last executing test programs:

2m44.367555504s ago: executing program 0 (id=1):
pipe2(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f00000024c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002380)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000004500)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r3, {0x7, 0x2b, 0x0, 0x0, 0x160, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80, 0xfffffffc}}, 0x50)
splice(r0, 0x0, r2, 0x0, 0x50, 0xf)

2m43.436560754s ago: executing program 0 (id=5):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x3, 0x9, 0xe4c, 0x2, 0x802, 0x3865, 0x8, 0xdfb, 0x43, 0x5, 0x65cf, 0x81}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

2m41.282507355s ago: executing program 0 (id=25):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000240)={[{@nodiscard}, {@noinline_dentry}, {@alloc_mode_def}, {@six_active_logs}, {@quota}, {@fault_injection={'fault_injection', 0x3d, 0x10}}, {@discard}, {@noacl}, {@fsync_mode_posix}, {@alloc_mode_def}, {@noextent_cache}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfffffe}}]}, 0x1, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x1050c2, 0x40)
write$cgroup_subtree(r0, 0x0, 0x32600)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x49)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
rmdir(&(0x7f0000000440)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

2m40.787878569s ago: executing program 0 (id=34):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f00000004c0)={[{@datacow}, {@nodatasum}, {@compress_force}, {@nossd_spread}, {@ssd}, {}, {@datacow}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x146)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000000)={0x50d017, 0x0, '\x00', 0x1, 0x0})

2m25.767375014s ago: executing program 32 (id=34):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f00000004c0)={[{@datacow}, {@nodatasum}, {@compress_force}, {@nossd_spread}, {@ssd}, {}, {@datacow}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x146)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000000)={0x50d017, 0x0, '\x00', 0x1, 0x0})

2m10.437900051s ago: executing program 3 (id=287):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000240000/0x4000)=nil, 0x4000, 0x1000002, 0x211012, r0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})

2m10.360677652s ago: executing program 3 (id=290):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x8, 0x1, 0xd8, 0x3f, 0x6, "3eccd25569e20900"})

2m10.116773715s ago: executing program 3 (id=292):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010003000000000000000a00000008000300", @ANYRES32=r2, @ANYBLOB="1800508004000500080008"], 0x34}, 0x1, 0x0, 0x0, 0x48881}, 0x40)

2m9.95742865s ago: executing program 3 (id=294):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000000300)={[{@volume={'volume', 0x3d, 0x3e}}, {@gid}, {@dmode={'dmode', 0x3d, 0x4}}, {@rootdir={'rootdir', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@unhide}, {@noadinicb}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@longad}]}, 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x1a06496, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})

2m9.525497623s ago: executing program 3 (id=298):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file2\x00', 0x1c802, &(0x7f0000000ec0)=ANY=[], 0x1, 0x5ea7, &(0x7f00000085c0)="$eJzs3U9vHGcdB/Df/vH6T2kaVagKEYc0hdJSmv8JlH9NOXCAA0goZxK5bhVIASUB0SoirnJAXICXAJdeOPSN9DUgXgCRbE49UAaN/TzJeLzOOk28s+vn85Gcmd88O95n8vV4dj0z+wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/64c/O9iLi6u/SgqMRX4hBRD9iua5PRD1zOT9+GBHHYqs5XoiIwWJEvf7WP89FXIiIT45EbGzeWa0Xn9tnPy6euX3zsx//4J9//Mu9Y794++cftdt/+sXzH//pbsTRn7zx8Wd3n862AwAAQCmqqqp66W3+8fT+vt91pwCAqcjH/yrJy9VqtVr9VOs/92erP+pC66ZqvLvNIiLWm+vUrxmcjgeAObMen3bdBTok/6INI+KZrjsBzLRe1x3gQGxs3lntpXx7zePBie32/HfKHfmv9x7c37HXdJL2NSbT+vm6F4N4fo/+LE+pD7Mk599v5391u32UHnfQ+U/LXvn3tm99Kk7Of9DOv2VH/n+NiLnNvz82/1Ll/IePk//6YI73f/kDAAAAAHD45b//H+34/O/ik2/Kvjzq/O+JKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/525OGyvT6LrV5+pRfxbOvxQGHSzTIrXfcDAAAAAAAAAAAAAEoy3L6G90ovYiEinl1Zqaqq/mpq14/rSdefd6VvP5Ss61/yAACw7ZMjrXv5exFLEXElfdbfwsrKSlUtLa9UK9XyYn49O1pcqpYb72vztF62ONrHC+LhqKq/2VJjvaZJ75cntbe/X/1co2qwj45NR4eBA0BEbB+NNhyRDpmqei66fpXDfLD/Hz72f/aj659TAAAA4OBVVVX10sd5H0/n/PtddwoAmIalfPxvnxdQq9VqtVp9+Oqmary7zSIi1pvr1K8ZDMcPAHNmPT7tugt0SP5FG0bEsa47Acy0Xtcd4EBsbN5Z7aV8e83jQRrfPV8LsiP/9d7Wenn9cdNJ2teYTOvn614M4vk9+vPClPowS3L+/Xb+V7fbR+lxB53/tOyVf72dRzvoT9dy/oN2/i2HJ//+2PxLlfMfPlb+A/kDAAAAAMAMy3//P+r8b95kAAAAAAAAAJg7G5t3VvN9r/n8/5fHPK7XnHP/56GR8+/tO3/3/x4mOf9+O//WBTmDxvz9tx7m/5/NO6sf3f73l/J05vNfGIzq517o9QfDdM1PtfBOXI8bsRZndj1+uKP97K72hR3t5ya0n9/VPqrbl3P7qViNX8eNePtB++KEC6OWJrRXE9pz/gP7f5Fy/sPGV53/Smrvtaa1+x/2d+33zem457n8j/++vHvvmr57MXiwbU319p3soD9b/yfPjOK3t9Zunvr9tdu3b56NNNmx9FykyVOW819IXzn/V17abs+/95v76/0PR4+d/6y4F8M983+pMV9v76tT7lsXcv6j9JXzz0eg8fv/POe/9/7/Wgf9AQAAAAAAAAAAAAAAgEepqmrrFtHLEXEp3f/T1b2ZAMB05eN/leTlarVarVarD1/dVI33ZrOIpZ3r1K8Z/jDumwEAs+x/EfGvrjtBZ+RfsPx5f/X0K113BpiqW+9/8MtrN26s3bzVdU8AAAAAAAAAgM8rj/95ojH+89Z1QK1xo3eM//pWnJjb8T/7o8HWWOdpg16MR4//fTIePf73cMLzLUxoH01oX5zQvjShfeyNHg05/xdTxjn/42nDShr/9ZUO+tO1nP/JNNZzzv9rrcc186/+Ps/593fkf/r2e785fev9D16//t61d9feXfvV2TOXLpy/eOH8xYun37l+Y+3M9r8d9vhg5fzz2NeuAy1Lzj9nLv+y5Py/mmr5lyXn/3Kq5V+WnH9+vSf/suT883sf+Zcl5/9qquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/+upln9Zcv6nUi3/suT8T6da/mXJ+eczXPIvS84/X9kg/7Lk/M+lWv5lyfmfT7X8y5Lzv5Bq+Zcl538x1fIvS87/UqrlX5ac/zdTLf+y5Py/lWr5lyXn/0aq5V+WnP+3Uy3/suT8v5Nq+Zcl5//dVMu/LDn/76Va/mXJ+X8/1fIvS87/zVTLvywPP//fjBkzZvJM17+ZAAAAAAAAAAAAAIC2aVxO3PU2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27i5GrvM8AfvbLXhsS3EAIIU6wjSEGFnbXX+AQg0lCSkmbUhLSpiU1jr02TvxV75oAQmUptCUKUpHaC3rRNInSKFJbgaJITSUaITVSe1euEnETtRIXlgqVg5JKqQJbnTnv+3pmdnbO+mPsmXN+P4T/3pkzM++cOTO7z1rPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBs/cdn/nwoy7L8/8Yfa7Ls0vzvq7Jd+Zfz2y/2CgEAAIBz9Xbjz3+4LJ2waxkXatrm3z70H99fWFhYyL741sl3/nJhIZ2xLstGVmZZ47zo33/5i4XmbYKns/Gh4aavh0tufqTk/NGS88dKzl9Rcv7KkvPHS85ftAMWWVX8PqZxZRsbf11T7NLsimyscd7GDpd6emjl8HD8XU7DUOMyC2P7s4PZoWwmm1p0maHGf1n28vr8tu7J4m0NN93W2izLTv3sib1xDUNhH2/MWm6sofmxe/OubN1bP3ti73fm3nh/p1m6GxatNMs2bcjX+UyWnf51VTaUrUz7JK5zuGmdazusc6RlnUONy+V/b1/nqWWuM97v8bDOV7usc2047dFrsyybz5bcpt3T2XC2uu1W0/4eL46I/Dryh/I92egZHSfrl3Gc5Jd5/drW46T9mIz7f33YJ6NLrKH54XjzqRWL9vvZHif5ve6HYzW/7vvyGx0fb/7Vasuxmm/zxHVLHwMdH7sOx0A6lpuOgQ1lx8DwipHGMTB8es0bWo6B6UWXGc6GGrd18rrux8Dk3OFjk7OPPX7zwcN7DswcmDkyPbV965ZtW7ds2za5/+ChmanizzPbpQNkdTacjsEN4bUmHoMfbtu2+ZBc+Ob5ex6M98nzIL/vn70+X9Clw9kSx3i+zTObzv15kL7vNz0PRpueBx1fUzs8D0aX8TzItzm1aXnfM0eb/u+0hl69Fq5pOgYu5vfD/DYfvGHp18K1YV3P3nim3w9HFh0D8W4Nhedefkr6eW/8trBfFh8XV+dnXLIiOzE7c/yWR/fMzR2fzsK4IC5veqzaj5fVTfcpW3S8DJ/x8bLr7391/dUdTl8T9tX4Td0fq3ybrRPdH6vGq3vr/lyRFfuz5dTNWRjn2YXen52+m+X7M2WJLvsz3+aZm8/9Z8GUS5pe/8bKXv9GxkaL17+RtDfGWl7/Fj80I42VZdmpm5f3+jcW/r/Qr39X9MnrX76vHryl+zGQb/Ps5JkeA6NdX/+uDXMorOeGkBjGm3L/O43z54vDtOmxLD1uRkfHwnEzGm+x9bjZsugy+bXlt71p6uyOm03Xtj5WLT+3VPC4yffVX011P27ybV6ZPvfXjlXxr02vHSvKjoGxkRX5esfSQVC83i2sisfALdne7Gh2KNuXLpM/yvltTWxe3jGwIvx/oV87ruqTYyDfVy9s7n4M5Nv8aMv5/dlpUzglbdP0s1P77xeWyvxXj56+vvbddr4zf77OT/z40+m0Thki3+aNrWeaM7rvp5vCKZd02E/tz5+ljul92YXZT1eFdR7a1v13U/k2V2xf5vG0K8uy16Zfa/y+K/x+93snfvz9lt/7dvqd8mvTr907ef9PzmT9AACcvXcaf86vKH7WbPoX6+X8+z8AAAAwEGLuHw4zkf8BAACgMmLuHwkzkf8BAACgMmLuHw0zqUn+f/i2HS++/WSW3g1wIYjnx91w3x3FdrHjPR++XrdwWn76x7499uJXn1zebQ9nWfarez/QcfuH74jrKhyL6/xI6+mLXHXNsm7/oQdOb9f8/gmndhTXH+/Pcg+D2FV+eXJz43rXPTbdmK/cmzXm/fPPPl1cf/F13P7klmL7vwlvWrJr/1DL5TeF9WwMc114T5n7dp3eD/mMl3tx7Yf+9fLPnb69eLmhDe9u3M0X/ri43vgeUc9fXmwf7/dS6/+Xr333xXz7R6/rvP4nhzuv/2S43tfD/OXOYvvmff7VpvX/aVh/vL14uVu+9cOO63/pfcX2L4Xj4hthtq//rr/44NudHq94O7tuLy4Xb3/qf7c2LhevL15/+/rHn5xu2R/t1//KW8X17Hzk5yPN28fT4+1ED93eenwPhce3pUeeZdl3/yxr2c/ZR4vL/XPb+uP1Hbu98/pvalvnsaFrGpc/fX/WtNyvr//d5o73N65n1z+uabk/z98d9t9bkz/Kr/fk/eF4DOf/36vF9bW/l+lLd7e+3sTtv7GmeN7G65tsW//zbeufvybfd+Xrv+etYv0v3bmyZf27PhmOp3uKWbb+A397Wcvlv/md4vE4/pWJI0dnTxzc17RXm5/HK8dXrb7k0ne9+7LwWtr+9e6jcw/PHF83tW4qy9YN4FsG9nr93wrzf4oxf/5vofCTnxfH3XOfKr5vffgXxdfPh9MfCo9n/P749b8eazle2x/3+TuLea7rvzGsY7ne97X/umZZG578wssn/ulP3mj/uSDen2PvHW/cvxfWX9k4b+iV4vz216sy//ne1uf1T0enGvMHYb8uhHdm3nBlcXvt1x/fm+S5zxTP3/iTXLx81vZ+ImtGWu/Hua7/p+HnmB9e1fr6F4+PHzzZ9m7Oa7KhfAnz4fUhmy/Oj1vF/f3cqSs73l58H55s/v1nsswlzT42O3no4JETj07OzczOTc4+9vjuw0dPHJnb3Xjv0t1fKrv86ef36sbze9/M9q1Z49l+tBg9drHXf+yBvftunbp+38z+PSf2zz1wbOb4gb2zs3tn9s1ev2f//pmvlF3+4L6d05t3bLl188SBg/t23rZjx5YdEwePHM2XUSyqxPapL08cOb67cZHZnVt3TG/btnVq4vDRfTM7b52amjhRdvnG96aJ/NKPTByfObRn7uDhmYnZg4/P7JzesX375tJ3fzx8bP/susnjJ45MnpidOT5Z3Jd1c42T8+99ZZenHmaPhte7NkPhp/PP37Q9vT9u7ttPLXlVxSatP55mb4b3gorf38q+jrl/LMykJvkfAAAA6iDm/vDG/6fPkP8BAACgMmLuXxlmIv8DAABAZcTcXyT/8fTx73XJ/+er//+U/n+D/r/+f6b/n+j/6/9n+v/6/yX0//X/B3n9+v/6/5Trt/5/yP3Zqizz7/8AAABQUTH3rw4zkf8BAACgMmLuvyTMRP4HAACAyoi5/9Iwk5rkf5//r/+v/9+t/x+31f/P9P/7of+/8b/1/xfR/9f/z/T/z9rF7s8P+vr7sP+/Sv+fftNv/f+Y+98VZlKT/A8AAAB1EHP/u8NM5H8AAACojJj7Lwszkf8BAACgMmLuXxNmUpP8r/+v/6//7/P/9f8Hpv/v8/870P/X/8/0/8/axe7PD/r6+7D/7/P/6Tv91v+Puf/Xwkxqkv8BAACgDmLuf0+YifwPAAAAlRFz/+VhJvI/AAAAVEbM/VeEmdQk/9ez//96lmX6/5n+v/5/2zr1//X/e0H/X/+/G/1//f9BXr/+v/4/5fqt/x9z/3vDTGqS/wEAAKAOYu6/MsxE/gcAAIDKiLn/fWEm8j8AAABURsz9V4WZ1CT/17P/7/P/9f8L+v+t69T/1//vBf1//f9u9P/1/wd5/fr/+v+U67f+f8z97w8zqUn+BwAAgDqIuf/qMBP5HwAAACoj5v4PhJnI/wAAAFAZMfevDTOpSf7X/9f/1//X/9f/1//vpcHq/w8veY7+f0H/v9X56//Pn16A/v/ArF//X/+fcv3W/4+5/4NhJjXJ/wAAAFAHMfd/KMxE/gcAAIDKiLn/mjAT+R8AAAAqI+b+dWEmNcn/+v/6//r/+v/6//r/vTRY/f+l6f8X9P9b+fx//X/9f/1/uuu3/n/M/evDTGqS/wEAAKAOYu7fEGYi/wMAAEBlxNx/bZiJ/A8AAACVEXP/xjCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcf12YSU3yPwAAANRBzP3Xh5nI/wAAAFAZMfd/OMxE/gcAAIDKiLl/U5hJTfK//r/+v/7/APf/R/T/M/3/vqf/r//fjf6//v8gr1//X/+fcv3W/4+5/4Ywk5rkfwAAAKiDmPtvDDOR/wEAAKAyYu6/KcxE/gcAAIDKiLl/IsykJvlf/1//X/9/gPv/Pv+/Zf36//1J/1//vxv9f/3/QV6//r/+P+X6rf8fc//NYSY1yf8AAABQBzH33xJmIv8DAABAZcTcPxlmIv8DAABAZcTcPxVmUpP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/Kddv/f+Y+6fDTGqS/wEAAKAOYu7fHGYi/wMAAEBlxNy/JcxE/gcAAIDKiLl/a5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+n1XCH0/qt/x9z/7Ywk5rkfwAAAKiDmPu3h5nI/wAAAFAZMfffGmYi/wMAAEBlxNx/W5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+nXL/1/2Pu3xFmUpP8DwAAAHUQc/9HwkzkfwAAAKiMmPtvDzOR/wEAAGCgdPocwijm/o+GmdQk/+v/V73/v7BS/1//X/+/+/r1/3tL/1//vxv9f/3/QV6//r/+P+X6rf8fc//OMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f1eYSU3yv/5/1fv/Pv9f/1//v2z9+v+9pf+v/9+N/v9g9v/Djy36/33U/8+PIf1/+lG/9f9j7r8rzKQm+R8AAADqIOb+j4WZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/+v/6/72k/9+z/n/jpVD/v6D/f3Yudn9+0NffT/1/n/9Pv+q3/n/M/XeHmdQk/wMAAEAdxNz/yTAT+R8AAAAqI+b+Xw8zkf8BAACgMmLuvyfMpCb5X/9f/1//X/9f/1//v5f0/33+fzf6//r/g7x+/X/9f8r1W/8/5v7fCDOpSf4HAACAOoi5/94wE/kfAAAAKiPm/k+Fmcj/AAAAMGBWLHlOzP2/GWZSk/yv/39h+v/D6fr1//X/9f/1//X/zyf9f/3/TP//rF3s/vygr1//X/+fcv3W/4+5/7fCTGqS/wEAAKAOYu7/dJiJ/A8AAACVEXP/b4eZyP8AAABQGTH33xdmUpP8f777/+2X76ZO/X+f/6//n+n/6/837VX9//NH/1//P9P/P2sXuz8/6OvX/9f/p1y/9f9j7v+dMJOa5H8AAACog5j77w8zkf8BAACgMmLu/0yYifwPAAAAlRFz/2fDTGqS/33+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+5/IMykJvkfAAAA6iDm/s+Fmcj/AAAAUBkx9/9umIn8DwAAAJURc//vhZnUJP/r/+v/6//r/+v/6//3kv7/4v5//hqm/1/Q/9f/H+T16//r/1Ou3/r/Mfd/PsykJvkfAAAA6iDm/t8PM5H/AQAAoDJi7v+DMBP5HwAAACoj5v4Hw0xqkv/1//X/9f/1//X/9f97Sf/f5/93o/+v/z/I69f/1/+nXL/1/2Pu/0KYSU3yPwAAANRBzP1/GGYi/wMAAEBlxNy/O8xE/gcAAIDKiLn/oTCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcvyfMZFfrzQAAAACDK+b+L4aZ1OTf/wEAAKAOYu7fG2Yi/wMAAEBlxNy/L8ykJvlf/1//X/9f/1//X/+/l/T/9f+70f/X/x/k9ev/6/9Trt/6/zH3z4SZ1CT/AwAAQB3E3L8/zET+BwAAgMqIuf9AmIn8DwAAAJURc//DYSY1yf/6//r/+v+17f+/+r22der/6//3gv6//n83+v/6/4O8fv1//X/K9Vv/P+b+g2EmNcn/AAAAUAcx938pzET+BwAAgMqIuf/LYSbyPwAAAFRGzP2Hwkxqkv/1//X/9f9r2//3+f+B/n9v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+4/HGZSk/wPAAAAdRBz/5EwE/kfAAAAKiPm/qNhJvI/AAAAVEbM/cfCTGqS//X/z6z/P7REN1D/v/P69f/1//X/9f/1//X/u9H/1/8f5PXr/+v/U67f+v8x9/9RmElN8j8AAADUQcz9x8NM5H8AAACojJj7Z8NM5H8AAACojJj758JMapL/9f99/r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1y/9f9j7j8RZlKT/A8AAAB1EHP/I2Em8j8AAAD8P3v3lSvIWfRx+Hy2Rh8SYg9sgRWwBNaAxB7IYJNNBpNzMjmZDCbnnHPO2WBylEAwVWVhzeme1D7dVc9zU/IZS35H45u/Rj91G7n77xu32P8AAADQRu7++8UtQ/a//l//r//X/+v/9f9b0v/r/5fo//X/R36//l//z7q99f+5++8ftwzZ/wAAADBB7v4HxC32PwAAALSRu/+BcYv9DwAAAG3k7n9Q3DJk/+v/9f/6f/2//l//vyX9v/5/if5f/3/k9+v/9f+s21v/n7v/wXHLkP0PAAAAE+Tuf0jcYv8DAABAG7n7Hxq32P8AAADQRu7+6+KWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/dfHLUP2PwAAAEyQu/9hcYv9DwAAAG3k7n943GL/AwAAQBu5+x8RtwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/r9tb/5+5/ZNwyZP8DAADABLn7HxW32P8AAADQRu7+R8ct9j8AAAC0kbv/MXHLkP2v/9f/6//1//p//f+W9P/6/yX6f/3/kd+v/9f/s27z/v9eN/z3Xmz/n7v/hrhlyP4HAACACXL3PzZusf8BAACgjdz9j4tb7H8AAABoI3f/4+OWIftf/6//v73//9f/6f/1//r/23+u/7869P/6/yX6f/3/kd+v/9f/s27z/n+l97/jP+fuf0LcMmT/AwAAwAS5+58Yt9j/AAAA0Ebu/ifFLfY/AAAAtJG7/8lxy5D9r//X//v+v/5f/6//35L+X/+/RP+v/z/y+5f6/3texPv1/0ywt/4/d/9T4pYh+x8AAAAmyN3/1LjF/gcAAIA2cvffGLfY/wAAANBG7v6nxS1D9r/+X/+v/9f//2//f83I/v8/P9P/b0P/r/9fov/X/x/5/b7/r/9n3d76/9z9T49bhux/AAAAmCB3/zPiFvsfAAAA2sjd/8y4xf4HAACANnL3PytuGbL/9f/6f/2//v+Kvv9/bY/+3/f/t6P/1/8v0f/r/4/8fv2//p91e+v/c/c/O24Zsv8BAABggtz9z4lb7H8AAABoI3f/c+MW+x8AAADayN3/vLhlyP7X/+v/9f/6/yvq/5t8/1//vx39v/5/ycX2/yf6//q96P/38379v/6fdXvr/3P3Pz9uGbL/AQAAYILc/S+IW+x/AAAAaCN3/wvjFvsfAAAA2sjd/6K4Zcj+1//r//X/+n/9v/5/S/p//f8S3//X/x/5/fp//T/r9tb/5+5/cdwyZP8DAADABLn7XxK32P8AAADQRu7+l8Yt9j8AAAC0kbv/ZXHLkP2v/9f/6//1//p//f+W9P/6/yX6/wv3/3c55b+n/9/X+/X/+n/W7a3/z91/U9wyZP8DAADABLn7Xx632P8AAADQRu7+V8Qt9j8AAAC0kbv/lXHLkP1/Wv9/213P/7r+/+Lo/y/8fv2//l//r//X/+v/l+j/ff//yO/X/+v/Wbe3/j93/6viliH7HwAAACbI3f/quMX+BwAAgDZy978mbrH/AQAAoI3c/a+NW4bs/6v//f+76//1//r/uPp//b/+X/+v/1+m/9f/H/n9+n/9P+v21v/n7n9d3DJk/wMAAMAEuftfH7fY/wAAANBG7v43xC32PwAAALSRu/+NccuQ/X/1+3/f/9f/X2L/f43+P+n/489V/6//vwT6f/3/if7/sp11P3/09+v/9f+s21v/n7v/5rhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//P/P+3/f/i/4//lz1//r/S6D/1/+f6P8v21n380d/v/5f/8+6vfX/ufvfGrcM2f8AAAAwQe7+t8Ut9j8AAAC0kbv/7XGL/Q8AAABt5O5/R9wyZP/r//X/+v/d9/833/H/N/2//v9I9P/6/yX6f/3/kd+/n/4/fnCd/p/92Vv/n7v/nXHLkP0PAAAAE+Tuf1fcYv8DAABAG7n7b4lb7H8AAABoI3f/u+OWIftf/3/0/v/et8YL9P99+3/f/4+r/9f/X4j+X/9/ov+/bGfdzx/9/fvp/33/n/3aW/+fu/89ccuQ/Q8AAAAT5O5/b9xi/wMAAEAbufvfF7fY/wAAANBG7v73xy1D9r/+/+j9v+//6//1//r/fdP/6/+X6P/1/0d+v/5f/8+6vfX/ufs/ELcM2f8AAAAwQe7+D8Yt9j8AAAC0kbv/Q3GL/Q8AAABt5O7/cNwyZP/r//X/+n/9/xX3/9fr/0/0/6fS/+v/l+j/9f9Hfr/+X//Pur31/7n7PxK3DNn/AAAAMEHu/o/GLfY/AAAAtJG7/2Nxi/0PAAAAbeTu/3jccI+7nd2Trq5zp/w8enP9v/5f/6//9/1//f+W9P/6/yX6f/3/kd+v/9f/s25v/X/u/k/ELf7+HwAAANrI3f/JuMX+BwAAgDZy938qbrH/AQAAoI3c/Z+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/Jm4Zsv8BAABggtz9n41b7H8AAABoI3f/5+IW+x8AAADayN3/+bhlyP7X/+v/9f/6f/2//n9L+n/9/xL9v/7/yO/X/+v/Wbe3/j93/xfiliH7HwAAACbI3f/FuMX+BwAAgDZy938pbrH/AQAAoI3c/V+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/JW4Zsv8BAABggtz9X41b7H8AAABoI3f/1+IW+x8AAADayN3/9bhlyP7v3P8v/Wv6//P0//r/E/2//n9j+n/9/xL9v/7/yO/X/+v/Wbe3/j93/zfiliH7HwAAACbI3f/NuMX+BwAAgDZy938rbrH/AQAAoI3c/d+OW4bs/879/xL9/3n6f/3/if5f/78x/b/+f4n+X/9/5Pfr//X/rDuj/v/cySn9f+7+78QtQ/Y/AAAATJC7/7txi/0PAAAAbeTu/17cYv8DAABAG7n7vx+39Nn/97ll4Rf1//p//b/+X/+v/9+S/l//v0T/r/8/8vv1//p/1u3t+/+5+38Qt/TZ/wAAADBe7v4fxi32PwAAALSRu/9HcYv9DwAAAG3k7v9x3DJk/+v/9f/6/1H9/7Un+n/9/51M/6//X6L/1/8f+f36f/0/6/bW/+fu/0ncMmT/AwAAwAS5+38at9j/AAAA0Ebu/p/FLfY/AAAAtJG7/+dxy5D9r//X/+v/R/X/vv+v/7/T6f/1/0v0//r/I79f/6//Z93e+v/c/b+IW4bsfwAAAJggd/8v4xb7HwAAANrI3f+ruMX+BwAAgDZy9/86bhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z91/a9wyZP8DAADABLn7fxO32P8AAADQRu7+38Yt9j8AAAC0kbv/trhlyP7X/+v/W/b//6//1//r//dC/6//X6L/1/8f+f36f/0/6/bW/+fu/13cMmT/AwAAwAS5+38ft9j/AAAA0Ebu/j/ELfY/AAAAtJG7/49xy5D9r//X/196/3+uft+77f99/1//r//fDf2//n/J9P7/xpvO/1j/f8z36//1/6zbW/+fu/9PccuQ/Q8AAAAT5O7/c9xi/wMAAEAbufv/ErfY/wAAANBG7v6/xi1D9r/+X//f8vv/+n/9v/5/N/T/+v8l0/t/3/8/9vv1//p/1u2t/8/d/7e4Zcj+BwAAgAly9/89brH/AQAAoI3c/f+IW+x/AAAAaCN3/z/jliH7X/+v/9f/6//1//r/Len/9f9L9P/6/yO/X/+v/2fd3vr/3P3/DgAA//+70zwU")
setxattr$incfs_metadata(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f00000003c0)="3b210268fed2e2fc82fcd529ced215", 0xff39, 0x0)

