
[  503.965279][ T5880] dvb-usb: Medion CTX1921 DVB-T USB successfully initialized and connected.
[  504.027288][ T5880] dib0700: There's no endpoint for remote controller
[  504.153084][T21016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.159334][T21016] batadv_slave_1: entered promiscuous mode
[  504.257539][T21018] overlayfs: failed to clone upperpath
[  504.467500][  T792] usb 9-1: USB disconnect, device number 4
[  504.559360][  T792] dvb-usb: Medion CTX1921 DVB-T USB successfully deinitialized and disconnected.
[  504.923039][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  504.925724][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  505.445819][T21081] loop6: detected capacity change from 0 to 2048
[  505.462382][T21081] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.609759][T21093] loop6: detected capacity change from 0 to 2048
[  505.624627][T21093] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  505.636798][T21093] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.781290][T21088] loop8: detected capacity change from 0 to 32768
[  505.787563][T21088] bcachefs (/dev/loop8): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  505.787563][T21088] clean (size 2912):
[  505.787563][T21088] flags:          0
[  505.787563][T21088] journal_seq:    8
[  505.787563][T21088] usage: type=inodes v=8
[  505.787563][T21088] usage: type=key_version v=0
[  505.787563][T21088] usage: type=reserved v=0
[  505.787563][T21088] usage: type=reserved v=0
[  505.787563][T21088] usage: type=reserved v=0
[  505.787563][T21088] usage: type=(unknown fs_usage_type 3) v=0
[  505.787563][T21088] data_usage: btree: 1/1 [0]=2816
[  505.787563][T21088] data_usage: journal: 1/1 [0]=0
[  505.787563][T21088] data_usage: user: 1/1 [0]=32
[  505.787563][T21088] dev_usage: dev=0  
[  505.787563][T21088]   free: buckets=83 sectors=0 fragmented=0
[  505.787563][T21088]   sb: buckets=25 sectors=6152 fragmented=248
[  505.787563][T21088]   journal: buckets=8 sectors=2048 fragmented=0
[  505.787563][T21088]   btree: buckets=11 sectors=2816 fragmented=0
[  505.787563][T21088]   user: buckets=1 sectors=32 fragmented=224
[  505.787563][T21088]   cached: buckets=0 sectors=0 fragmented=0
[  505.787563][T21088]   parity: buckets=0 sectors=0 fragmented=0
[  505.787563][T21088]   stripe: buckets=0 sectors=0 fragmented=0
[  505.787563][T21088]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  505.787563][T21088]   need_discard: buckets=0 sectors=0 fragmented=0
[  505.787563][T21088] clock: read=0
[  505.787563][T21088] clock: write=1288
[  505.787563][T21088] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 720575940379
[  505.787896][T21088] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  506.116128][T21127] serio: Serial port pty32
[  506.130650][T21136] netlink: 'syz.8.4688': attribute type 1 has an invalid length.
[  506.134203][T21136] netlink: 1 bytes leftover after parsing attributes in process `syz.8.4688'.
[  506.367156][T21161] loop6: detected capacity change from 0 to 1024
[  506.393208][ T3825] hfsplus: b-tree write err: -5, ino 4
[  506.415666][  T792] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  506.587928][  T792] usb 9-1: Using ep0 maxpacket: 8
[  506.642424][  T792] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  506.646089][  T792] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.649441][  T792] usb 9-1: Product: syz
[  506.653139][T21167] loop6: detected capacity change from 0 to 32768
[  506.656113][  T792] usb 9-1: Manufacturer: syz
[  506.661363][  T792] usb 9-1: SerialNumber: syz
[  506.665590][T21167] (syz.6.4696,21167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  506.670131][  T792] usb 9-1: config 0 descriptor??
[  506.678418][T21167] (syz.6.4696,21167,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  506.707958][T21167] JBD2: Ignoring recovery information on journal
[  506.746107][T21167] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  506.862781][T12112] ocfs2: Unmounting device (7,6) on (node local)
[  507.041085][  T792] usb 9-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  507.839980][T21228] loop6: detected capacity change from 0 to 2048
[  507.846131][T21228] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=3932051, location=3932051
[  507.854007][T21228] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  508.084026][T21243] Bluetooth: MGMT ver 1.23
[  508.255512][  T792] dvb_usb_rtl28xxu 9-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  508.272668][  T792] usb 9-1: USB disconnect, device number 5
[  508.746193][  T792] usb 7-1: new low-speed USB device number 41 using dummy_hcd
[  508.906082][T21272] tipc: Started in network mode
[  508.911146][T21272] tipc: Node identity c6048e923b79, cluster identity 4711
[  508.915094][  T792] usb 7-1: config 65 has an invalid interface number: 95 but max is 0
[  508.921349][  T792] usb 7-1: config 65 has no interface number 0
[  508.923970][T21272] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  508.930204][T21272] syzkaller0: entered promiscuous mode
[  508.932440][T21272] syzkaller0: entered allmulticast mode
[  508.936434][  T792] usb 7-1: string descriptor 0 read error: -22
[  508.944896][  T792] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=6f.b6
[  508.950098][  T792] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.976668][  T792] usbtest 7-1:65.95: Linux gadget zero
[  508.979077][  T792] usbtest 7-1:65.95: low-speed {control in/out} tests (+alt)
[  508.985329][T21272] tipc: Resetting bearer <eth:syzkaller0>
[  509.001006][T21270] tipc: Resetting bearer <eth:syzkaller0>
[  509.026749][T21270] tipc: Disabling bearer <eth:syzkaller0>
[  509.143473][T21292] openvswitch: netlink: IP tunnel dst address not specified
[  509.200494][  T792] usb 7-1: USB disconnect, device number 41
[  509.440958][    T9] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  509.601262][    T9] usb 9-1: Using ep0 maxpacket: 32
[  509.605110][    T9] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.609740][    T9] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.615288][    T9] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  509.618435][    T9] usb 9-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  509.621730][    T9] usb 9-1: Product: syz
[  509.623548][    T9] usb 9-1: Manufacturer: syz
[  509.637045][    T9] hub 9-1:4.0: USB hub found
[  509.858379][    T9] hub 9-1:4.0: 2 ports detected
[  510.296398][ T5853] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  510.300357][ T5853] Bluetooth: hci2: command 0x0401 tx timeout
[  510.484368][    T9] hub 9-1:4.0: set hub depth failed
[  510.496567][    T9] usb 9-1: USB disconnect, device number 6
[  510.803535][T21353] loop6: detected capacity change from 0 to 8
[  510.826473][T21353] SQUASHFS error: Unable to read directory block [629:0]
[  511.830161][T21379] loop8: detected capacity change from 0 to 32768
[  511.833278][T21379] XFS: noikeep mount option is deprecated.
[  511.843862][T21379] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  511.868498][T21379] XFS (loop8): Ending clean mount
[  511.872995][T21379] XFS (loop8): Quotacheck needed: Please wait.
[  511.913228][T21379] XFS (loop8): Quotacheck: Done.
[  511.983463][T19063] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  512.552391][  T792] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  512.723007][  T792] usb 9-1: Using ep0 maxpacket: 32
[  512.727822][  T792] usb 9-1: config 0 has an invalid interface number: 51 but max is 0
[  512.731300][  T792] usb 9-1: config 0 has no interface number 0
[  512.736465][  T792] usb 9-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  512.740296][  T792] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.743783][  T792] usb 9-1: Product: syz
[  512.746373][  T792] usb 9-1: Manufacturer: syz
[  512.748727][  T792] usb 9-1: SerialNumber: syz
[  512.753527][  T792] usb 9-1: config 0 descriptor??
[  512.758810][  T792] quatech2 9-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  512.978047][  T792] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  512.987439][  T792] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  513.224949][T21446] could not allocate digest TFM handle sm3
[  513.409693][    C1] usb 9-1: qt2_read_bulk_callback - non-zero urb status: -71
[  513.413304][  T792] usb 9-1: USB disconnect, device number 7
[  513.423751][  T792] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  513.434233][  T792] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  513.439594][  T792] quatech2 9-1:0.51: device disconnected
[  514.112079][T21486] netlink: 'syz.7.4774': attribute type 10 has an invalid length.
[  514.138007][T21486] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  514.153979][T21489] syz.8.4775(21489): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  515.036342][T21548] loop8: detected capacity change from 0 to 32768
[  515.060981][T21548] ERROR: (device loop8): diAllocAG: nfreeinos = 0, but iag on freelist
[  515.060981][T21548] 
[  515.088967][T21548] ialloc: diAlloc returned -5!
[  515.171148][  T792] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  515.355282][  T792] usb 7-1: too many configurations: 37, using maximum allowed: 8
[  515.372414][ T5849] Bluetooth: hci1: adv larger than maximum supported
[  515.372588][ T5849] Bluetooth: hci1: Malformed LE Event: 0x0d
[  515.377059][  T792] usb 7-1: string descriptor 0 read error: -71
[  515.381286][  T792] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  515.384386][  T792] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.395675][  T792] usb 7-1: can't set config #1, error -71
[  515.401516][  T792] usb 7-1: USB disconnect, device number 42
[  516.623342][T21611] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  517.115886][T21620] loop6: detected capacity change from 0 to 1024
[  517.121872][T21620] EXT4-fs: Ignoring removed orlov option
[  517.124077][T21620] EXT4-fs: Ignoring removed nomblk_io_submit option
[  517.158842][T21620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  517.363634][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.068240][   T24] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  518.126918][   T33] audit: type=1326 audit(513.632:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21643 comm="syz.7.4813" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6bd58ebe9 code=0x0
[  518.243163][   T24] usb 7-1: Using ep0 maxpacket: 8
[  518.261589][   T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  518.275597][   T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  518.294208][   T24] usb 7-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6
[  518.312445][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10
[  518.332539][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024
[  518.344004][   T24] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  518.353930][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.445060][   T24] hub 7-1:1.0: bad descriptor, ignoring hub
[  518.448542][   T24] hub 7-1:1.0: probe with driver hub failed with error -5
[  518.457278][   T24] cdc_wdm 7-1:1.0: skipping garbage
[  518.459914][   T24] cdc_wdm 7-1:1.0: skipping garbage
[  518.463114][   T24] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  518.471462][T21656] loop8: detected capacity change from 0 to 2048
[  518.500143][T21656] NILFS (loop8): Invalid checkpoint (checkpoint number=2)
[  518.505106][T21656] NILFS (loop8): error -22 while loading last checkpoint (checkpoint number=2)
[  518.868435][T21669] loop8: detected capacity change from 0 to 32768
[  518.901760][T21669] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  518.910361][T21669] lbmIODone: I/O error in JFS log
[  518.913652][T21669] *** Log Format Error ! ***
[  518.916244][T21669] lmLogInit: exit(-22)
[  518.918000][T21669] lmLogOpen: exit(-22)
[  518.975727][   T24] usb 7-1: reset high-speed USB device number 43 using dummy_hcd
[  519.047768][T21685] netlink: 14 bytes leftover after parsing attributes in process `syz.8.4819'.