2m9.209952025s ago: executing program 3 (id=302):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x4, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==")
lsetxattr$trusted_overlay_origin(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)

2m8.995769298s ago: executing program 33 (id=302):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x4, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==")
lsetxattr$trusted_overlay_origin(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)

26.552076901s ago: executing program 2 (id=1241):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a80)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "9c37"}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40041}, 0x0)

26.551559964s ago: executing program 2 (id=1242):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r0, 0x2284, 0x0)

26.440401351s ago: executing program 2 (id=1245):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x6)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))

26.299374869s ago: executing program 2 (id=1250):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000640)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}}, 0x84)

25.231884889s ago: executing program 2 (id=1256):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0xa, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x5})

25.050162858s ago: executing program 2 (id=1259):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000845, 0x0, 0x0)
getpeername$inet6(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000004c0)={{0x1, 0x1, 0x80000001, 0x0, 0xfff}})
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000240)={0x3, 0xf8, 0x200})
r6 = syz_io_uring_setup(0x82e, &(0x7f0000000500), &(0x7f0000000100), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f0000000380)={&(0x7f000000b000)={[{0x0}]}, 0x1}, 0x1)
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f00000004c0)={&(0x7f0000004000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.current\x00', 0x0, 0x0)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)

10.022825054s ago: executing program 34 (id=1259):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000845, 0x0, 0x0)
getpeername$inet6(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000004c0)={{0x1, 0x1, 0x80000001, 0x0, 0xfff}})
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000240)={0x3, 0xf8, 0x200})
r6 = syz_io_uring_setup(0x82e, &(0x7f0000000500), &(0x7f0000000100), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f0000000380)={&(0x7f000000b000)={[{0x0}]}, 0x1}, 0x1)
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f00000004c0)={&(0x7f0000004000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.current\x00', 0x0, 0x0)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)

5.638227406s ago: executing program 4 (id=1419):
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r0, 0x0, 0xce, 0x0, 0x0)

3.398535556s ago: executing program 4 (id=1428):
r0 = landlock_create_ruleset(&(0x7f00000003c0)={0x0, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0x220, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)

3.398082414s ago: executing program 4 (id=1429):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000100)={[{@nodiscard}, {@nocheckpoint_merge}, {@discard_unit_block}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x1f}}, {@discard}, {@noacl}, {@fsync_mode_posix}, {@alloc_mode_def}, {@discard_unit_block}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfdffff}}]}, 0x1, 0x5517, &(0x7f0000005880)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eTuhEAiCKNj3qf7JRmzo0uDGIEIVCIcZRlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ile15f3jE9jT/LttPHreCT5d9VYumqsPWhsPRjzr8eNLwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GTnXl7rqMIAgH9zX32oNEbJIuIDXOjGpre1tTtxoQQX/glCSG/b2FsfbRa2BDEbd5J1N6JLEUGJu/4PXbfQTd11kUUF18qZRzJJK14fnblNfj84c74ZhjnfmYGQb84kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLL1zk7cTZuZIu6Ux24/WFtO/Z09fXJz4+58ainOmkz6yfBifSebay8RAAAADo5uVd9HxL3+5mLqOzN5/d+vzkk1/7fPFHFVz++t+6u+qv1T++Xn+89vDzRTjJMuen5lPDrxcCq9xzfL6Xbsb8/o5Xc+f/fSzR9I5/3157b6+f3Mvr51691BHh5qIlsA4N84XvVlUP0+lPphm4kBsJ/19u5UB6r6vzvTSl4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjdpaj6eqOIuI+d5OnNx5sLZc9IeX6/s3N+7OV+3MjRsb8eXONdMl+hFxfmU8OtHobKbb1WvXLy2Nx6MrzQcvR0Rbo79dTv/ShxOcHNHK/RH8T0GnfNjTks+TEbT4QwkAgH2pX7YsXroYsbmYjmWzEX98t7v+f60Wx676f+0v6//7F8/cro9Vr/+Hjc1w+i2sXv504eq162+sXF66MLow+vjNk8O3hqfOnj59diF/V7LgjQkAAAD/zaBsqa6/1y/q/87sw+v/R2txTFj/f/bN8Iv6WF31/yPtLPq1nQkAAMDB9uwrv/+WPeJ4NhjE50urq1eGxXZ7/2SxbSHVf+xQ2er1f3e27awAAACAJmytZ7vW/8/V4phw/f/p71/4MSKOVdfpRsSRcv3/+PIn43PNTmlqNfHnxG3PEQAAgHYdKVt9/b+ff//f2f7koRMRr79axOW/AZyo/u++99UP9bHq3/+fam6KU6kzV9yPvJ+L6M21nREAAAD72eGypWL/1/7m4kc/Hf1g4Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKb9GQAA//9wNz5R")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x2000003, 0x100000001, 0x0, 0xffffffffffffffff})

2.177271085s ago: executing program 5 (id=1440):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg(r1, &(0x7f000000ca40)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002300)="0dd2", 0x2}], 0x1}}], 0x1, 0x40)

2.119424313s ago: executing program 4 (id=1441):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$hidraw(0x0, 0x0, 0x81)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000005c0), 0x10)
read(r0, &(0x7f00000027c0)=""/4073, 0xfe9)
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f00000007c0)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x3f57955e7be81d83, 0x0, 0x0, "f97003b8750e5566"}, 0x10}}, 0x4040011)

1.9407146s ago: executing program 5 (id=1442):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x76, 0xa, 0x0, 0x0, 0x8000000, 0x61, 0x11, 0x50}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6d, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)

1.846558899s ago: executing program 5 (id=1444):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002340)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0xe2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000180)="b0", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000880)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x36, 0xf}, 0x90)

1.730405744s ago: executing program 5 (id=1447):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect(0x3, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="12010002466c3940841706002fbb0102030109022d00013003b008090400620394982fd7090504030000000e060d0508"], 0x0)

930.867069ms ago: executing program 4 (id=1453):
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
write$binfmt_elf64(r1, &(0x7f00000002c0)=ANY=[], 0x10132)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x208000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

500.46829ms ago: executing program 1 (id=1454):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)={0x24, 0x1, 0x4, 0x301, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x5c918b139101e643}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000080}, 0x800)

377.916359ms ago: executing program 1 (id=1455):
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='X'], 0x58)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0x6)

374.823484ms ago: executing program 5 (id=1456):
syz_read_part_table(0x106f, &(0x7f0000000000)="$eJzs0LFNxTAQBuDfEMt5bETFVjQUPFZgExagRmIDBqE95JeAsgDQfF9zyd3pt+Xwr07V1/HzV1Wnw7A/f15vX3dV9Zi8z52XJCMtS9Lm7D7nGfQd2JPbVlVtySxVl26uZit93xpPST5et2HWJDdJ3tLWfWHZ63b+6Jf8cx5G6nj9/gtPAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/7isAAP//xLcfbA==")

300.401188ms ago: executing program 1 (id=1457):
r0 = socket$phonet(0x23, 0x2, 0x1)
recvmmsg(r0, &(0x7f0000004580)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10040, 0x0)

219.896145ms ago: executing program 1 (id=1458):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x13, &(0x7f0000000200)=0x1, 0x4)

219.729325ms ago: executing program 1 (id=1459):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x52}}, 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)

98.335243ms ago: executing program 5 (id=1460):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r2, @ANYBLOB="0a000600080211000001000006006600c78800001a0033"], 0x50}}, 0x0)

98.030496ms ago: executing program 1 (id=1461):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x5, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

0s ago: executing program 4 (id=1462):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0x4]}, 0x8)

kernel console output (not intermixed with test programs):