[  519.449421][T21696] loop8: detected capacity change from 0 to 32768
[  519.455082][T21696] bcachefs (/dev/loop8): error validating superblock: Invalid superblock section disk_groups: label 1 empty
[  519.455082][T21696] disk_groups (size 152):
[  519.455082][T21696] [parent 0 name ] [parent 0 name ] [parent 0 name ]
[  519.467933][T21696] bcachefs: bch2_fs_get_tree() error: invalid_sb_disk_groups
[  519.490563][ T5880] usb 7-1: USB disconnect, device number 43
[  519.985912][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  519.989021][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  519.992161][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  519.997353][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.000662][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.004086][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.007700][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.011136][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.016681][T21736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4831'.
[  520.996701][T21767] loop8: detected capacity change from 0 to 32768
[  521.000071][T21767] btrfs: Deprecated parameter 'usebackuproot'
[  521.002180][T21767] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  521.007907][T21767] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.4839 (21767)
[  521.017137][T21767] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  521.020641][T21767] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[  521.159675][T21767] BTRFS info (device loop8): rebuilding free space tree
[  521.169909][T21767] BTRFS info (device loop8): allowing degraded mounts
[  521.172842][T21767] BTRFS info (device loop8): enabling ssd optimizations
[  521.176096][T21767] BTRFS info (device loop8): enabling free space tree
[  521.178830][T21767] BTRFS info (device loop8): force clearing of disk cache
[  521.182659][T21767] BTRFS info (device loop8): trying to use backup root at mount time
[  521.186064][T21767] BTRFS info (device loop8): use zstd compression, level 3
[  521.189954][T21767] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  521.251371][T21798] loop6: detected capacity change from 0 to 1024
[  521.263759][T21798] EXT4-fs: Ignoring removed i_version option
[  521.285313][T21798] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  521.289893][T21798] EXT4-fs (loop6): group descriptors corrupted!
[  521.868406][T21858] loop8: detected capacity change from 0 to 128
[  521.885728][T21858] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  521.907561][T21858] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  521.977959][T21870] loop8: detected capacity change from 0 to 256
[  521.993723][T21870] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  522.202303][ T5880] libceph: connect (1)[c::]:6789 error -101
[  522.205174][ T5880] libceph: mon0 (1)[c::]:6789 connect error
[  522.355984][T21889] ceph: No mds server is up or the cluster is laggy
[  522.461883][T21901] loop8: detected capacity change from 0 to 1764
[  522.469387][T21901] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  522.499813][T21901] iso9660: Corrupted directory entry in block 2 of inode 1920
[  522.650938][ T5849] Bluetooth: hci2: unexpected event for opcode 0x0c5a
[  522.750105][T21917] loop8: detected capacity change from 0 to 128
[  522.765414][T21917] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  522.883976][T19063] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  522.915599][T21927] loop6: detected capacity change from 0 to 512
[  522.942827][T21927] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.006141][T12112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.224555][T21947] loop6: detected capacity change from 0 to 32768
[  523.241269][T21947] overlayfs: upper fs needs to support d_type.
[  523.243977][T21947] overlayfs: upper fs does not support tmpfile.