[ T5909] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  141.388523][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.391609][ T5909] usb 5-1: Product: syz
[  141.393346][ T5909] usb 5-1: Manufacturer: syz
[  141.418954][ T5909] usb 5-1: SerialNumber: syz
[  141.429287][ T5909] usb 5-1: config 0 descriptor??
[  142.067489][ T5909] asix 5-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  142.073963][ T5909] asix 5-1:0.239: probe with driver asix failed with error -71
[  142.105506][ T5909] usb 5-1: USB disconnect, device number 5
[  143.031084][ T7951] netlink: 20 bytes leftover after parsing attributes in process `syz.1.705'.
[  143.427285][ T7939] loop2: detected capacity change from 0 to 262144
[  143.430734][ T7939] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.699 (7939)
[  143.443903][ T7939] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  143.447064][ T7939] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  143.449926][ T7939] BTRFS info (device loop2): using free-space-tree
[  143.746282][ T5844] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  143.926239][ T7953] loop4: detected capacity change from 0 to 32768
[  143.984868][ T7953] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  144.068526][ T7953] XFS (loop4): Ending clean mount
[  144.081179][ T7980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.710'.
[  144.085655][ T7953] XFS (loop4): Quotacheck needed: Please wait.
[  144.260577][ T7953] XFS (loop4): Quotacheck: Done.
[  144.353608][ T7953] XFS (loop4): User initiated shutdown received.
[  144.356207][ T7953] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  144.361365][ T7953] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  144.570270][ T6776] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  145.082678][ T8013] loop1: detected capacity change from 0 to 4096
[  145.173395][ T8014] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.208412][ T8013] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11
[  145.217861][ T8013] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11
[  145.376527][ T8009] loop4: detected capacity change from 0 to 40427
[  145.388960][ T8009] F2FS-fs (loop4): build fault injection rate: 7
[  145.391610][ T8009] F2FS-fs (loop4): build fault injection type: 0x7698c
[  145.418445][ T8009] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  145.443086][ T8009] F2FS-fs (loop4): invalid crc value
[  145.462353][ T8009] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  145.475697][ T8009] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  145.494403][ T8009] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  145.508517][ T8009] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  145.534925][ T8009] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  145.551817][ T8020] loop1: detected capacity change from 0 to 4096
[  145.603560][ T8021] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.618878][ T8009] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  145.635777][ T8009] CPU: 0 UID: 0 PID: 8009 Comm: syz.4.717 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  145.635801][ T8009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  145.635810][ T8009] Call Trace:
[  145.635817][ T8009]  <TASK>
[  145.635823][ T8009]  dump_stack_lvl+0x189/0x250
[  145.635847][ T8009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.635864][ T8009]  ? __pfx_queue_work_on+0x10/0x10
[  145.635878][ T8009]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  145.635898][ T8009]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.635926][ T8009]  f2fs_handle_critical_error+0x37c/0x540
[  145.635952][ T8009]  f2fs_get_meta_folio_retry+0x84/0xa0
[  145.635973][ T8009]  f2fs_build_free_nids+0x896/0x11c0
[  145.636010][ T8009]  ? __pfx_f2fs_build_free_nids+0x10/0x10
[  145.636027][ T8009]  ? f2fs_build_node_manager+0x1bc7/0x2db0
[  145.636050][ T8009]  ? f2fs_fill_super+0x4462/0x6ff0
[  145.636075][ T8009]  f2fs_fill_super+0x4462/0x6ff0
[  145.636130][ T8009]  get_tree_bdev_flags+0x40e/0x4d0
[  145.636149][ T8009]  ? __pfx_f2fs_fill_super+0x10/0x10
[  145.636164][ T8009]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  145.636191][ T8009]  vfs_get_tree+0x92/0x2b0
[  145.636212][ T8009]  do_new_mount+0x2a2/0x9e0
[  145.636236][ T8009]  ? ns_capable+0x8a/0xf0
[  145.636251][ T8009]  ? __pfx_do_new_mount+0x10/0x10
[  145.636270][ T8009]  ? path_mount+0x61c/0xfe0
[  145.636288][ T8009]  ? user_path_at+0x44/0x60
[  145.636337][ T8009]  __se_sys_mount+0x317/0x410
[  145.636364][ T8009]  ? __pfx___se_sys_mount+0x10/0x10
[  145.636388][ T8009]  ? do_syscall_64+0xbe/0x3b0
[  145.636407][ T8009]  ? __x64_sys_mount+0x20/0xc0
[  145.636439][ T8009]  do_syscall_64+0xfa/0x3b0
[  145.636458][ T8009]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.636476][ T8009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.636489][ T8009]  ? exc_page_fault+0x9f/0xf0
[  145.636508][ T8009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.636522][ T8009] RIP: 0033:0x7fceba59038a
[  145.636534][ T8009] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.636546][ T8009] RSP: 002b:00007fcebb3fbe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  145.636561][ T8009] RAX: ffffffffffffffda RBX: 00007fcebb3fbef0 RCX: 00007fceba59038a
[  145.636572][ T8009] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00007fcebb3fbeb0
[  145.636582][ T8009] RBP: 0000200000000000 R08: 00007fcebb3fbef0 R09: 0000000000000008
[  145.636593][ T8009] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000040
[  145.636602][ T8009] R13: 00007fcebb3fbeb0 R14: 0000000000005530 R15: 0000200000000100
[  145.636627][ T8009]  </TASK>
[  145.636633][ T8009] F2FS-fs (loop4): Stopped filesystem due to reason: 2
[  145.755702][ T8009] F2FS-fs (loop4): NAT is corrupt, run fsck to fix it
[  145.762108][ T8009] F2FS-fs (loop4): Failed to initialize F2FS node manager (-117)
[  145.941541][ T8016] loop2: detected capacity change from 0 to 40427
[  145.949488][ T8016] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  145.951911][ T8016] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  146.018461][ T8027] loop1: detected capacity change from 0 to 512
[  146.065993][ T8027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.071322][ T8027] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.096666][   T33] audit: type=1800 audit(1755521711.430:82): pid=8027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.725" name="file1" dev="loop1" ino=15 res=0 errno=0
[  146.112523][   T33] audit: type=1800 audit(1755521711.430:83): pid=8027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.725" name="file2" dev="loop1" ino=16 res=0 errno=0
[  146.126023][ T8016] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  146.155310][ T8016] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  146.157813][ T8016] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  146.185935][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.250912][ T8016] syz.2.723: attempt to access beyond end of device
[  146.250912][ T8016] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  146.274523][ T8016] syz.2.723: attempt to access beyond end of device
[  146.274523][ T8016] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  146.287666][ T8016] syz.2.723: attempt to access beyond end of device
[  146.287666][ T8016] loop2: rw=34817, sector=45104, nr_sectors = 8 limit=40427
[  146.359583][ T8037] loop1: detected capacity change from 0 to 512
[  146.393906][ T8037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.401081][ T8037] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.410537][ T8037] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  146.466757][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.583533][ T5909] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  146.736589][ T5909] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  146.740131][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  146.746102][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  146.754925][ T5909] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  146.760957][ T5909] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  146.950312][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.962193][ T5909] usb 5-1: config 0 descriptor??
[  146.987915][ T8062] loop1: detected capacity change from 0 to 512
[  147.078892][ T8062] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.098463][ T8062] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.434901][ T5909] plantronics 0003:047F:FFFF.0005: ignoring exceeding usage max
[  147.451937][ T8075] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.741'.
[  147.848490][ T5909] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  147.866286][ T5909] usb 5-1: USB disconnect, device number 6
[  147.874177][ T2266] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  147.898647][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.053661][ T2266] usb 3-1: Using ep0 maxpacket: 16
[  148.060413][ T2266] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  148.068417][ T2266] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.070999][ T2266] usb 3-1: Product: syz
[  148.072382][ T2266] usb 3-1: Manufacturer: syz
[  148.079968][ T2266] usb 3-1: SerialNumber: syz
[  148.086102][ T2266] usb 3-1: config 0 descriptor??
[  148.094750][ T2266] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  148.479794][   T47] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  148.531815][ T2266] usb 3-1: Sony Clie 3.5 converter now attached to ttyUSB0
[  148.633596][   T47] usb 2-1: Using ep0 maxpacket: 16
[  148.660279][   T47] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  148.668969][   T47] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  148.689603][   T47] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  148.693533][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.696816][   T47] usb 2-1: Product: syz
[  148.698621][   T47] usb 2-1: Manufacturer: syz
[  148.701316][   T47] usb 2-1: SerialNumber: syz
[  148.767425][  T792] usb 3-1: USB disconnect, device number 11
[  148.814253][  T792] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[  148.826310][  T792] visor 3-1:0.0: device disconnected
[  148.947763][   T47] usb 2-1: cannot find UAC_HEADER
[  149.036873][   T47] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  149.053137][   T47] usb 2-1: USB disconnect, device number 13
[  149.099632][ T5963] udevd[5963]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  149.792678][ T8104] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  150.040790][ T8116] loop2: detected capacity change from 0 to 4096
[  150.079560][ T8116] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  150.116632][ T8116] ntfs3(loop2): ino=19, mi_enum_attr
[  150.118923][ T8116] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  150.333740][  T792] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  150.338784][ T8132] loop4: detected capacity change from 0 to 1024
[  150.346775][ T8132] EXT4-fs: Ignoring removed nobh option
[  150.354203][ T8132] EXT4-fs: Ignoring removed bh option
[  150.373090][ T8132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.440276][   T33] audit: type=1800 audit(1755521715.760:84): pid=8132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.767" name="bus" dev="loop4" ino=18 res=0 errno=0
[  150.472153][ T8132] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  150.513665][  T792] usb 2-1: Using ep0 maxpacket: 8
[  150.525677][  T792] usb 2-1: New USB device found, idVendor=2040, idProduct=b910, bcdDevice=18.c2
[  150.530626][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.531680][ T6776] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.540258][  T792] usb 2-1: Product: syz
[  150.541879][  T792] usb 2-1: Manufacturer: syz
[  150.556905][  T792] usb 2-1: SerialNumber: syz
[  150.561214][  T792] usb 2-1: config 0 descriptor??
[  150.606449][  T792] smsusb:smsusb_probe: board id=8, interface number 1
[  150.627721][  T792] smsusb:smsusb_probe: board id=8, interface number 0
[  150.750347][ T8138] loop2: detected capacity change from 0 to 32768
[  150.791277][ T8138] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  150.810175][ T5909] usb 2-1: USB disconnect, device number 14
[  150.832496][ T8138] (syz.2.768,8138,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=65, rec_len=16, name_len=1
[  150.853992][ T5896] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  150.873069][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  151.007327][ T5896] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.010506][ T5896] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  151.023624][ T5896] usb 5-1: config 1 interface 1 has no altsetting 1
[  151.037188][ T5896] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.040737][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.054828][ T5896] usb 5-1: Product: syz
[  151.056205][ T5896] usb 5-1: Manufacturer: syz
[  151.057742][ T5896] usb 5-1: SerialNumber: syz
[  151.232051][ T8150] team0: Device gtp0 is of different type
[  151.272649][ T5896] usb 5-1: selecting invalid altsetting 1
[  151.276726][ T5896] cdc_ncm 5-1:1.0: bind() failure
[  151.281373][ T5896] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  151.284019][ T5896] cdc_ncm 5-1:1.1: bind() failure
[  151.294378][ T5896] usb 5-1: USB disconnect, device number 7
[  151.544281][ T8156] loop1: detected capacity change from 0 to 32768
[  151.553136][ T8156] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  151.569431][ T8156] XFS (loop1): Ending clean mount
[  151.612974][ T5852] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  151.954200][ T8174] loop4: detected capacity change from 0 to 4096
[  151.993704][ T8177] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.112140][ T8182] loop1: detected capacity change from 0 to 2048
[  152.124304][ T8182] NILFS (loop1): invalid segment: Magic number mismatch
[  152.131116][ T8182] NILFS (loop1): trying rollback from an earlier position
[  152.162857][ T8182] NILFS (loop1): recovery complete
[  152.167641][ T8185] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.946300][ T8212] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  154.100969][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.1.799'.
[  154.112991][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.1.799'.
[  154.480041][ T8226] loop4: detected capacity change from 0 to 32768
[  154.511971][ T8226] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  154.562547][   T33] audit: type=1800 audit(1755521719.890:85): pid=8226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.800" name="file1" dev="loop4" ino=17058 res=0 errno=0
[  154.618109][ T8218] loop2: detected capacity change from 0 to 40427
[  154.633049][ T8218] F2FS-fs (loop2): invalid crc value
[  154.739019][ T8218] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  154.743821][ T8218] F2FS-fs (loop2): Start checkpoint disabled!
[  154.773949][ T8218] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  154.871961][ T6776] ocfs2: Unmounting device (7,4) on (node local)
[  154.927079][ T7122] kworker/u10:6: attempt to access beyond end of device
[  154.927079][ T7122] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  154.932773][ T7122] CPU: 1 UID: 0 PID: 7122 Comm: kworker/u10:6 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  154.932789][ T7122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  154.932795][ T7122] Workqueue: writeback wb_workfn (flush-7:2)
[  154.932811][ T7122] Call Trace:
[  154.932815][ T7122]  <TASK>
[  154.932819][ T7122]  dump_stack_lvl+0x189/0x250
[  154.932833][ T7122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.932843][ T7122]  ? __pfx_queue_work_on+0x10/0x10
[  154.932851][ T7122]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  154.932861][ T7122]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  154.932877][ T7122]  f2fs_handle_critical_error+0x37c/0x540
[  154.932892][ T7122]  f2fs_write_end_io+0x886/0xb60
[  154.932909][ T7122]  __submit_merged_bio+0x27a/0x6a0
[  154.932923][ T7122]  __submit_merged_write_cond+0x255/0x530
[  154.932938][ T7122]  f2fs_write_data_pages+0x261d/0x3000
[  154.932967][ T7122]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  154.932985][ T7122]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  154.933012][ T7122]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  154.933029][ T7122]  ? trace_f2fs_writepages+0x7f/0x200
[  154.933040][ T7122]  ? f2fs_write_node_pages+0x478/0x6e0
[  154.933053][ T7122]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  154.933071][ T7122]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  154.933082][ T7122]  do_writepages+0x32e/0x550
[  154.933096][ T7122]  ? reacquire_held_locks+0x127/0x1d0
[  154.933104][ T7122]  ? writeback_sb_inodes+0x384/0x1010
[  154.933119][ T7122]  __writeback_single_inode+0x145/0xff0
[  154.933129][ T7122]  ? do_raw_spin_unlock+0x4d/0x240
[  154.933141][ T7122]  writeback_sb_inodes+0x6c7/0x1010
[  154.933165][ T7122]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  154.933197][ T7122]  ? rcu_is_watching+0x15/0xb0
[  154.933210][ T7122]  wb_writeback+0x43b/0xaf0
[  154.933224][ T7122]  ? queue_io+0x3c1/0x590
[  154.933236][ T7122]  ? __pfx_wb_writeback+0x10/0x10
[  154.933250][ T7122]  ? _raw_spin_unlock_irq+0x23/0x50
[  154.933262][ T7122]  wb_workfn+0x409/0xef0
[  154.933279][ T7122]  ? __pfx_wb_workfn+0x10/0x10
[  154.933290][ T7122]  ? __lock_acquire+0xab9/0xd20
[  154.933306][ T7122]  ? process_scheduled_works+0x9ef/0x17b0
[  154.933318][ T7122]  ? _raw_spin_unlock_irq+0x23/0x50
[  154.933326][ T7122]  ? process_scheduled_works+0x9ef/0x17b0
[  154.933333][ T7122]  ? process_scheduled_works+0x9ef/0x17b0
[  154.933342][ T7122]  process_scheduled_works+0xae1/0x17b0
[  154.933365][ T7122]  ? __pfx_process_scheduled_works+0x10/0x10
[  154.933383][ T7122]  worker_thread+0x8a0/0xda0
[  154.933393][ T7122]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  154.933406][ T7122]  ? __kthread_parkme+0x7b/0x200
[  154.933438][ T7122]  kthread+0x711/0x8a0
[  154.933452][ T7122]  ? __pfx_worker_thread+0x10/0x10
[  154.933460][ T7122]  ? __pfx_kthread+0x10/0x10
[  154.933470][ T7122]  ? _raw_spin_unlock_irq+0x23/0x50
[  154.933479][ T7122]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.933488][ T7122]  ? __pfx_kthread+0x10/0x10
[  154.933498][ T7122]  ret_from_fork+0x3fc/0x770
[  154.933509][ T7122]  ? __pfx_ret_from_fork+0x10/0x10
[  154.933520][ T7122]  ? __switch_to_asm+0x39/0x70
[  154.933529][ T7122]  ? __switch_to_asm+0x33/0x70
[  154.933537][ T7122]  ? __pfx_kthread+0x10/0x10
[  154.933548][ T7122]  ret_from_fork_asm+0x1a/0x30
[  154.933566][ T7122]  </TASK>
[  155.044661][ T7122] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  155.179024][ T8239] loop1: detected capacity change from 0 to 4096
[  155.783603][ T5896] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  155.944883][ T5896] usb 5-1: Using ep0 maxpacket: 8
[  155.960891][ T5896] usb 5-1: config 0 has an invalid interface number: 218 but max is 0
[  155.969581][ T5896] usb 5-1: config 0 has no interface number 0
[  155.971907][ T5896] usb 5-1: config 0 interface 218 has no altsetting 0
[  155.989141][ T5896] usb 5-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=b3.4b
[  155.992312][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.995628][ T5896] usb 5-1: Product: syz
[  155.997695][ T5896] usb 5-1: Manufacturer: syz
[  156.003704][ T5896] usb 5-1: SerialNumber: syz
[  156.009623][ T5896] usb 5-1: config 0 descriptor??
[  156.064983][ T8279] loop2: detected capacity change from 0 to 512
[  156.068373][ T8279] EXT4-fs (loop2): Test dummy encryption mode enabled
[  156.081067][ T8279] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  156.091271][ T8279] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.821: bad orphan inode 131083
[  156.095936][ T8279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.122792][ T8283] loop1: detected capacity change from 0 to 128
[  156.160430][ T8283] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  156.174094][ T8283] ext4 filesystem being mounted at /288/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.190358][ T8283] EXT4-fs (loop1): shut down requested (0)
[  156.219816][ T5896] keyspan 5-1:0.218: Keyspan 1 port adapter converter detected
[  156.223104][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 84
[  156.233882][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 81
[  156.237067][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 82
[  156.239452][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 1
[  156.241847][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 2
[  156.247605][ T8279] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  156.249245][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 83
[  156.255396][ T5896] keyspan 5-1:0.218: found no endpoint descriptor for endpoint 3
[  156.259656][ T5896] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  156.263330][ T5896] usb 5-1: USB disconnect, device number 8
[  156.279063][ T5852] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.283171][ T5896] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  156.291490][ T5896] keyspan 5-1:0.218: device disconnected
[  156.302820][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.663735][ T8295] loop1: detected capacity change from 0 to 32768
[  156.689971][ T8295] read_mapping_page failed!
[  156.691633][ T8295] ERROR: (device loop1): txCommit: 
[  156.691633][ T8295] 
[  156.718347][ T4653] read_mapping_page failed!
[  156.720879][ T4653] ERROR: (device loop1): txCommit: 
[  156.720879][ T4653] 
[  156.723185][ T4653] jfs_write_inode: jfs_commit_inode failed!
[  157.308992][ T8326] netlink: 'syz.1.839': attribute type 5 has an invalid length.
[  157.428094][ T8333] netlink: 28 bytes leftover after parsing attributes in process `syz.1.843'.
[  157.430912][ T8333] netlink: 28 bytes leftover after parsing attributes in process `syz.1.843'.
[  157.535721][ T8339] netem: unknown loss type 0
[  157.537243][ T8339] netem: change failed
[  157.553772][   T47] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  157.750370][   T47] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  157.755279][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  157.758858][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  157.762774][   T47] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  157.768142][   T47] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  157.793513][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.800218][   T47] usb 5-1: config 0 descriptor??
[  157.815513][ T8327] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  158.255171][   T47] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd
[  158.282574][   T47] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  158.323585][ T5896] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  158.475371][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.489840][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.494029][ T5896] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  158.498996][ T5896] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  158.502650][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.508999][ T5896] usb 2-1: config 0 descriptor??
[  158.542174][ T5909] usb 5-1: USB disconnect, device number 9
[  158.922575][ T5896] plantronics 0003:047F:FFFF.0007: reserved main item tag 0xd
[  158.949811][ T5896] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  159.208787][ T5896] usb 2-1: USB disconnect, device number 15
[  160.134398][ T5896] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  160.165954][ T8376] syzkaller0: entered promiscuous mode
[  160.168040][ T8376] syzkaller0: entered allmulticast mode
[  160.296466][ T5896] usb 2-1: Using ep0 maxpacket: 8
[  160.311583][ T5896] usb 2-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9
[  160.318384][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.332566][ T5896] usb 2-1: config 0 descriptor??
[  160.357960][ T5896] usblcd 2-1:0.0: USBLCD model not supported.
[  160.565578][ T5896] usb 2-1: USB disconnect, device number 16
[  161.389802][ T8388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.868'.
[  163.552225][ T8398] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffb,4)
[  163.570426][ T8398] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  163.573118][ T8398] comedi comedi3: 8255: I/O port conflict (0x100000,4)
[  163.582030][ T8398] comedi comedi3: 8255: I/O port conflict (0x8f,4)
[  163.592695][ T8398] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  163.598363][ T8398] comedi comedi3: 8255: I/O port conflict (0x100010,4)
[  163.601143][ T8398] comedi comedi3: 8255: I/O port conflict (0x1000002,4)
[  163.612836][ T8398] comedi comedi3: 8255: I/O port conflict (0xffffffffffffffbf,4)
[  163.619060][ T8398] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  163.628831][ T8398] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  163.631515][ T8398] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  163.646086][ T8398] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  163.654329][ T8398] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  163.658315][ T8398] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  163.668485][ T8398] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  163.671137][ T8398] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  163.680843][ T8398] comedi comedi3: 8255: I/O port conflict (0x100,4)
[  163.691171][ T8398] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  163.701308][ T8398] comedi comedi3: 8255: I/O port conflict (0x80,4)
[  163.706773][ T8398] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  163.713963][ T8398] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  163.719721][ T8398] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  163.722474][ T8404] loop4: detected capacity change from 0 to 512
[  163.727060][ T8398] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  163.732235][ T8398] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  163.778095][ T8404] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  163.792448][ T8404] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  163.796866][ T8404] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.875: Failed to acquire dquot type 1
[  163.813018][ T8404] EXT4-fs (loop4): 1 truncate cleaned up
[  163.826553][ T8404] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.860685][ T8404] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.890439][ T8404] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  163.901887][ T8404] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  163.910865][ T8404] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.875: Failed to acquire dquot type 1
[  163.982615][ T6776] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.613651][ T5896] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  164.803618][ T5896] usb 3-1: Using ep0 maxpacket: 16
[  164.811127][ T5896] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  164.835117][ T5896] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  164.839714][ T5896] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  164.854156][ T5896] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 223
[  164.871017][ T5896] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  164.883697][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.886869][ T5896] usb 3-1: Product: syz
[  164.888558][ T5896] usb 3-1: Manufacturer: syz
[  164.890418][ T5896] usb 3-1: SerialNumber: syz
[  164.909139][ T5896] usb 3-1: config 0 descriptor??
[  164.913697][ T8422] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  164.936230][ T8422] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  165.007359][    C0] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71)
[  165.010046][ T5896] mcba_usb 3-1:0.0: Microchip CAN BUS Analyzer connected
[  165.013032][    C0] mcba_usb 3-1:0.0 can0: Tx URB aborted (-71)
[  165.158686][ T5896] usb 3-1: USB disconnect, device number 12
[  165.192807][ T5896] mcba_usb 3-1:0.0 can0: device disconnected
[  165.442724][ T8424] loop4: detected capacity change from 0 to 32768
[  165.483766][ T8424] (syz.4.882,8424,0):ocfs2_verify_userspace_stack:858 ERROR: cluster stack passed to mount, but this filesystem does not support it
[  165.520141][ T8424] (syz.4.882,8424,0):ocfs2_fill_super:1177 ERROR: status = -22
[  165.792701][ T8439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.889'.
[  165.797432][ T8439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.889'.
[  165.896975][ T8444] netlink: ct family unspecified
[  165.898921][ T8444] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  166.128542][  T793] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  166.294325][  T793] usb 5-1: Using ep0 maxpacket: 32
[  166.298525][  T793] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  166.310546][  T793] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  166.314181][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.316648][  T793] usb 5-1: Product: syz
[  166.317958][  T793] usb 5-1: Manufacturer: syz
[  166.319446][  T793] usb 5-1: SerialNumber: syz
[  166.334704][  T793] usb 5-1: config 0 descriptor??
[  166.337414][ T8442] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  166.345566][  T793] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  166.582187][  T792] usb 5-1: USB disconnect, device number 10
[  166.887019][ T8473] loop2: detected capacity change from 0 to 512
[  166.901318][ T8473] EXT4-fs: Ignoring removed orlov option
[  166.916383][ T8473] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  166.931064][ T8473] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  166.946014][ T8473] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.905: corrupted in-inode xattr: e_value size too large
[  166.958091][ T8473] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.905: couldn't read orphan inode 15 (err -117)
[  166.962616][ T8469] loop1: detected capacity change from 0 to 32768
[  166.967584][ T8469] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.903 (8469)
[  166.986760][ T8469] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  166.990892][ T8469] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  166.993928][ T8469] BTRFS info (device loop1): using free-space-tree
[  166.994868][ T8473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.099838][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.167590][ T5852] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  167.355609][ T8505] netlink: 28 bytes leftover after parsing attributes in process `syz.4.911'.
[  167.400635][ T8506] netlink: 12 bytes leftover after parsing attributes in process `syz.2.912'.
[  167.452540][ T8506] netlink: 12 bytes leftover after parsing attributes in process `syz.2.912'.
[  167.516573][ T8514] loop4: detected capacity change from 0 to 128
[  167.611372][ T8514] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  167.623806][ T8514] hpfs: filesystem error: improperly stopped
[  167.630780][ T8514] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  167.641372][ T8514] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories
[  167.653920][ T8514] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==00000001
[  167.861826][   T54] Bluetooth: hci3: command 0x0405 tx timeout
[  168.319806][ T8531] loop4: detected capacity change from 0 to 8
[  168.350071][ T5896] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  168.418919][ T8512] loop1: detected capacity change from 0 to 32768
[  168.426615][ T8512] bcachefs (/dev/loop1): error reading superblock: block size (0) smaller than device block size (512)
[  168.448522][ T8512] bcachefs: bch2_fs_get_tree() error: block_size_too_small
[  168.723946][ T5896] usb 3-1: Using ep0 maxpacket: 32
[  168.730962][ T5896] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  168.735545][ T5896] usb 3-1: config 0 has no interface number 0
[  168.737899][ T5896] usb 3-1: config 0 interface 184 has no altsetting 0
[  168.853643][ T5896] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  168.857184][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.860329][ T5896] usb 3-1: Product: syz
[  168.861990][ T5896] usb 3-1: Manufacturer: syz
[  168.869109][ T5896] usb 3-1: SerialNumber: syz
[  168.879832][ T5896] usb 3-1: config 0 descriptor??
[  168.911019][ T5896] smsc75xx v1.0.0
[  168.912345][ T5896] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  168.916024][ T5896] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -22
[  169.074586][ T8535] loop4: detected capacity change from 0 to 32768
[  169.082307][ T8535] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.922 (8535)
[  169.134454][ T8535] BTRFS info (device loop4 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  169.137874][ T8535] BTRFS info (device loop4 state S): using crc32c (crc32c-lib) checksum algorithm
[  169.141174][ T8535] BTRFS info (device loop4 state S): using free-space-tree
[  169.199700][ T1151] BTRFS warning (device loop4 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  169.237975][ T1093] BTRFS warning (device loop4 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x13388982 level 0, ignored
[  169.245616][ T8561] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.248489][ T8561] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.255581][ T1098] BTRFS warning (device loop4 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x28b693f7 level 0, ignored
[  169.264581][ T8561] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.267451][ T8561] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.275207][ T8535] BTRFS error (device loop4 state S): failed to load root free space
[  169.325046][ T1151] BTRFS warning (device loop4 state S): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x0d9b21b0 level 0, ignored
[  169.413714][ T6776] BTRFS info (device loop4 state S): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.003598][   T54] Bluetooth: hci3: command 0x0405 tx timeout
[  170.655084][ T8521] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  170.657248][ T8521] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  170.684396][ T8521] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  170.695282][ T8521] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  170.718311][ T8521] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  170.723525][ T8521] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  170.782353][ T8589] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.937'.
[  170.843683][ T5896] usb 3-1: USB disconnect, device number 13
[  171.198866][ T8608] loop2: detected capacity change from 0 to 512
[  171.283130][ T8608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.295471][ T8608] ext4 filesystem being mounted at /373/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  171.335745][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.544116][ T5896] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  171.603587][ T5909] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  171.693908][ T5896] usb 5-1: Using ep0 maxpacket: 8
[  171.708456][ T5896] usb 5-1: unable to get BOS descriptor or descriptor too short
[  171.713119][ T5896] usb 5-1: config 8 has an invalid interface number: 24 but max is 1
[  171.718389][ T5896] usb 5-1: config 8 has an invalid interface number: 242 but max is 1
[  171.721855][ T5896] usb 5-1: config 8 has no interface number 0
[  171.724787][ T5896] usb 5-1: config 8 has no interface number 1
[  171.727443][ T5896] usb 5-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024
[  171.731918][ T5896] usb 5-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 255, changing to 11
[  171.737700][ T5896] usb 5-1: config 8 interface 24 has no altsetting 0
[  171.741240][ T5896] usb 5-1: config 8 interface 242 has no altsetting 0
[  171.748535][ T5896] usb 5-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  171.752120][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.758847][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  171.763601][ T5896] usb 5-1: Product: syz
[  171.763616][ T5896] usb 5-1: Manufacturer: syz
[  171.763628][ T5896] usb 5-1: SerialNumber: syz
[  171.769930][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.779467][ T8613] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  171.785724][ T5909] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  171.789469][ T5909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.800404][ T5909] usb 3-1: config 0 descriptor??
[  172.021529][ T5896] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'.
[  172.051821][ T5896] vmk80xx 5-1:8.242: driver 'vmk80xx' failed to auto-configure device.
[  172.086983][ T5896] usb 5-1: USB disconnect, device number 11
[  172.232842][ T5909] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  172.236836][ T5909] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  172.239531][ T5909] isku 0003:1E7D:319C.0008: item fetching failed at offset 3/7
[  172.243028][ T5909] isku 0003:1E7D:319C.0008: parse failed
[  172.247172][ T5909] isku 0003:1E7D:319C.0008: probe with driver isku failed with error -22
[  172.453779][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  172.456963][ T5896] usb 3-1: USB disconnect, device number 14
[  172.620481][    T9] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  172.627569][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.630522][    T9] usb 2-1: Product: syz
[  172.632157][    T9] usb 2-1: Manufacturer: syz
[  172.639598][    T9] usb 2-1: SerialNumber: syz
[  172.648045][    T9] usb 2-1: config 0 descriptor??
[  172.870678][    T9] usb 2-1: f81604_read: reg: 105 failed: -EPROTO
[  172.873218][    T9] f81604 2-1:0.0: Setting termination of CH#0 failed: -EPROTO
[  172.907158][    T9] f81604 2-1:0.0: probe with driver f81604 failed with error -71
[  172.918396][    T9] usb 2-1: USB disconnect, device number 17
[  173.147482][ T8641] loop4: detected capacity change from 0 to 128
[  173.162512][ T8641] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.175608][ T8641] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.207990][ T6776] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.211953][ T8644] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  174.259881][ T8648] loop2: detected capacity change from 0 to 32768
[  174.274952][ T8648] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.962 (8648)
[  174.311927][ T8648] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.326218][ T8648] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  174.335489][ T8648] BTRFS info (device loop2): using free-space-tree
[  174.495100][ T5844] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  175.033831][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  175.213810][    T9] usb 5-1: Using ep0 maxpacket: 32
[  175.220766][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.227962][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.240047][    T9] usb 5-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  175.251988][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.279745][    T9] usb 5-1: config 0 descriptor??
[  175.762900][    T9] saitek 0003:06A3:0621.0009: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.4-1/input0
[  175.945580][    T9] usb 5-1: USB disconnect, device number 12
[  176.019906][ T8705] netlink: 36 bytes leftover after parsing attributes in process `syz.1.979'.
[  176.072135][ T8709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.981'.
[  177.209093][ T8731] loop4: detected capacity change from 0 to 32768
[  177.449217][ T8731] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded=yes,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  177.449244][ T8731]   allowing incompatible features above 0.0: (unknown version)
[  177.449254][ T8731]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  177.492958][ T8731] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  177.497919][ T8731] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  177.501229][ T8731] bcachefs (loop4): Version upgrade required:
[  177.501229][ T8731] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  177.501229][ T8731] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  177.501229][ T8731]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  177.528973][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.563926][ T8731] bcachefs (loop4): dropping and reconstructing all alloc info
[  177.604653][ T8731] bcachefs (loop4): accounting_read... done
[  177.607069][ T8731] bcachefs (loop4): alloc_read... done
[  177.608936][ T8731] bcachefs (loop4): snapshots_read... done
[  177.616692][ T8731] bcachefs (loop4): done starting filesystem
[  177.736459][ T6776] bcachefs (loop4): shutting down
[  177.798580][ T6776] bcachefs (loop4): shutdown complete
[  177.958601][ T8755] loop2: detected capacity change from 0 to 32768
[  178.064740][ T8762] loop1: detected capacity change from 0 to 32768
[  178.093903][ T8762] ERROR: (device loop1): dbDiscardAG: -EIO
[  178.093903][ T8762] 
[  178.097068][ T8762] ERROR: (device loop1): remounting filesystem as read-only
[  178.422249][ T8755] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  178.422273][ T8755]   allowing incompatible features above 0.0: (unknown version)
[  178.422282][ T8755]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  178.502183][ T8755] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  178.520864][ T8765] loop1: detected capacity change from 0 to 32768
[  178.536880][ T8755] bcachefs (loop2): initializing new filesystem
[  178.589192][ T8755] bcachefs (loop2): going read-write
[  178.595275][ T8765] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  178.632854][ T8755] bcachefs (loop2): marking superblocks
[  178.667388][ T8755] bcachefs (loop2): initializing freespace
[  178.694165][ T8755] bcachefs (loop2): done initializing freespace
[  178.707696][ T8755] bcachefs (loop2): reading snapshots table
[  178.723718][ T8755] bcachefs (loop2): reading snapshots done
[  178.738036][ T8755] bcachefs (loop2): done starting filesystem
[  178.808076][ T5852] ocfs2: Unmounting device (7,1) on (node local)
[  178.830263][ T5844] bcachefs (loop2): shutting down
[  178.833778][ T5844] bcachefs (loop2): going read-only
[  178.835337][ T5844] bcachefs (loop2): finished waiting for writes to stop
[  178.923850][ T5844] bcachefs (loop2): flushing journal and stopping allocators, journal seq 7
[  178.991668][ T5844] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10
[  179.005949][ T5844] bcachefs (loop2): clean shutdown complete, journal seq 11
[  179.014431][ T5844] bcachefs (loop2): marking filesystem clean
[  179.051511][ T8782] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1005'.
[  179.057885][ T8782] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1005'.
[  179.075879][ T5844] bcachefs (loop2): shutdown complete
[  179.225394][ T8788] loop4: detected capacity change from 0 to 128
[  179.250244][   T33] audit: type=1800 audit(1755521744.570:86): pid=8788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1010" name="file2" dev="loop4" ino=1048625 res=0 errno=0
[  179.261872][ T8788] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  179.289745][ T8788] FAT-fs (loop4): Filesystem has been set read-only
[  179.295435][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.295435][ T8788] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  179.300206][ T8788] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  179.304959][ T8788] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  179.312970][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.312970][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.321450][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.321450][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.328669][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.328669][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.333317][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.333317][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.340527][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.340527][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.347224][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.347224][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.351889][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.351889][ T8788] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  179.370046][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.370046][ T8788] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  179.376876][ T8788] buffer_io_error: 138 callbacks suppressed
[  179.376886][ T8788] Buffer I/O error on dev loop4, logical block 2065, async page read
[  179.391380][ T8788] syz.4.1010: attempt to access beyond end of device
[  179.391380][ T8788] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  179.407550][ T8788] Buffer I/O error on dev loop4, logical block 2066, async page read
[  179.410701][ T8788] Buffer I/O error on dev loop4, logical block 2067, async page read
[  179.414426][ T8788] Buffer I/O error on dev loop4, logical block 2068, async page read
[  179.417345][ T8788] Buffer I/O error on dev loop4, logical block 2069, async page read
[  179.420398][ T8788] Buffer I/O error on dev loop4, logical block 2070, async page read
[  179.423314][ T8788] Buffer I/O error on dev loop4, logical block 2071, async page read
[  179.433685][ T8788] Buffer I/O error on dev loop4, logical block 2072, async page read
[  179.447587][ T8791] Buffer I/O error on dev loop4, logical block 2065, async page read
[  179.455065][ T8791] Buffer I/O error on dev loop4, logical block 2066, async page read
[  179.644395][ T8796] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1013'.
[  180.542637][ T8799] loop4: detected capacity change from 0 to 4096
[  180.551403][ T8799] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  180.847261][ T8801] loop4: detected capacity change from 0 to 128
[  180.865233][ T8801] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  181.076019][ T8814] loop2: detected capacity change from 0 to 2048
[  181.090405][ T8814] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 98: 0x1f != 0x1e
[  181.098031][ T8814] UDF-fs: warning (device loop2): udf_verify_domain_identifier: Not OSTA UDF compliant logical volume descriptor.
[  181.101894][ T8814] UDF-fs: warning (device loop2): udf_fill_super: No partition found (2)
[  181.213624][  T792] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  181.361494][ T8816] loop2: detected capacity change from 0 to 32768
[  181.374235][ T8816] 
[  181.374235][ T8816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.374235][ T8816] 
[  181.374851][  T792] usb 5-1: Using ep0 maxpacket: 16
[  181.409694][  T792] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[  181.412330][ T8816] 
[  181.412330][ T8816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.412330][ T8816] 
[  181.417933][ T8816] 
[  181.417933][ T8816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.417933][ T8816] 
[  181.421841][ T8816] 
[  181.421841][ T8816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.421841][ T8816] 
[  181.425096][  T792] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  181.425989][ T8816] 
[  181.425989][ T8816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.425989][ T8816] 
[  181.433150][  T792] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  181.439729][  T117] 
[  181.439729][  T117]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.439729][  T117] 
[  181.452532][  T792] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  181.469577][  T792] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  181.474860][ T5844] 