[  523.252779][T21947] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  523.278618][T21947] overlayfs: failed lookup in lower (/, name='file0', err=-40): overlapping layers
[  523.678216][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  523.683373][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  523.687423][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  523.693838][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  523.697131][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  523.856786][T21967] chnl_net:caif_netlink_parms(): no params data found
[  523.930019][T21967] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.933072][T21967] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.936099][T21967] bridge_slave_0: entered allmulticast mode
[  523.941066][T21967] bridge_slave_0: entered promiscuous mode
[  523.945320][T21967] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.948401][T21967] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.951695][T21967] bridge_slave_1: entered allmulticast mode
[  523.955280][T21967] bridge_slave_1: entered promiscuous mode
[  523.981592][T21967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  523.987125][T21967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  524.012744][T21967] team0: Port device team_slave_0 added
[  524.016437][T21967] team0: Port device team_slave_1 added
[  524.042777][T21967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  524.047286][T21967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  524.056119][T21967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  524.061111][T21967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  524.063650][T21967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  524.072917][T21967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  524.106435][T21967] hsr_slave_0: entered promiscuous mode
[  524.109354][T21967] hsr_slave_1: entered promiscuous mode
[  524.111851][T21967] debugfs: 'hsr0' already exists in 'hsr'
[  524.113786][T21967] Cannot create hsr debugfs directory
[  524.246617][T21967] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  524.259629][T21967] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  524.283225][T21967] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  524.289995][T22296] loop8: detected capacity change from 0 to 16
[  524.296704][T22296] erofs (device loop8): mounted with root inode @ nid 36.
[  524.298977][T21967] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  524.407438][T21967] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.410036][T21967] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.412402][T21967] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.414929][T21967] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.436884][T22308] loop8: detected capacity change from 0 to 1764
[  524.458491][T21967] 8021q: adding VLAN 0 to HW filter on device bond0
[  524.472450][ T3817] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.743626][ T3817] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.777184][T21967] 8021q: adding VLAN 0 to HW filter on device team0
[  524.795592][ T3817] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.798620][ T3817] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.809007][ T3817] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.811975][ T3817] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.931777][T22339] loop8: detected capacity change from 0 to 4096
[  524.970067][T21967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  525.057444][T22351] loop8: detected capacity change from 0 to 512
[  525.089543][T22351] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.151137][T22351] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  525.171126][T21967] veth0_vlan: entered promiscuous mode
[  525.179971][T21967] veth1_vlan: entered promiscuous mode
[  525.198518][T19063] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.205053][T21967] veth0_macvtap: entered promiscuous mode
[  525.224245][T21967] veth1_macvtap: entered promiscuous mode
[  525.273217][T21967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  525.288879][T21967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  525.317100][   T12] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  525.323366][   T12] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  525.337135][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  525.345339][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  525.419063][T22369] loop8: detected capacity change from 0 to 1024
[  525.440329][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.443184][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.491191][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.494675][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.904828][   T47] usb 9-1: new low-speed USB device number 8 using dummy_hcd
[  525.907688][   T24] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  526.077252][   T47] usb 9-1: config 179 has an invalid interface number: 65 but max is 0
[  526.083110][   T47] usb 9-1: config 179 has no interface number 0
[  526.091045][   T47] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  526.095917][   T47] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  526.100827][   T24] usb 10-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  526.105816][   T24] usb 10-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3