[  181.474860][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.474860][ T5844] 
[  181.484884][ T5844] 
[  181.484884][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  181.484884][ T5844] 
[  181.488749][  T792] usb 5-1: config 1 interface 0 has no altsetting 0
[  181.493538][  T792] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  181.506019][  T792] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.525878][  T792] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[  181.781852][  T792] ums-sddr09 5-1:1.0: probe with driver ums-sddr09 failed with error -22
[  181.821195][  T792] usb 5-1: USB disconnect, device number 13
[  182.313328][ T8862] loop4: detected capacity change from 0 to 1024
[  182.358751][ T8862] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  182.373023][ T8862] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  182.397401][ T8862] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  182.400736][ T8862] EXT4-fs (loop4): orphan cleanup on readonly fs
[  182.445216][ T8862] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1041: Freeing blocks not in datazone - block = 0, count = 4096
[  182.484052][ T8862] EXT4-fs (loop4): Remounting filesystem read-only
[  182.486663][ T8862] EXT4-fs (loop4): 1 orphan inode deleted
[  182.489831][ T8862] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.564454][ T6776] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.997967][ T8867] loop4: detected capacity change from 0 to 32768
[  183.010799][ T8867] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1044 (8867)
[  183.053926][ T8867] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  183.058051][ T8867] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  183.191702][ T8867] BTRFS info (device loop4): rebuilding free space tree
[  183.217906][ T8867] BTRFS info (device loop4): disabling free space tree
[  183.220715][ T8867] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  183.243672][ T8867] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  183.309845][ T6776] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  184.558442][ T8902] loop2: detected capacity change from 0 to 262144
[  184.562493][ T8902] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1050 (8902)
[  185.196433][ T8902] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  185.200898][ T8902] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  185.203953][ T8902] BTRFS info (device loop2): using free-space-tree
[  185.499526][ T8902] BTRFS info (device loop2): balance: start -d -m -s
[  185.504614][ T8902] BTRFS info (device loop2): relocating block group 63963136 flags data
[  185.631108][ T8902] BTRFS info (device loop2): found 1 extents, stage: move data extents
[  185.639378][ T5909] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  185.660006][ T8902] BTRFS info (device loop2): found 1 extents, stage: update data pointers
[  185.686226][ T8902] BTRFS info (device loop2): relocating block group 13631488 flags data
[  185.710520][ T8902] BTRFS info (device loop2): found 1 extents, stage: move data extents
[  185.731528][ T8902] BTRFS info (device loop2): found 1 extents, stage: update data pointers
[  185.746569][ T8902] BTRFS info (device loop2): 2 enospc errors during balance
[  185.749377][ T8902] BTRFS info (device loop2): balance: ended with status: -28
[  185.892330][ T5844] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  185.909797][ T5909] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  185.912404][ T5909] usb 2-1: config 0 has no interface number 0
[  185.954864][ T5909] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  185.958667][ T5909] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.961954][ T5909] usb 2-1: Product: syz
[  185.971576][ T5909] usb 2-1: Manufacturer: syz
[  185.973075][ T5909] usb 2-1: SerialNumber: syz
[  186.012434][ T5909] usb 2-1: config 0 descriptor??
[  186.156727][   T33] audit: type=1400 audit(1755521751.470:87): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A30206B420A4C617A79467265653A202020202020202020202020202030206B420A416E6F6E4875676550616765733A20202020202020202030206B420A53686D656D506D644D61707065643A202020202020202030206B420A46696C65506D644D61707065643A20202020202020202030206B420A5368617265645F48756765746C623A202020202020202030206B420A507269766174 pid=8937 comm="syz.4.1060"
[  186.238052][ T5909] usb 2-1: Found UVC 0.08 device syz (046d:0823)
[  186.240346][ T5909] usb 2-1: No valid video chain found.
[  186.246691][ T5909] usb 2-1: USB disconnect, device number 18
[  186.360405][ T8942] loop4: detected capacity change from 0 to 4096
[  186.650259][ T8948] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1065'.
[  186.653157][ T8948] netlink: 'syz.4.1065': attribute type 1 has an invalid length.
[  186.656060][ T8948] netlink: 'syz.4.1065': attribute type 2 has an invalid length.
[  186.658470][ T8948] netlink: 'syz.4.1065': attribute type 3 has an invalid length.
[  186.749941][ T8950] loop4: detected capacity change from 0 to 2048
[  186.814521][ T5856] Alternate GPT is invalid, using primary GPT.
[  186.816455][ T5856]  loop4: p1 p2 p3
[  186.817644][ T5856] loop4: partition table partially beyond EOD, truncated
[  186.866375][ T8950] Alternate GPT is invalid, using primary GPT.
[  186.868372][ T8950]  loop4: p1 p2 p3
[  186.869569][ T8950] loop4: partition table partially beyond EOD, truncated
[  186.937883][ T5856] udevd[5856]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  186.946452][ T5963] udevd[5963]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  186.956232][ T6069] udevd[6069]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  187.076083][ T5963] udevd[5963]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  187.082484][ T6069] udevd[6069]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  187.133257][ T8975] loop4: detected capacity change from 0 to 512
[  187.148852][ T8975] ext4: Unknown parameter 'rootcontext'
[  187.384338][ T8978] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1078'.
[  189.311017][ T9012] loop2: detected capacity change from 0 to 32768
[  189.314656][ T9012] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1092 (9012)
[  189.320605][ T9012] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  189.324182][ T9012] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  189.329275][ T9012] BTRFS info (device loop2): using free-space-tree
[  190.098601][ T9046] loop1: detected capacity change from 0 to 512
[  190.115283][ T9046] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  190.124341][ T5844] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  190.149423][ T9046] EXT4-fs (loop1): 1 truncate cleaned up
[  190.162510][ T9046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.215311][ T9046] syz.1.1098 (pid 9046) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  190.301318][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.557631][ T9058] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1103'.
[  190.648613][ T9064] loop1: detected capacity change from 0 to 512
[  190.664152][ T9064] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  190.675017][ T9064] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  190.677735][ T9064] System zones: 1-12
[  190.679679][ T9064] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  190.713701][ T9064] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.1106: corrupted inode contents
[  190.723143][ T9064] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #11: comm syz.1.1106: mark_inode_dirty error
[  190.741391][ T9064] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1106: invalid indirect mapped block 1 (level 1)
[  190.746640][ T9064] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.1106: corrupted inode contents
[  190.757732][ T9053] loop4: detected capacity change from 0 to 40427
[  190.762217][ T9064] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  190.772125][ T9064] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #11: comm syz.1.1106: corrupted inode contents
[  190.776270][ T9064] EXT4-fs error (device loop1): ext4_truncate:4666: inode #11: comm syz.1.1106: mark_inode_dirty error
[  190.780804][ T9064] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  190.785188][ T9064] EXT4-fs (loop1): 1 truncate cleaned up
[  190.789368][ T9064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.811408][ T9053] F2FS-fs (loop4): invalid crc value
[  190.881289][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.939136][ T9053] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  190.962207][ T9053] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  191.011528][ T6776] bio_check_eod: 3470 callbacks suppressed
[  191.011609][ T6776] syz-executor: attempt to access beyond end of device
[  191.011609][ T6776] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  191.019832][ T6776] CPU: 1 UID: 0 PID: 6776 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  191.019853][ T6776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  191.019887][ T6776] Call Trace:
[  191.019893][ T6776]  <TASK>
[  191.019900][ T6776]  dump_stack_lvl+0x189/0x250
[  191.019923][ T6776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.019939][ T6776]  ? __pfx_queue_work_on+0x10/0x10
[  191.019952][ T6776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  191.019975][ T6776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  191.020000][ T6776]  f2fs_handle_critical_error+0x37c/0x540
[  191.020024][ T6776]  f2fs_write_end_io+0x886/0xb60
[  191.020052][ T6776]  __submit_merged_bio+0x27a/0x6a0
[  191.020076][ T6776]  __submit_merged_write_cond+0x255/0x530
[  191.020099][ T6776]  f2fs_write_data_pages+0x261d/0x3000
[  191.020145][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  191.020194][ T6776]  ? __mod_zone_page_state+0xd7/0x140
[  191.020221][ T6776]  ? folios_put_refs+0x560/0x640
[  191.020249][ T6776]  ? __lock_acquire+0xab9/0xd20
[  191.020292][ T6776]  ? do_raw_spin_lock+0x121/0x290
[  191.020318][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  191.020335][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  191.020355][ T6776]  do_writepages+0x32e/0x550
[  191.020382][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  191.020402][ T6776]  filemap_fdatawrite+0x199/0x240
[  191.020418][ T6776]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  191.020474][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  191.020493][ T6776]  f2fs_sync_dirty_inodes+0x31f/0x830
[  191.020518][ T6776]  f2fs_write_checkpoint+0x95a/0x1df0
[  191.020544][ T6776]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  191.020594][ T6776]  ? kill_f2fs_super+0x298/0x6c0
[  191.020612][ T6776]  kill_f2fs_super+0x2c3/0x6c0
[  191.020630][ T6776]  ? __pfx_kill_f2fs_super+0x10/0x10
[  191.020642][ T6776]  ? radix_tree_delete_item+0x2b6/0x400
[  191.020663][ T6776]  ? shrinker_free+0x2ce/0x3e0
[  191.020679][ T6776]  deactivate_locked_super+0xbc/0x130
[  191.020697][ T6776]  cleanup_mnt+0x425/0x4c0
[  191.020712][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.020730][ T6776]  task_work_run+0x1d4/0x260
[  191.020753][ T6776]  ? __pfx_task_work_run+0x10/0x10
[  191.020767][ T6776]  ? __x64_sys_umount+0x122/0x160
[  191.020789][ T6776]  ? exit_to_user_mode_loop+0x40/0x110
[  191.020810][ T6776]  exit_to_user_mode_loop+0xec/0x110
[  191.020829][ T6776]  do_syscall_64+0x2bd/0x3b0
[  191.020847][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.020887][ T6776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.020900][ T6776]  ? exc_page_fault+0x9f/0xf0
[  191.020918][ T6776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.020931][ T6776] RIP: 0033:0x7fceba58ff17
[  191.020945][ T6776] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  191.020956][ T6776] RSP: 002b:00007ffdf99c0748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  191.020970][ T6776] RAX: 0000000000000000 RBX: 00007fceba611c05 RCX: 00007fceba58ff17
[  191.020978][ T6776] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf99c0800
[  191.020986][ T6776] RBP: 00007ffdf99c0800 R08: 0000000000000000 R09: 0000000000000000
[  191.020995][ T6776] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf99c1890
[  191.021004][ T6776] R13: 00007fceba611c05 R14: 000000000002e9a1 R15: 00007ffdf99c18d0
[  191.021026][ T6776]  </TASK>
[  191.166115][ T6776] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  191.449257][ T9085] netlink: 'syz.1.1112': attribute type 4 has an invalid length.
[  191.459883][ T9085] netlink: 'syz.1.1112': attribute type 4 has an invalid length.
[  191.671733][ T9089] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1114'.
[  192.073541][ T5909] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  192.132196][ T9097] loop2: detected capacity change from 0 to 1024
[  192.255601][ T5909] usb 5-1: config 32 has an invalid interface number: 251 but max is 0
[  192.260238][ T5909] usb 5-1: config 32 has no interface number 0
[  192.262746][ T5909] usb 5-1: config 32 interface 251 altsetting 0 bulk endpoint 0xD has invalid maxpacket 1024
[  192.286729][ T5909] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=6f.ea
[  192.300691][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.311541][ T5909] usb 5-1: Product: syz
[  192.313164][ T5909] usb 5-1: Manufacturer: syz
[  192.315533][ T5909] usb 5-1: SerialNumber: syz
[  192.324290][ T9095] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  192.328065][ T5909] iowarrior 5-1:32.251: no interrupt-in endpoint found
[  192.388091][ T9093] loop1: detected capacity change from 0 to 65536
[  192.436114][ T9093] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  192.439187][ T9093] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  192.456533][ T9112] loop2: detected capacity change from 0 to 1024
[  192.459365][ T9112] EXT4-fs: Ignoring removed orlov option
[  192.473137][ T9112] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  192.478159][ T9093] XFS (loop1): Ending clean mount
[  192.525363][ T9112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.538070][ T5909] usb 5-1: USB disconnect, device number 14
[  192.581557][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.700845][ T5852] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  193.105688][ T9126] loop2: detected capacity change from 0 to 32768
[  193.246268][ T9126] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  193.246284][ T9126]   allowing incompatible features above 0.0: (unknown version)
[  193.246289][ T9126]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  193.281930][ T9126] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  193.293989][ T9126] bcachefs (loop2): initializing new filesystem
[  193.301332][ T9126] bcachefs (loop2): going read-write
[  193.317251][ T9126] bcachefs (loop2): marking superblocks
[  193.336453][ T9126] bcachefs (loop2): initializing freespace
[  193.357043][ T9126] bcachefs (loop2): done initializing freespace
[  193.377198][ T9126] bcachefs (loop2): reading snapshots table
[  193.379071][ T9126] bcachefs (loop2): reading snapshots done
[  193.457796][ T9126] bcachefs (loop2): done starting filesystem
[  193.465533][ T9130] loop4: detected capacity change from 0 to 32768
[  193.477974][ T9130] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  193.568318][ T5844] bcachefs (loop2): shutting down
[  193.569932][ T5844] bcachefs (loop2): going read-only
[  193.571757][ T5844] bcachefs (loop2): finished waiting for writes to stop
[  193.576283][ T5844] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  193.620193][ T5844] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  193.637949][ T5844] bcachefs (loop2): clean shutdown complete, journal seq 4
[  193.640585][ T5844] bcachefs (loop2): marking filesystem clean
[  193.647224][ T6776] ocfs2: Unmounting device (7,4) on (node local)
[  193.688763][ T5844] bcachefs (loop2): shutdown complete
[  193.918183][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  193.920176][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  194.137022][ T9175] netlink: 'syz.4.1144': attribute type 7 has an invalid length.
[  194.156510][ T9175] : entered promiscuous mode
[  194.933694][ T5909] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  195.097519][ T5909] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.101606][ T5909] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.110249][ T5909] usb 5-1: config 0 interface 0 has no altsetting 0
[  195.112811][ T5909] usb 5-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  195.119913][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.127741][ T5909] usb 5-1: config 0 descriptor??
[  195.464274][ T9189] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1149'.
[  195.467711][ T9189] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1149'.
[  195.559364][ T5909] uclogic 0003:5543:0005.000A: item 0 2 0 8 parsing failed
[  195.562672][ T5909] uclogic 0003:5543:0005.000A: parse failed
[  195.583667][ T5909] uclogic 0003:5543:0005.000A: probe with driver uclogic failed with error -22
[  195.605198][ T9193] loop1: detected capacity change from 0 to 1024
[  195.637633][ T9193] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  195.648348][ T9193] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  195.652140][ T9193] EXT4-fs (loop1): orphan cleanup on readonly fs
[  195.659094][ T9193] Quota error (device loop1): v2_read_file_info: Can't read info structure
[  195.664920][ T9193] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  195.669922][ T9193] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  195.675573][ T9193] EXT4-fs (loop1): 1 truncate cleaned up
[  195.678084][ T9193] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.707033][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.767286][ T9199] loop1: detected capacity change from 0 to 2048
[  195.777108][ T5896] usb 5-1: USB disconnect, device number 15
[  195.795744][ T9199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.800524][ T9199] ext4 filesystem being mounted at /425/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.888962][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.086683][ T9206] tmpfs: Bad value for 'mpol'
[  196.246215][ T9210] loop1: detected capacity change from 0 to 2048
[  196.265154][ T9210] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  196.277855][ T9211] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  196.284312][ T9210] syz.1.1157: attempt to access beyond end of device
[  196.284312][ T9210] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  196.404950][ T9213] loop4: detected capacity change from 0 to 1024
[  196.430640][ T9215] loop1: detected capacity change from 0 to 512
[  196.436229][ T9215] EXT4-fs: Conflicting test_dummy_encryption options
[  196.565875][   T35] hfsplus: b-tree write err: -5, ino 3
[  196.574515][ T6776] hfsplus: node 4:3 still has 3 user(s)!
[  197.106474][ T9233] ptrace attach of "/syz-executor exec"[9234] was attempted by "/syz-executor exec"[9233]
[  197.691335][ T9231] loop1: detected capacity change from 0 to 32768
[  197.708886][ T9231] bcachefs (/dev/loop1): error validating superblock: Invalid option btree_node_size: must be a power of two
[  197.713243][ T9231] bcachefs: bch2_fs_get_tree() error: opt_parse_error
[  197.721112][ T9229] loop4: detected capacity change from 0 to 32768
[  197.739023][ T9229] XFS: noikeep mount option is deprecated.
[  197.826746][ T9229] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.907644][ T9229] XFS (loop4): Ending clean mount
[  197.922062][ T9229] XFS (loop4): Quotacheck needed: Please wait.
[  197.956630][ T9229] XFS (loop4): Quotacheck: Done.
[  197.993007][ T9236] loop2: detected capacity change from 0 to 32768
[  197.999092][ T6776] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  198.015120][ T9236] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1169 (9236)
[  198.101576][ T9236] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  198.105780][ T9236] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  198.109202][ T9236] BTRFS info (device loop2): using free-space-tree
[  198.699827][ T9236] BTRFS info (device loop2): rebuilding free space tree
[  198.737536][ T9266] loop4: detected capacity change from 0 to 2048
[  198.761883][ T9266] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  198.812660][ T9266] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.909084][ T5844] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  199.368912][ T9281] loop4: detected capacity change from 0 to 512
[  199.377374][ T9281] EXT4-fs (loop4): unsupported inode size: 269
[  199.379685][ T9281] EXT4-fs (loop4): blocksize: 1024
[  199.593885][ T9293] dlm: non-version read from control device 36
[  199.595463][ T9291] input: syz1 as /devices/virtual/input/input11
[  199.752919][ T9299] netlink: 'syz.4.1185': attribute type 2 has an invalid length.
[  199.757462][ T9299] netlink: 'syz.4.1185': attribute type 8 has an invalid length.
[  199.761266][ T9299] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1185'.
[  200.334235][ T9307] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  200.517881][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1195'.
[  200.552931][ T9323] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1196'.
[  200.563047][ T9323] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1196'.
[  200.829698][ T9335] loop4: detected capacity change from 0 to 2048
[  200.871867][ T9335] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  201.357827][ T9337] loop2: detected capacity change from 0 to 32768
[  201.363018][ T9337] (syz.2.1203,9337,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  201.377205][ T9337] (syz.2.1203,9337,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  201.434898][ T9337] (syz.2.1203,9337,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  201.449805][ T9337] JBD2: Ignoring recovery information on journal
[  201.514929][ T9337] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  201.589435][ T9337] (syz.2.1203,9337,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x4e60244d, computed 0x8b393e9b. Applying ECC.
[  201.603799][ T9337] (syz.2.1203,9337,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x4e60244d, computed 0x9b4be5b3
[  201.608784][ T9337] (syz.2.1203,9337,0):ocfs2_trim_mainbm:7630 ERROR: status = -5
[  201.659759][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  201.686165][ T9355] loop1: detected capacity change from 0 to 256
[  201.731909][ T9355] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  202.181097][ T9359] loop1: detected capacity change from 0 to 40427
[  202.257051][ T9359] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  202.264224][ T9359] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  202.304158][ T5852] syz-executor: attempt to access beyond end of device
[  202.304158][ T5852] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  202.309563][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  202.309583][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  202.309593][ T5852] Call Trace:
[  202.309598][ T5852]  <TASK>
[  202.309605][ T5852]  dump_stack_lvl+0x189/0x250
[  202.309630][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.309646][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  202.309660][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  202.309679][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  202.309707][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  202.309733][ T5852]  f2fs_write_end_io+0x886/0xb60
[  202.309765][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  202.309790][ T5852]  __submit_merged_write_cond+0x255/0x530
[  202.309816][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  202.309869][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.309942][ T5852]  ? unwind_next_frame+0xa5/0x2390