[  526.109710][   T47] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  526.114587][   T47] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8
[  526.120339][   T24] usb 10-1: Product: syz
[  526.122202][   T24] usb 10-1: Manufacturer: syz
[  526.124252][   T24] usb 10-1: SerialNumber: syz
[  526.128313][   T47] usb 9-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  526.144985][   T24] usb 10-1: config 0 descriptor??
[  526.147755][   T47] usb 9-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  526.155190][   T47] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.166857][T22400] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  526.169963][T22400] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  526.377516][   T24] usb-storage 10-1:0.0: USB Mass Storage device detected
[  526.403118][ T5880] usb 9-1: USB disconnect, device number 8
[  526.403149][    C1] xpad 9-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  526.409432][    C1] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  526.413742][    C1] ==================================================================
[  526.417139][    C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  526.420473][    C1] Read of size 4 at addr ffff888109f2f85c by task kworker/u10:4/22429
[  526.424763][    C1] 
[  526.425769][    C1] CPU: 1 UID: 0 PID: 22429 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  526.425784][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  526.425792][    C1] Call Trace:
[  526.425800][    C1]  <IRQ>
[  526.425805][    C1]  dump_stack_lvl+0x189/0x250
[  526.425816][    C1]  ? __kasan_check_byte+0x12/0x40
[  526.425826][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.425834][    C1]  ? lock_release+0x4b/0x3e0
[  526.425844][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  526.425853][    C1]  print_report+0xca/0x240
[  526.425861][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  526.425868][    C1]  kasan_report+0x118/0x150
[  526.425879][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  526.425887][    C1]  do_raw_spin_lock+0x23d/0x290
[  526.425895][    C1]  ? __wake_up_common_lock+0x2f/0x1f0
[  526.425903][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  526.425912][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  526.425921][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  526.425929][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  526.425939][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  526.425948][    C1]  __usb_hcd_giveback_urb+0x3b0/0x540
[  526.425959][    C1]  dummy_timer+0x862/0x4550
[  526.425973][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  526.425984][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.425993][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.426001][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.426009][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  526.426018][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  526.426024][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  526.426032][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  526.426039][    C1]  handle_softirqs+0x286/0x870
[  526.426046][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  526.426053][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  526.426061][    C1]  __irq_exit_rcu+0xca/0x1f0
[  526.426067][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  526.426074][    C1]  irq_exit_rcu+0x9/0x30
[  526.426080][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  526.426090][    C1]  </IRQ>
[  526.426093][    C1]  <TASK>
[  526.426095][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  526.426103][    C1] RIP: 0010:unwind_next_frame+0x15d/0x2390
[  526.426112][    C1] Code: 5d 00 48 85 db 74 23 48 81 c3 88 00 00 00 48 89 d8 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 45 1b 00 00 f6 03 03 0f 85 e4 17 00 00 <49> 8d 5e 35 48 89 d8 48 c1 e8 03 48 89 44 24 28 0f b6 04 28 84 c0
[  526.426118][    C1] RSP: 0018:ffffc90006f770f8 EFLAGS: 00000246
[  526.426126][    C1] RAX: 1ffff92000deee43 RBX: 0000000000000000 RCX: 76ee30d4f93d9a00
[  526.426131][    C1] RDX: 0000000000000001 RSI: ffffffff8be33660 RDI: ffffffff8be33620
[  526.426136][    C1] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff8172c195
[  526.426140][    C1] R10: ffffc90006f77218 R11: ffffffff81ac3820 R12: 1ffff92000deee39
[  526.426145][    C1] R13: ffffc90006f77218 R14: ffffc90006f771c8 R15: ffffffff8172c195
[  526.426150][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.426157][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  526.426165][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.426173][    C1]  ? unwind_next_frame+0xd4/0x2390
[  526.426180][    C1]  ? arch_stack_walk+0xe4/0x150
[  526.426188][    C1]  ? stack_trace_save+0x9c/0xe0
[  526.426196][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  526.426203][    C1]  arch_stack_walk+0x11c/0x150
[  526.426211][    C1]  ? stack_trace_save+0x9c/0xe0
[  526.426219][    C1]  stack_trace_save+0x9c/0xe0
[  526.426226][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  526.426234][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.426240][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  526.426249][    C1]  kasan_save_stack+0x3e/0x60
[  526.426264][    C1]  kasan_record_aux_stack+0xbd/0xd0
[  526.426271][    C1]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[  526.426278][    C1]  call_rcu+0x157/0x9c0
[  526.426287][    C1]  ? __pfx_call_rcu+0x10/0x10
[  526.426295][    C1]  ? __fput_deferred+0x227/0x390
[  526.426302][    C1]  kmem_cache_free+0x309/0x400
[  526.426312][    C1]  __fput_deferred+0x227/0x390
[  526.426318][    C1]  ? __pfx___fput_deferred+0x10/0x10
[  526.426326][    C1]  fput_close+0x119/0x200
[  526.426333][    C1]  ? leave_rcu+0xef/0x160
[  526.426339][    C1]  ? __pfx_fput_close+0x10/0x10
[  526.426347][    C1]  path_openat+0x313c/0x3830
[  526.426354][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.426362][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.426368][    C1]  ? unwind_next_frame+0x19ae/0x2390
[  526.426378][    C1]  ? __pfx_path_openat+0x10/0x10
[  526.426386][    C1]  ? stack_trace_save+0x9c/0xe0
[  526.426394][    C1]  ? stack_depot_save_flags+0x40/0x860
[  526.426404][    C1]  do_filp_open+0x1fa/0x410
[  526.426411][    C1]  ? kasan_save_track+0x3e/0x80
[  526.426419][    C1]  ? __pfx_do_filp_open+0x10/0x10
[  526.426425][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  526.426458][    C1]  ? do_open_execat+0x93/0x560
[  526.426468][    C1]  do_open_execat+0x135/0x560
[  526.426476][    C1]  ? __pfx_do_open_execat+0x10/0x10
[  526.426484][    C1]  ? rcu_is_watching+0x15/0xb0
[  526.426490][    C1]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  526.426497][    C1]  ? getname_kernel+0x146/0x2f0
[  526.426504][    C1]  alloc_bprm+0x28/0x5c0
[  526.426512][    C1]  ? getname_kernel+0x20e/0x2f0
[  526.426518][    C1]  kernel_execve+0x9b/0x9f0
[  526.426527][    C1]  call_usermodehelper_exec_async+0x210/0x360
[  526.426537][    C1]  ? __pfx_call_usermodehelper_exec_async+0x10/0x10
[  526.426547][    C1]  ret_from_fork+0x3fc/0x770
[  526.426554][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  526.426561][    C1]  ? __switch_to_asm+0x39/0x70
[  526.426569][    C1]  ? __switch_to_asm+0x33/0x70
[  526.426576][    C1]  ? __pfx_call_usermodehelper_exec_async+0x10/0x10
[  526.426586][    C1]  ret_from_fork_asm+0x1a/0x30
[  526.426596][    C1]  </TASK>
[  526.426598][    C1] 
[  526.621871][    C1] Allocated by task 47:
[  526.623454][    C1]  kasan_save_track+0x3e/0x80
[  526.625326][    C1]  __kasan_kmalloc+0x93/0xb0
[  526.627041][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  526.628966][    C1]  xpad_probe+0x428/0x1fc0
[  526.630815][    C1]  usb_probe_interface+0x668/0xc30
[  526.632675][    C1]  really_probe+0x26d/0x9e0
[  526.634301][    C1]  __driver_probe_device+0x18c/0x2f0
[  526.636175][    C1]  driver_probe_device+0x4f/0x430
[  526.637845][    C1]  __device_attach_driver+0x2ce/0x530
[  526.639682][    C1]  bus_for_each_drv+0x251/0x2e0
[  526.641292][    C1]  __device_attach+0x2b8/0x400
[  526.642834][    C1]  bus_probe_device+0x185/0x260
[  526.644633][    C1]  device_add+0x7b6/0xb50
[  526.646171][    C1]  usb_set_configuration+0x1a87/0x20e0
[  526.648320][    C1]  usb_generic_driver_probe+0x8d/0x150
[  526.650550][    C1]  usb_probe_device+0x1c4/0x390
[  526.652457][    C1]  really_probe+0x26d/0x9e0
[  526.654186][    C1]  __driver_probe_device+0x18c/0x2f0
[  526.656189][    C1]  driver_probe_device+0x4f/0x430
[  526.657999][    C1]  __device_attach_driver+0x2ce/0x530
[  526.659801][    C1]  bus_for_each_drv+0x251/0x2e0
[  526.661461][    C1]  __device_attach+0x2b8/0x400
[  526.663020][    C1]  bus_probe_device+0x185/0x260
[  526.664789][    C1]  device_add+0x7b6/0xb50
[  526.666272][    C1]  usb_new_device+0xa39/0x16f0
[  526.668227][    C1]  hub_event+0x2958/0x4a20
[  526.670110][    C1]  process_scheduled_works+0xae1/0x17b0
[  526.672459][    C1]  worker_thread+0x8a0/0xda0
[  526.674457][    C1]  kthread+0x711/0x8a0
[  526.676205][    C1]  ret_from_fork+0x3fc/0x770
[  526.678191][    C1]  ret_from_fork_asm+0x1a/0x30
[  526.680226][    C1] 
[  526.681282][    C1] Freed by task 5880:
[  526.682796][    C1]  kasan_save_track+0x3e/0x80
[  526.684392][    C1]  kasan_save_free_info+0x46/0x50
[  526.686497][    C1]  __kasan_slab_free+0x5b/0x80
[  526.688575][    C1]  kfree+0x18e/0x440
[  526.690217][    C1]  xpad_disconnect+0x350/0x480
[  526.692238][    C1]  usb_unbind_interface+0x26e/0x910
[  526.694534][    C1]  device_release_driver_internal+0x4d9/0x800
[  526.697180][    C1]  bus_remove_device+0x34d/0x410
[  526.699353][    C1]  device_del+0x511/0x8e0
[  526.701289][    C1]  usb_disable_device+0x3e9/0x8a0
[  526.703514][    C1]  usb_disconnect+0x330/0x950
[  526.705608][    C1]  hub_event+0x1cf5/0x4a20
[  526.707554][    C1]  process_scheduled_works+0xae1/0x17b0
[  526.709917][    C1]  worker_thread+0x8a0/0xda0
[  526.711898][    C1]  kthread+0x711/0x8a0
[  526.713689][    C1]  ret_from_fork+0x3fc/0x770
[  526.715697][    C1]  ret_from_fork_asm+0x1a/0x30
[  526.717779][    C1] 
[  526.718849][    C1] The buggy address belongs to the object at ffff888109f2f800
[  526.718849][    C1]  which belongs to the cache kmalloc-1k of size 1024
[  526.724648][    C1] The buggy address is located 92 bytes inside of
[  526.724648][    C1]  freed 1024-byte region [ffff888109f2f800, ffff888109f2fc00)
[  526.730313][    C1] 
[  526.731380][    C1] The buggy address belongs to the physical page:
[  526.734063][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109f28
[  526.737556][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  526.740863][    C1] anon flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  526.743907][    C1] page_type: f5(slab)