[  202.309956][ T5852]  ? rcu_is_watching+0x15/0xb0
[  202.309968][ T5852]  ? __kasan_check_byte+0x12/0x40
[  202.310023][ T5852]  ? __lock_acquire+0xab9/0xd20
[  202.310052][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  202.310079][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.310096][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.310117][ T5852]  do_writepages+0x32e/0x550
[  202.310146][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.310166][ T5852]  filemap_fdatawrite+0x199/0x240
[  202.310185][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  202.310201][ T5852]  ? __pfx_SOFTIRQ_verbose+0x10/0x10
[  202.310259][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.310280][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  202.310308][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  202.310345][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  202.310409][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  202.310429][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  202.310448][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  202.310460][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  202.310485][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  202.310503][ T5852]  deactivate_locked_super+0xbc/0x130
[  202.310522][ T5852]  cleanup_mnt+0x425/0x4c0
[  202.310538][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.310558][ T5852]  task_work_run+0x1d4/0x260
[  202.310580][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  202.310595][ T5852]  ? __x64_sys_umount+0x122/0x160
[  202.310619][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  202.310641][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  202.310660][ T5852]  do_syscall_64+0x2bd/0x3b0
[  202.310678][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.310695][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.310708][ T5852]  ? exc_page_fault+0x9f/0xf0
[  202.310728][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.310741][ T5852] RIP: 0033:0x7fe09ed8ff17
[  202.310755][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  202.310766][ T5852] RSP: 002b:00007fff1a2a2348 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  202.310781][ T5852] RAX: 0000000000000000 RBX: 00007fe09ee11c05 RCX: 00007fe09ed8ff17
[  202.310790][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1a2a2400
[  202.310799][ T5852] RBP: 00007fff1a2a2400 R08: 0000000000000000 R09: 0000000000000000
[  202.310806][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1a2a3490
[  202.310815][ T5852] R13: 00007fe09ee11c05 R14: 00000000000315b7 R15: 00007fff1a2a34d0
[  202.310841][ T5852]  </TASK>
[  202.310848][ T5852] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  202.459540][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  202.459562][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  202.459571][ T5852] Call Trace:
[  202.459577][ T5852]  <TASK>
[  202.459583][ T5852]  dump_stack_lvl+0x189/0x250
[  202.459608][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.459626][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  202.459639][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  202.459657][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  202.459685][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  202.459711][ T5852]  f2fs_write_end_io+0x886/0xb60
[  202.459742][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  202.459767][ T5852]  __submit_merged_write_cond+0x255/0x530
[  202.459794][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  202.459846][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.459918][ T5852]  ? unwind_next_frame+0xa5/0x2390
[  202.459932][ T5852]  ? rcu_is_watching+0x15/0xb0
[  202.459944][ T5852]  ? __kasan_check_byte+0x12/0x40
[  202.459975][ T5852]  ? __lock_acquire+0xab9/0xd20
[  202.460033][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  202.460061][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.460078][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.460100][ T5852]  do_writepages+0x32e/0x550
[  202.460128][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.460149][ T5852]  filemap_fdatawrite+0x199/0x240
[  202.460168][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  202.460185][ T5852]  ? __pfx_SOFTIRQ_verbose+0x10/0x10
[  202.460243][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  202.460264][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  202.460293][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  202.460330][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  202.460394][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  202.460414][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  202.460434][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  202.460446][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  202.460471][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  202.460489][ T5852]  deactivate_locked_super+0xbc/0x130
[  202.460509][ T5852]  cleanup_mnt+0x425/0x4c0
[  202.460524][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.460545][ T5852]  task_work_run+0x1d4/0x260
[  202.460567][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  202.460583][ T5852]  ? __x64_sys_umount+0x122/0x160
[  202.460605][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  202.460629][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  202.460649][ T5852]  do_syscall_64+0x2bd/0x3b0
[  202.460666][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.460683][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.460696][ T5852]  ? exc_page_fault+0x9f/0xf0
[  202.460716][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.460730][ T5852] RIP: 0033:0x7fe09ed8ff17
[  202.460744][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  202.460755][ T5852] RSP: 002b:00007fff1a2a2348 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  202.460769][ T5852] RAX: 0000000000000000 RBX: 00007fe09ee11c05 RCX: 00007fe09ed8ff17
[  202.460779][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1a2a2400
[  202.460787][ T5852] RBP: 00007fff1a2a2400 R08: 0000000000000000 R09: 0000000000000000
[  202.460795][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1a2a3490
[  202.460804][ T5852] R13: 00007fe09ee11c05 R14: 00000000000315b7 R15: 00007fff1a2a34d0
[  202.460831][ T5852]  </TASK>
[  202.460837][ T5852] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  202.593501][ T5909] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  202.763572][ T5909] usb 5-1: Using ep0 maxpacket: 8
[  202.768823][ T5909] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  202.772992][ T5909] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  202.797652][ T5909] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  202.801371][ T5909] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  202.825501][ T5909] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  202.828925][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.071226][ T5909] usb 5-1: GET_CAPABILITIES returned 0
[  203.073348][ T5909] usbtmc 5-1:16.0: can't read capabilities
[  203.141556][ T9385] netem: incorrect ge model size
[  203.150727][ T9385] netem: change failed
[  203.255635][ T9387] loop1: detected capacity change from 0 to 4096
[  203.265142][ T9387] ntfs3: Bad value for 'uid'
[  203.266954][ T9387] ntfs3: Bad value for 'uid'
[  203.316973][ T5909] usb 5-1: USB disconnect, device number 16
[  203.581184][ T9401] loop2: detected capacity change from 0 to 512
[  203.611818][ T9401] EXT4-fs warning (device loop2): dx_probe:801: inode #2: comm syz.2.1229: Unrecognised inode hash code 255
[  203.617839][ T9401] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1229: Corrupt directory, running e2fsck is recommended
[  203.628943][ T9401] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  203.632270][ T9401] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.1229: corrupted in-inode xattr: invalid ea_ino
[  203.639720][ T9401] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1229: couldn't read orphan inode 15 (err -117)
[  203.644833][   T47] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  203.650922][ T9401] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.669149][ T9401] EXT4-fs (loop2): shut down requested (1)
[  203.784568][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.812354][   T47] usb 2-1: Using ep0 maxpacket: 32
[  203.820352][   T47] usb 2-1: config 0 has an invalid interface number: 169 but max is 0
[  203.822944][   T47] usb 2-1: config 0 has no interface number 0
[  203.838447][   T47] usb 2-1: config 0 interface 169 has no altsetting 0
[  203.844934][   T47] usb 2-1: New USB device found, idVendor=0499, idProduct=500c, bcdDevice=33.49
[  203.851397][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.858095][   T47] usb 2-1: Product: syz
[  203.859844][   T47] usb 2-1: Manufacturer: syz
[  203.863942][   T47] usb 2-1: SerialNumber: syz
[  203.884401][   T47] usb 2-1: config 0 descriptor??
[  203.889940][   T47] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  203.930353][   T47] snd-usb-audio 2-1:0.169: probe with driver snd-usb-audio failed with error -2
[  203.969785][ T5963] udevd[5963]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.169/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  203.997484][ T9407] loop4: detected capacity change from 0 to 4096
[  204.015819][ T9407] NILFS (loop4): invalid segment: Checksum error in segment payload
[  204.018959][ T9407] NILFS (loop4): trying rollback from an earlier position
[  204.037582][ T9407] NILFS (loop4): recovery complete
[  204.040848][ T9410] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  204.083615][   T33] audit: type=1800 audit(1755521769.400:88): pid=9407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1231" name="file2" dev="loop4" ino=12 res=0 errno=0
[  204.124191][   T47] usb 2-1: USB disconnect, device number 19
[  204.516894][ T9424] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1239'.
[  204.837023][ T9440] loop1: detected capacity change from 0 to 8192
[  206.058413][ T9467] loop4: detected capacity change from 0 to 256
[  206.138969][ T9467] FAT-fs (loop4): Directory bread(block 64) failed
[  206.141638][ T9467] FAT-fs (loop4): Directory bread(block 65) failed
[  206.153673][ T9467] FAT-fs (loop4): Directory bread(block 66) failed
[  206.156305][ T9467] FAT-fs (loop4): Directory bread(block 67) failed
[  206.158885][ T9467] FAT-fs (loop4): Directory bread(block 68) failed
[  206.161409][ T9467] FAT-fs (loop4): Directory bread(block 69) failed
[  206.168217][ T9467] FAT-fs (loop4): Directory bread(block 70) failed
[  206.170667][ T9467] FAT-fs (loop4): Directory bread(block 71) failed
[  206.173310][ T9467] FAT-fs (loop4): Directory bread(block 72) failed
[  206.176106][ T9467] FAT-fs (loop4): Directory bread(block 73) failed
[  207.721460][ T9482] netlink: 'syz.1.1263': attribute type 9 has an invalid length.
[  207.727418][ T9482] netlink: 'syz.1.1263': attribute type 9 has an invalid length.
[  208.028043][ T9492] netlink: 'syz.1.1267': attribute type 13 has an invalid length.
[  208.108758][ T9492] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.538352][ T9509] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1274'.
[  208.549610][ T9509] netlink: 'syz.1.1274': attribute type 1 has an invalid length.
[  208.552693][ T9509] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1274'.
[  208.726640][ T9514] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1275'.
[  209.236739][ T9530] loop4: detected capacity change from 0 to 8
[  209.244312][ T9530] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  209.287711][ T9530] cramfs: Error -3 while decompressing!
[  209.292153][ T9530] cramfs: ffffffff99beb642(26)->ffff88801264f000(4096)
[  209.305617][ T9530] cramfs: Error -3 while decompressing!
[  209.307301][ T9530] cramfs: ffffffff99beb65c(16)->ffff88802dc85000(4096)
[  209.309414][ T9530] cramfs: Error -3 while decompressing!
[  209.311151][ T9530] cramfs: ffffffff99beb642(26)->ffff88801264f000(4096)
[  209.324094][   T33] audit: type=1800 audit(1755521774.650:89): pid=9530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1283" name="file2" dev="loop4" ino=348 res=0 errno=0
[  209.571280][ T9532] loop1: detected capacity change from 0 to 32768
[  209.589641][ T9532] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1284 (9532)
[  209.611650][ T9532] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  209.633614][ T9532] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  209.638959][ T9532] BTRFS info (device loop1): using free-space-tree
[  209.858260][ T5852] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  210.309729][ T9568] netlink: 180 bytes leftover after parsing attributes in process `syz.4.1294'.
[  210.562553][ T9570] batadv0: entered promiscuous mode
[  210.565068][ T9570] macvtap1: entered promiscuous mode
[  210.573630][ T9570] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  210.651723][ T9570] batadv0: left promiscuous mode
[  210.889880][ T9576] netlink: 'syz.4.1297': attribute type 12 has an invalid length.
[  211.222759][ T9583] loop4: detected capacity change from 0 to 40427
[  211.231281][ T9583] F2FS-fs: heap/no_heap options were deprecated
[  211.250652][ T9583] F2FS-fs (loop4): Image doesn't support compression
[  211.252829][ T9583] F2FS-fs (loop4): build fault injection rate: 690
[  211.268795][ T9583] F2FS-fs (loop4): invalid crc value
[  211.349587][ T9583] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  211.353050][ T9583] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  211.384844][ T6776] syz-executor: attempt to access beyond end of device
[  211.384844][ T6776] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  211.389617][ T6776] CPU: 0 UID: 0 PID: 6776 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  211.389637][ T6776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  211.389646][ T6776] Call Trace:
[  211.389652][ T6776]  <TASK>
[  211.389659][ T6776]  dump_stack_lvl+0x189/0x250
[  211.389684][ T6776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.389700][ T6776]  ? __pfx_queue_work_on+0x10/0x10
[  211.389714][ T6776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  211.389732][ T6776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  211.389760][ T6776]  f2fs_handle_critical_error+0x37c/0x540
[  211.389786][ T6776]  f2fs_write_end_io+0x886/0xb60
[  211.389818][ T6776]  __submit_merged_bio+0x27a/0x6a0
[  211.389843][ T6776]  __submit_merged_write_cond+0x255/0x530
[  211.389868][ T6776]  f2fs_write_data_pages+0x261d/0x3000
[  211.389921][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  211.389994][ T6776]  ? folios_put_refs+0x559/0x640
[  211.390024][ T6776]  ? __lock_acquire+0xab9/0xd20
[  211.390052][ T6776]  ? do_raw_spin_lock+0x121/0x290
[  211.390079][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  211.390096][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  211.390117][ T6776]  do_writepages+0x32e/0x550
[  211.390147][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  211.390168][ T6776]  filemap_fdatawrite+0x199/0x240
[  211.390188][ T6776]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  211.390250][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  211.390272][ T6776]  f2fs_sync_dirty_inodes+0x31f/0x830
[  211.390300][ T6776]  f2fs_write_checkpoint+0x95a/0x1df0
[  211.390361][ T6776]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  211.390423][ T6776]  ? kill_f2fs_super+0x298/0x6c0
[  211.390448][ T6776]  kill_f2fs_super+0x2c3/0x6c0
[  211.390469][ T6776]  ? __pfx_kill_f2fs_super+0x10/0x10
[  211.390480][ T6776]  ? radix_tree_delete_item+0x2b6/0x400
[  211.390506][ T6776]  ? shrinker_free+0x2ce/0x3e0
[  211.390524][ T6776]  deactivate_locked_super+0xbc/0x130
[  211.390544][ T6776]  cleanup_mnt+0x425/0x4c0
[  211.390560][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.390581][ T6776]  task_work_run+0x1d4/0x260
[  211.390602][ T6776]  ? __pfx_task_work_run+0x10/0x10
[  211.390618][ T6776]  ? __x64_sys_umount+0x122/0x160
[  211.390641][ T6776]  ? exit_to_user_mode_loop+0x40/0x110
[  211.390665][ T6776]  exit_to_user_mode_loop+0xec/0x110
[  211.390684][ T6776]  do_syscall_64+0x2bd/0x3b0
[  211.390701][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.390719][ T6776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.390732][ T6776]  ? exc_page_fault+0x9f/0xf0
[  211.390751][ T6776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.390764][ T6776] RIP: 0033:0x7fceba58ff17
[  211.390778][ T6776] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  211.390789][ T6776] RSP: 002b:00007ffdf99c0748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  211.390804][ T6776] RAX: 0000000000000000 RBX: 00007fceba611c05 RCX: 00007fceba58ff17
[  211.390813][ T6776] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf99c0800
[  211.390821][ T6776] RBP: 00007ffdf99c0800 R08: 0000000000000000 R09: 0000000000000000
[  211.390830][ T6776] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf99c1890
[  211.390839][ T6776] R13: 00007fceba611c05 R14: 0000000000033936 R15: 00007ffdf99c18d0
[  211.390866][ T6776]  </TASK>
[  211.390872][ T6776] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  212.450409][ T9624] pimreg: entered allmulticast mode
[  212.913644][ T2266] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  213.073605][ T2266] usb 2-1: Using ep0 maxpacket: 8
[  213.113813][ T2266] usb 2-1: New USB device found, idVendor=0471, idProduct=0311, bcdDevice=81.d5
[  213.116584][ T2266] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.119391][ T2266] usb 2-1: Product: syz
[  213.128517][ T2266] usb 2-1: Manufacturer: syz
[  213.130327][ T2266] usb 2-1: SerialNumber: syz
[  213.249848][ T2266] usb 2-1: config 0 descriptor??
[  213.260620][ T2266] pwc: Philips PCVC740K (ToUCam Pro)/PCVC840 (ToUCam II) USB webcam detected.
[  213.568482][ T2266] pwc: Failed to set LED on/off time (-71)
[  213.578112][ T2266] pwc: send_video_command error -71
[  213.582074][ T2266] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  213.590938][ T2266] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  213.598304][ T2266] usb 2-1: USB disconnect, device number 20
[  214.055421][ T9662] loop4: detected capacity change from 0 to 128
[  214.097263][ T9662] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  214.106898][ T9662] ext4 filesystem being mounted at /323/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  214.149443][ T6776] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  214.265880][ T9672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  214.277658][ T9672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  214.934434][ T9688] loop1: detected capacity change from 0 to 256
[  214.938220][ T9688] exfat: Deprecated parameter 'utf8'
[  214.940409][ T9688] exfat: Deprecated parameter 'utf8'
[  214.942656][ T9688] exfat: Deprecated parameter 'utf8'
[  214.958421][ T9688] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  215.417339][ T9702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1353'.
[  215.420299][ T9702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1353'.
[  215.469963][ T9704] loop1: detected capacity change from 0 to 512
[  215.479762][ T9704] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  215.488543][ T9704] UDF-fs: Scanning with blocksize 512 failed
[  215.492700][ T9704] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  215.496670][ T9704] UDF-fs: Scanning with blocksize 1024 failed
[  215.499623][ T9704] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  215.507562][ T9704] UDF-fs: Scanning with blocksize 2048 failed
[  215.510564][ T9704] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  215.517311][ T9704] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  215.530804][ T9704] [syz.1.1354/9704] FS: loop1 File: /blkio.bfq.io_service_bytes would truncate fibmap result
[  215.579604][ T9706] netlink: 'syz.1.1355': attribute type 1 has an invalid length.
[  215.634296][ T9706] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.647825][ T9708] bond2: (slave gretap2): making interface the new active one
[  215.651051][ T9708] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  217.119535][ T9723] loop4: detected capacity change from 0 to 2048
[  217.145333][ T9724] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  217.893565][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  218.043606][    T9] usb 2-1: Using ep0 maxpacket: 8
[  218.047797][    T9] usb 2-1: config 162 has an invalid interface number: 197 but max is 1
[  218.050926][    T9] usb 2-1: config 162 has an invalid interface number: 143 but max is 1
[  218.053903][    T9] usb 2-1: config 162 has no interface number 0
[  218.056218][    T9] usb 2-1: config 162 has no interface number 1
[  218.063167][    T9] usb 2-1: config 162 interface 197 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  218.075370][    T9] usb 2-1: config 162 interface 143 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  218.078675][ T9724] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  218.079308][    T9] usb 2-1: config 162 interface 143 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  218.079323][    T9] usb 2-1: config 162 interface 143 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  218.079335][    T9] usb 2-1: config 162 interface 143 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  218.085183][ T9724] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4)
[  218.100662][    T9] usb 2-1: config 162 interface 143 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  218.108088][ T9724] Remounting filesystem read-only
[  218.112189][    T9] usb 2-1: config 162 interface 197 has no altsetting 0
[  218.116017][ T6776] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  218.122289][    T9] usb 2-1: config 162 interface 143 has no altsetting 0
[  218.127006][    T9] usb 2-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=95.a7
[  218.130027][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.143122][    T9] usb 2-1: Product: syz
[  218.145787][    T9] usb 2-1: Manufacturer: syz
[  218.147407][    T9] usb 2-1: SerialNumber: syz
[  218.439418][   T54] Bluetooth: hci4: HCI Read Local Supported Commands not supported
[  218.448564][   T54] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[  218.450819][    T9] usb 2-1: USB disconnect, device number 21
[  219.385682][ T9742] bridge0: entered promiscuous mode
[  219.390785][ T9742] bridge0: port 3(macvlan2) entered blocking state
[  219.403903][ T9742] bridge0: port 3(macvlan2) entered disabled state
[  219.406199][ T9742] macvlan2: entered allmulticast mode
[  219.407832][ T9742] bridge0: entered allmulticast mode
[  219.414375][ T9742] macvlan2: left allmulticast mode
[  219.415943][ T9742] bridge0: left allmulticast mode
[  219.418294][ T9742] bridge0: left promiscuous mode
[  219.587051][ T9740] loop4: detected capacity change from 0 to 32768
[  219.613316][ T9740] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1367 (9740)
[  219.630391][ T9740] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  219.637560][ T9740] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  219.643181][ T9740] BTRFS info (device loop4): using free-space-tree
[  219.823284][ T6776] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  220.161266][ T9772] loop4: detected capacity change from 0 to 4096
[  220.232725][ T9777] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  220.274428][ T9772] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  220.289852][ T9772] Remounting filesystem read-only
[  220.336713][ T6776] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  220.892149][ T9789] loop4: detected capacity change from 0 to 32768
[  220.897141][ T9789] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1381 (9789)