[  526.745332][    C1] raw: 057ff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  526.748354][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  526.751274][    C1] head: 057ff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  526.754381][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  526.757352][    C1] head: 057ff00000000003 ffffea000427ca01 00000000ffffffff 00000000ffffffff
[  526.761047][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  526.764726][    C1] page dumped because: kasan: bad access detected
[  526.767378][    C1] page_owner tracks the page as allocated
[  526.769829][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5854, tgid 5854 (syz-executor), ts 56343784226, free_ts 55979634427
[  526.777748][    C1]  post_alloc_hook+0x240/0x2a0
[  526.779704][    C1]  get_page_from_freelist+0x21e4/0x22c0
[  526.781630][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  526.783712][    C1]  alloc_pages_mpol+0x232/0x4a0
[  526.785583][    C1]  allocate_slab+0x8a/0x370
[  526.787494][    C1]  ___slab_alloc+0xbeb/0x1410
[  526.789487][    C1]  __kmalloc_noprof+0x305/0x4f0
[  526.791487][    C1]  batadv_hash_new+0x7b/0x290
[  526.793543][    C1]  batadv_nc_mesh_init+0x13c/0x3c0
[  526.795688][    C1]  batadv_mesh_init+0x412/0x700
[  526.797757][    C1]  batadv_meshif_init_late+0xa3a/0xee0
[  526.800095][    C1]  register_netdevice+0x6bf/0x1ae0
[  526.802201][    C1]  rtnl_newlink_create+0x310/0xb00
[  526.804378][    C1]  rtnl_newlink+0x16d6/0x1c70
[  526.806464][    C1]  rtnetlink_rcv_msg+0x7cf/0xb70
[  526.808616][    C1]  netlink_rcv_skb+0x208/0x470
[  526.810648][    C1] page last free pid 5845 tgid 5845 stack trace:
[  526.812911][    C1]  __free_frozen_pages+0xbc4/0xd30
[  526.814727][    C1]  __folio_put+0x21b/0x2c0
[  526.816568][    C1]  skb_release_data+0x49a/0x7c0
[  526.818693][    C1]  napi_consume_skb+0x158/0x1e0
[  526.820784][    C1]  net_rx_action+0x51b/0xe30
[  526.822787][    C1]  handle_softirqs+0x286/0x870
[  526.824769][    C1]  __irq_exit_rcu+0xca/0x1f0
[  526.826741][    C1]  irq_exit_rcu+0x9/0x30
[  526.828537][    C1]  common_interrupt+0xbb/0xe0
[  526.830468][    C1]  asm_common_interrupt+0x26/0x40
[  526.832705][    C1] 
[  526.833771][    C1] Memory state around the buggy address:
[  526.836195][    C1]  ffff888109f2f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  526.839470][    C1]  ffff888109f2f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  526.842742][    C1] >ffff888109f2f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  526.846002][    C1]                                                     ^
[  526.848809][    C1]  ffff888109f2f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  526.852046][    C1]  ffff888109f2f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  526.855274][    C1] ==================================================================
[  526.858674][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  526.861448][    C1] CPU: 1 UID: 0 PID: 22429 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  526.864651][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  526.868099][    C1] Call Trace:
[  526.869477][    C1]  <IRQ>
[  526.870714][    C1]  dump_stack_lvl+0x99/0x250
[  526.872613][    C1]  ? __asan_memcpy+0x40/0x70
[  526.874196][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.875989][    C1]  ? __pfx__printk+0x10/0x10
[  526.877745][    C1]  vpanic+0x281/0x750
[  526.879401][    C1]  ? __pfx_print_hex_dump+0x10/0x10
[  526.881159][    C1]  ? __pfx_vpanic+0x10/0x10
[  526.882735][    C1]  panic+0xb9/0xc0
[  526.884037][    C1]  ? __pfx_panic+0x10/0x10
[  526.885565][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  526.887869][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  526.889892][    C1]  check_panic_on_warn+0x89/0xb0
[  526.891645][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  526.893692][    C1]  end_report+0x78/0x160
[  526.895376][    C1]  kasan_report+0x129/0x150
[  526.897194][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  526.899073][    C1]  do_raw_spin_lock+0x23d/0x290
[  526.901094][    C1]  ? __wake_up_common_lock+0x2f/0x1f0
[  526.902958][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  526.904872][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  526.906872][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  526.909454][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  526.911490][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  526.913650][    C1]  __usb_hcd_giveback_urb+0x3b0/0x540
[  526.915879][    C1]  dummy_timer+0x862/0x4550
[  526.917867][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  526.919925][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.921566][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.923237][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  526.925049][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  526.926738][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  526.928683][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  526.930945][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  526.933154][    C1]  handle_softirqs+0x286/0x870
[  526.935144][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  526.936847][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  526.938941][    C1]  __irq_exit_rcu+0xca/0x1f0
[  526.940527][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  526.942712][    C1]  irq_exit_rcu+0x9/0x30
[  526.944212][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  526.946131][    C1]  </IRQ>
[  526.947123][    C1]  <TASK>
[  526.948243][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  526.950711][    C1] RIP: 0010:unwind_next_frame+0x15d/0x2390
[  526.952642][    C1] Code: 5d 00 48 85 db 74 23 48 81 c3 88 00 00 00 48 89 d8 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 45 1b 00 00 f6 03 03 0f 85 e4 17 00 00 <49> 8d 5e 35 48 89 d8 48 c1 e8 03 48 89 44 24 28 0f b6 04 28 84 c0
[  526.959363][    C1] RSP: 0018:ffffc90006f770f8 EFLAGS: 00000246
[  526.961805][    C1] RAX: 1ffff92000deee43 RBX: 0000000000000000 RCX: 76ee30d4f93d9a00
[  526.964590][    C1] RDX: 0000000000000001 RSI: ffffffff8be33660 RDI: ffffffff8be33620
[  526.967198][    C1] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff8172c195
[  526.970463][    C1] R10: ffffc90006f77218 R11: ffffffff81ac3820 R12: 1ffff92000deee39
[  526.973611][    C1] R13: ffffc90006f77218 R14: ffffc90006f771c8 R15: ffffffff8172c195
[  526.976304][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.978362][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  526.980997][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.983055][    C1]  ? unwind_next_frame+0xd4/0x2390
[  526.984863][    C1]  ? arch_stack_walk+0xe4/0x150
[  526.986550][    C1]  ? stack_trace_save+0x9c/0xe0
[  526.988499][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  526.990874][    C1]  arch_stack_walk+0x11c/0x150
[  526.992477][    C1]  ? stack_trace_save+0x9c/0xe0
[  526.994125][    C1]  stack_trace_save+0x9c/0xe0
[  526.995854][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  526.997703][    C1]  ? unwind_next_frame+0xa5/0x2390
[  526.999421][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  527.001485][    C1]  kasan_save_stack+0x3e/0x60
[  527.003237][    C1]  kasan_record_aux_stack+0xbd/0xd0
[  527.005247][    C1]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[  527.007248][    C1]  call_rcu+0x157/0x9c0
[  527.008655][    C1]  ? __pfx_call_rcu+0x10/0x10
[  527.010285][    C1]  ? __fput_deferred+0x227/0x390
[  527.011940][    C1]  kmem_cache_free+0x309/0x400
[  527.013547][    C1]  __fput_deferred+0x227/0x390
[  527.015340][    C1]  ? __pfx___fput_deferred+0x10/0x10
[  527.017570][    C1]  fput_close+0x119/0x200
[  527.019414][    C1]  ? leave_rcu+0xef/0x160
[  527.021245][    C1]  ? __pfx_fput_close+0x10/0x10
[  527.023313][    C1]  path_openat+0x313c/0x3830
[  527.025259][    C1]  ? unwind_next_frame+0xa5/0x2390
[  527.027415][    C1]  ? unwind_next_frame+0xa5/0x2390
[  527.029645][    C1]  ? unwind_next_frame+0x19ae/0x2390
[  527.031916][    C1]  ? __pfx_path_openat+0x10/0x10
[  527.034107][    C1]  ? stack_trace_save+0x9c/0xe0
[  527.036017][    C1]  ? stack_depot_save_flags+0x40/0x860
[  527.038243][    C1]  do_filp_open+0x1fa/0x410
[  527.039927][    C1]  ? kasan_save_track+0x3e/0x80
[  527.041924][    C1]  ? __pfx_do_filp_open+0x10/0x10
[  527.043991][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  527.046060][    C1]  ? do_open_execat+0x93/0x560
[  527.048036][    C1]  do_open_execat+0x135/0x560
[  527.049697][    C1]  ? __pfx_do_open_execat+0x10/0x10
[  527.051712][    C1]  ? rcu_is_watching+0x15/0xb0
[  527.053721][    C1]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  527.055955][    C1]  ? getname_kernel+0x146/0x2f0
[  527.057998][    C1]  alloc_bprm+0x28/0x5c0
[  527.059787][    C1]  ? getname_kernel+0x20e/0x2f0
[  527.061778][    C1]  kernel_execve+0x9b/0x9f0
[  527.063675][    C1]  call_usermodehelper_exec_async+0x210/0x360
[  527.066170][    C1]  ? __pfx_call_usermodehelper_exec_async+0x10/0x10
[  527.068630][    C1]  ret_from_fork+0x3fc/0x770
[  527.070541][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  527.072693][    C1]  ? __switch_to_asm+0x39/0x70
[  527.074533][    C1]  ? __switch_to_asm+0x33/0x70
[  527.076360][    C1]  ? __pfx_call_usermodehelper_exec_async+0x10/0x10
[  527.079104][    C1]  ret_from_fork_asm+0x1a/0x30
[  527.081137][    C1]  </TASK>
[  527.083149][    C1] Kernel Offset: disabled
[  527.084958][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:42:00  Registers:
info registers vcpu 0

CPU#0
RAX=87587a521b806400 RBX=ffffffff819683c8 RCX=87587a521b806400 RDX=0000000000000001
RSI=ffffffff8d9b77e3 RDI=ffffffff8be33680 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa38a30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b79a3f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00002000000015c0 CR3=000000003263e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007ff308212e53
XMM06=0000000000000000 00007ff308212e4d XMM07=0000000000000000 00007ff308212e61
XMM08=0000000000000000 00007ff308212ee7 XMM09=0000000000000000 00007ff308212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000032 RBX=0000000000000032 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900001e00b0
R8 =ffff8881070f0237 R9 =1ffff11020e1e046 R10=dffffc0000000000 R11=ffffffff854f3380
R12=dffffc0000000000 R13=ffffffff99afa919 R14=ffffffff99def420 R15=0000000000000000
RIP=ffffffff854f33fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe6be346f70 CR3=000000003263e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007ff308212e53
XMM06=0000000000000000 00007ff308212e4d XMM07=0000000000000000 00007ff308212e61
XMM08=0000000000000000 00007ff308212ee7 XMM09=0000000000000000 00007ff308212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