[  220.912411][ T9789] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  220.922628][ T9789] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  220.929875][ T9789] BTRFS info (device loop4): using free-space-tree
[  221.084631][ T9789] BTRFS info (device loop4): rebuilding free space tree
[  221.292399][ T6776] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.783946][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  221.789245][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  221.792155][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  221.795843][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  221.798975][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  221.816808][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  221.819743][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  221.822114][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  221.825740][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  221.828481][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  222.074345][ T5909] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  222.172427][ T9831] chnl_net:caif_netlink_parms(): no params data found
[  222.224813][ T5909] usb 2-1: Using ep0 maxpacket: 16
[  222.228661][ T5909] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.232355][ T5909] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.249172][ T5909] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  222.261263][ T5909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.279783][ T5909] usb 2-1: config 0 descriptor??
[  222.384687][ T9831] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.387066][ T9831] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.389749][ T9831] bridge_slave_0: entered allmulticast mode
[  222.394825][ T9831] bridge_slave_0: entered promiscuous mode
[  222.401862][ T9831] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.413717][ T9831] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.417778][ T9831] bridge_slave_1: entered allmulticast mode
[  222.424285][ T9831] bridge_slave_1: entered promiscuous mode
[  222.509186][ T9831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.517960][ T9850] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1401'.
[  222.521543][ T9850] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  222.526306][ T9831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.604269][ T9831] team0: Port device team_slave_0 added
[  222.609948][ T9831] team0: Port device team_slave_1 added
[  222.668017][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.695694][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.707830][ T5909] corsair 0003:1B1C:1B02.000B: unknown main item tag 0x0
[  222.710108][ T5909] corsair 0003:1B1C:1B02.000B: unknown main item tag 0x0
[  222.716358][ T9831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.718116][ T5909] corsair 0003:1B1C:1B02.000B: unknown main item tag 0x0
[  222.722356][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.722620][ T5909] corsair 0003:1B1C:1B02.000B: unknown main item tag 0x0
[  222.726045][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.741056][ T9831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.743767][ T5909] corsair 0003:1B1C:1B02.000B: unknown main item tag 0x0
[  222.761862][ T5909] corsair 0003:1B1C:1B02.000B: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.1-1/input0
[  222.847153][ T9831] hsr_slave_0: entered promiscuous mode
[  222.850660][ T9831] hsr_slave_1: entered promiscuous mode
[  222.866340][ T9831] debugfs: 'hsr0' already exists in 'hsr'
[  222.868680][ T9831] Cannot create hsr debugfs directory
[  223.118155][ T5909] usb 2-1: USB disconnect, device number 22
[  223.256006][ T9861] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1405'.
[  223.528889][ T9831] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  223.539689][ T9831] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  223.546582][ T9831] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  223.553074][ T9831] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  223.671430][ T9831] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.691296][ T9831] 8021q: adding VLAN 0 to HW filter on device team0
[  223.711856][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.714225][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.737755][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.740073][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.915127][   T54] Bluetooth: hci4: command tx timeout
[  224.115830][ T9831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.356228][ T9831] veth0_vlan: entered promiscuous mode
[  224.361507][ T9831] veth1_vlan: entered promiscuous mode
[  224.397565][ T9831] veth0_macvtap: entered promiscuous mode
[  224.403266][ T9831] veth1_macvtap: entered promiscuous mode
[  224.435781][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.458264][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.476518][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.482386][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.518872][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.532057][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  224.570545][ T9886] loop4: detected capacity change from 0 to 32768
[  224.676290][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.688272][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.741879][ T9886] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  224.741905][ T9886]   allowing incompatible features above 0.0: (unknown version)
[  224.741916][ T9886]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  224.745681][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.764634][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.793823][ T9886] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  224.797111][ T9886] bcachefs (loop4): initializing new filesystem
[  224.819817][ T9897] loop1: detected capacity change from 0 to 32768
[  224.830345][ T9886] bcachefs (loop4): going read-write
[  224.846900][ T9897] ea_get: invalid extended attribute
[  224.872636][ T9886] bcachefs (loop4): marking superblocks
[  224.918064][ T9886] bcachefs (loop4): initializing freespace
[  224.933344][ T9886] bcachefs (loop4): done initializing freespace
[  224.947635][ T9886] bcachefs (loop4): reading snapshots table
[  224.949987][ T9886] bcachefs (loop4): reading snapshots done
[  224.977943][ T9886] bcachefs (loop4): done starting filesystem
[  225.033542][   T33] audit: type=1800 audit(1755521790.350:90): pid=9886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1411" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  225.172009][ T9918] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1416'.
[  225.351431][   T33] audit: type=1800 audit(1755521790.670:91): pid=9913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1411" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  225.523721][ T6776] bcachefs (loop4): shutting down
[  225.525756][ T6776] bcachefs (loop4): going read-only
[  225.541444][ T6776] bcachefs (loop4): finished waiting for writes to stop
[  225.557042][ T6776] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  225.845022][ T6776] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  225.874976][ T6776] bcachefs (loop4): clean shutdown complete, journal seq 4
[  225.900396][ T6776] bcachefs (loop4): marking filesystem clean
[  226.003688][   T54] Bluetooth: hci4: command tx timeout
[  226.089858][ T6776] bcachefs (loop4): shutdown complete
[  226.778539][ T9929] loop5: detected capacity change from 0 to 32768
[  226.847002][ T9929] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  226.866640][ T9929] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50.
[  226.905396][ T9929] XFS (loop5): Tail block (0x29) overwrite detected. Updated to 0x30
[  226.918051][ T9929] XFS (loop5): Ending clean mount
[  226.983739][ T9929] XFS (loop5): Metadata corruption detected at xfs_dinode_verify+0x1a6/0x1570, inode 0x1803 dinode
[  226.988227][ T9929] XFS (loop5): Unmount and run xfs_repair
[  226.990486][ T9929] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  226.993333][ T9929] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  227.001329][ T9929] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.004548][ T9929] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  227.023624][ T9929] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  227.027066][ T9929] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  227.030547][ T9929] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  227.053976][ T9929] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  227.063696][ T9929] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  227.151746][ T9831] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  228.042906][ T9962] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1427'.
[  228.073724][   T54] Bluetooth: hci4: command tx timeout
[  228.586056][ T9958] loop4: detected capacity change from 0 to 40427
[  228.604072][ T9958] F2FS-fs (loop4): build fault injection rate: 25
[  228.610437][ T9958] F2FS-fs (loop4): build fault injection type: 0x7698c
[  228.631674][ T9958] F2FS-fs (loop4): invalid crc value
[  228.648864][ T9958] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  228.660075][ T9958] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  228.742137][ T9976] loop1: detected capacity change from 0 to 128
[  228.796287][ T9958] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.815444][ T9976] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  228.825300][ T9958] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  228.832821][ T9976] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  228.875444][ T9958] F2FS-fs (loop4): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  228.909364][ T9958] F2FS-fs (loop4): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x18b/0xa40
[  229.009712][ T6776] syz-executor: attempt to access beyond end of device
[  229.009712][ T6776] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  229.038382][ T6776] CPU: 0 UID: 0 PID: 6776 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  229.038403][ T6776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  229.038410][ T6776] Call Trace:
[  229.038416][ T6776]  <TASK>
[  229.038422][ T6776]  dump_stack_lvl+0x189/0x250
[  229.038444][ T6776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.038462][ T6776]  ? __pfx_queue_work_on+0x10/0x10
[  229.038474][ T6776]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  229.038493][ T6776]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  229.038519][ T6776]  f2fs_handle_critical_error+0x37c/0x540
[  229.038544][ T6776]  f2fs_write_end_io+0x886/0xb60
[  229.038575][ T6776]  __submit_merged_bio+0x27a/0x6a0
[  229.038600][ T6776]  __submit_merged_write_cond+0x255/0x530
[  229.038625][ T6776]  f2fs_write_data_pages+0x261d/0x3000
[  229.038674][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.038745][ T6776]  ? folios_put_refs+0x559/0x640
[  229.038773][ T6776]  ? __lock_acquire+0xab9/0xd20
[  229.038800][ T6776]  ? do_raw_spin_lock+0x121/0x290
[  229.038827][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  229.038844][ T6776]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.038864][ T6776]  do_writepages+0x32e/0x550
[  229.038893][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  229.038914][ T6776]  filemap_fdatawrite+0x199/0x240
[  229.038933][ T6776]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  229.039019][ T6776]  ? do_raw_spin_unlock+0x4d/0x240
[  229.039041][ T6776]  f2fs_sync_dirty_inodes+0x31f/0x830
[  229.039068][ T6776]  f2fs_write_checkpoint+0x95a/0x1df0
[  229.039105][ T6776]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  229.039169][ T6776]  ? kill_f2fs_super+0x298/0x6c0
[  229.039189][ T6776]  kill_f2fs_super+0x2c3/0x6c0
[  229.039209][ T6776]  ? __pfx_kill_f2fs_super+0x10/0x10
[  229.039220][ T6776]  ? radix_tree_delete_item+0x2b6/0x400
[  229.039244][ T6776]  ? shrinker_free+0x2ce/0x3e0
[  229.039263][ T6776]  deactivate_locked_super+0xbc/0x130
[  229.039282][ T6776]  cleanup_mnt+0x425/0x4c0
[  229.039297][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.039318][ T6776]  task_work_run+0x1d4/0x260
[  229.039340][ T6776]  ? __pfx_task_work_run+0x10/0x10
[  229.039355][ T6776]  ? __x64_sys_umount+0x122/0x160
[  229.039377][ T6776]  ? exit_to_user_mode_loop+0x40/0x110
[  229.039402][ T6776]  exit_to_user_mode_loop+0xec/0x110
[  229.039421][ T6776]  do_syscall_64+0x2bd/0x3b0
[  229.039439][ T6776]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.039455][ T6776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.039467][ T6776]  ? exc_page_fault+0x9f/0xf0
[  229.039485][ T6776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.039496][ T6776] RIP: 0033:0x7fceba58ff17
[  229.039511][ T6776] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  229.039522][ T6776] RSP: 002b:00007ffdf99c0748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  229.039538][ T6776] RAX: 0000000000000000 RBX: 00007fceba611c05 RCX: 00007fceba58ff17
[  229.039547][ T6776] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf99c0800
[  229.039555][ T6776] RBP: 00007ffdf99c0800 R08: 0000000000000000 R09: 0000000000000000
[  229.039562][ T6776] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf99c1890
[  229.039570][ T6776] R13: 00007fceba611c05 R14: 0000000000037dda R15: 00007ffdf99c18d0
[  229.039593][ T6776]  </TASK>
[  229.039600][ T6776] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  229.397361][ T9997] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1446'.
[  229.723586][ T5896] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  229.875333][ T5896] usb 6-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[  229.879665][ T5896] usb 6-1: config 48 interface 0 altsetting 98 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  229.893576][ T5896] usb 6-1: config 48 interface 0 altsetting 98 endpoint 0x4 has invalid wMaxPacketSize 0
[  229.903573][ T5896] usb 6-1: config 48 interface 0 altsetting 98 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  229.923681][ T5896] usb 6-1: config 48 interface 0 altsetting 98 endpoint 0x8 has invalid wMaxPacketSize 0
[  229.927867][ T5896] usb 6-1: config 48 interface 0 altsetting 98 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  229.933024][ T5896] usb 6-1: config 48 interface 0 has no altsetting 0
[  229.946409][ T5896] usb 6-1: New USB device found, idVendor=1784, idProduct=0006, bcdDevice=bb.2f
[  229.950178][ T5896] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.953393][ T5896] usb 6-1: Product: syz
[  229.960229][ T5896] usb 6-1: Manufacturer: syz
[  229.962129][ T5896] usb 6-1: SerialNumber: syz
[  229.973095][T10011] loop1: detected capacity change from 0 to 512
[  229.989595][T10011] EXT4-fs: Ignoring removed oldalloc option
[  230.009500][T10011] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  230.018768][T10011] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  230.030518][T10011] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a856c01c, mo2=0102]
[  230.040512][T10011] System zones: 0-2, 18-18, 34-34
[  230.048119][T10011] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1452: iget: bad i_size value: 360287970189639680
[  230.057180][T10011] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1452: couldn't read orphan inode 15 (err -117)
[  230.063773][T10011] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.153623][   T54] Bluetooth: hci4: command tx timeout
[  230.197244][ T5896] usb 6-1: USB disconnect, device number 2
[  230.599699][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.861397][T10023] loop5: detected capacity change from 0 to 8192
[  230.917917][ T5963] Dev loop5 Sun disklabel: Csum bad, label corrupted
[  230.936951][T10023] Dev loop5 Sun disklabel: Csum bad, label corrupted
[  230.955601][T10029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1459'.
[  231.155735][T10035] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1460'.
[  231.331164][T10041] loop5: detected capacity change from 0 to 1764
[  255.357734][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.360321][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  316.797463][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  316.799831][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  354.717983][ T5845] Bluetooth: hci4: command 0x0406 tx timeout
[  363.513815][   T34] INFO: task syz.2.1259:9471 blocked for more than 143 seconds.
[  363.517055][   T34]       Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0
[  363.520651][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  363.531663][   T34] task:syz.2.1259      state:D stack:24936 pid:9471  tgid:9468  ppid:5844   task_flags:0x400140 flags:0x00004004
[  363.538448][   T34] Call Trace:
[  363.539718][   T34]  <TASK>
[  363.540852][   T34]  __schedule+0x1798/0x4cc0
[  363.542548][   T34]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  363.548030][   T34]  ? __lock_acquire+0xab9/0xd20
[  363.549889][   T34]  ? __pfx___schedule+0x10/0x10
[  363.551736][   T34]  ? schedule+0x91/0x360
[  363.553341][   T34]  schedule+0x165/0x360
[  363.555437][   T34]  schedule_preempt_disabled+0x13/0x30
[  363.557502][   T34]  rwsem_down_read_slowpath+0x5fd/0x8f0
[  363.559524][   T34]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[  363.561639][   T34]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  363.566990][   T34]  down_read+0x98/0x2e0
[  363.568553][   T34]  super_lock+0x2a9/0x3b0
[  363.570195][   T34]  ? __pfx_super_lock+0x10/0x10
[  363.572037][   T34]  ? do_raw_spin_lock+0x121/0x290
[  363.575564][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  363.577558][   T34]  __iterate_supers+0x126/0x290
[  363.579379][   T34]  ? __pfx_quota_sync_one+0x10/0x10
[  363.581352][   T34]  __se_sys_quotactl+0x353/0x950
[  363.583245][   T34]  ? __se_sys_futex+0x36f/0x400
[  363.587892][   T34]  ? __pfx___se_sys_quotactl+0x10/0x10
[  363.589950][   T34]  ? rcu_is_watching+0x15/0xb0
[  363.591749][   T34]  ? do_syscall_64+0xbe/0x3b0
[  363.596247][   T34]  do_syscall_64+0xfa/0x3b0
[  363.597999][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.600292][   T34]  ? asm_sysvec_call_function_single+0x1a/0x20
[  363.602639][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.610242][   T34] RIP: 0033:0x7f092c38ebe9
[  363.611973][   T34] RSP: 002b:00007f092d1d8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  363.615445][   T34] RAX: ffffffffffffffda RBX: 00007f092c5b6180 RCX: 00007f092c38ebe9
[  363.618406][   T34] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000100
[  363.621390][   T34] RBP: 00007f092c411e19 R08: 0000000000000000 R09: 0000000000000000
[  363.627067][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.630046][   T34] R13: 00007f092c5b6218 R14: 00007f092c5b6180 R15: 00007fffaff4bda8
[  363.633050][   T34]  </TASK>
[  363.634817][   T34] 
[  363.634817][   T34] Showing all locks held in the system:
[  363.637675][   T34] 1 lock held by khungtaskd/34:
[  363.639510][   T34]  #0: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  363.643187][   T34] 2 locks held by getty/5670:
[  363.649529][   T34]  #0: ffff8880293dc0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  363.653206][   T34]  #1: ffffc900029032f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  363.657297][   T34] 4 locks held by syz-executor/5848:
[  363.659370][   T34] 1 lock held by syz.2.1259/9471:
[  363.661320][   T34]  #0: ffff8881213200e0 (&type->s_umount_key#55){++++}-{4:4}, at: super_lock+0x2a9/0x3b0
[  363.667727][   T34] 
[  363.668692][   T34] =============================================
[  363.668692][   T34] 
[  363.671886][   T34] NMI backtrace for cpu 0
[  363.671898][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  363.671914][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.671927][   T34] Call Trace:
[  363.671934][   T34]  <TASK>
[  363.671940][   T34]  dump_stack_lvl+0x189/0x250
[  363.671963][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.671979][   T34]  ? __pfx__printk+0x10/0x10
[  363.672007][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  363.672025][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  363.672042][   T34]  ? __pfx__printk+0x10/0x10
[  363.672063][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  363.672085][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  363.672103][   T34]  watchdog+0xf93/0xfe0
[  363.672125][   T34]  ? watchdog+0x1de/0xfe0
[  363.672146][   T34]  kthread+0x711/0x8a0
[  363.672166][   T34]  ? __pfx_watchdog+0x10/0x10
[  363.672182][   T34]  ? __pfx_kthread+0x10/0x10
[  363.672199][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  363.672216][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.672232][   T34]  ? __pfx_kthread+0x10/0x10
[  363.672248][   T34]  ret_from_fork+0x3fc/0x770
[  363.672265][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  363.672283][   T34]  ? __switch_to_asm+0x39/0x70
[  363.672298][   T34]  ? __switch_to_asm+0x33/0x70
[  363.672313][   T34]  ? __pfx_kthread+0x10/0x10
[  363.672330][   T34]  ret_from_fork_asm+0x1a/0x30
[  363.672358][   T34]  </TASK>
[  363.672364][   T34] Sending NMI from CPU 0 to CPUs 1:
[  363.730339][    C1] NMI backtrace for cpu 1
[  363.730356][    C1] CPU: 1 UID: 0 PID: 28 Comm: kworker/u9:1 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  363.730373][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.730382][    C1] Workqueue: events_unbound toggle_allocation_gate
[  363.730406][    C1] RIP: 0010:rb_next+0x0/0xe0
[  363.730424][    C1] Code: 48 c1 e8 03 42 80 3c 38 00 74 e3 4c 89 f7 e8 e7 3a ae f6 eb d9 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 41 57 41 56 53 48 89 fb 49 bf 00 00 00 00 00 fc ff df
[  363.730435][    C1] RSP: 0018:ffffc9000061f5a8 EFLAGS: 00000046
[  363.730447][    C1] RAX: dffffc0000000000 RBX: ffff888110425850 RCX: 1ffff11003958301
[  363.730457][    C1] RDX: dffffc0000000000 RSI: ffff88810d161d40 RDI: ffff88810d161d50
[  363.730466][    C1] RBP: dffffc0000000000 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  363.730474][    C1] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: ffff888110425800
[  363.730483][    C1] R13: ffff88810d161d40 R14: ffff88810d161d50 R15: 1ffff11022084b0a
[  363.730491][    C1] FS:  0000000000000000(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  363.730502][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  363.730511][    C1] CR2: 000056040494de08 CR3: 000000000df36000 CR4: 00000000000006f0
[  363.730543][    C1] Call Trace:
[  363.730551][    C1]  <TASK>
[  363.730556][    C1]  __dequeue_entity+0x4e/0xc60
[  363.730582][    C1]  set_next_entity+0x100/0x690
[  363.730597][    C1]  pick_next_task_fair+0x83c/0xba0
[  363.730612][    C1]  __pick_next_task+0xe4/0x450
[  363.730628][    C1]  __schedule+0x7a4/0x4cc0
[  363.730646][    C1]  ? do_raw_spin_lock+0x121/0x290
[  363.730663][    C1]  ? __lock_acquire+0xab9/0xd20
[  363.730677][    C1]  ? __pfx___schedule+0x10/0x10
[  363.730698][    C1]  ? schedule+0x91/0x360
[  363.730712][    C1]  schedule+0x165/0x360
[  363.730726][    C1]  toggle_allocation_gate+0x159/0x240
[  363.730740][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  363.730794][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  363.730811][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  363.730821][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  363.730833][    C1]  process_scheduled_works+0xae1/0x17b0
[  363.730855][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  363.730892][    C1]  worker_thread+0x8a0/0xda0
[  363.730930][    C1]  kthread+0x711/0x8a0
[  363.730945][    C1]  ? __pfx_worker_thread+0x10/0x10
[  363.730956][    C1]  ? __pfx_kthread+0x10/0x10
[  363.730968][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  363.730981][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.730994][    C1]  ? __pfx_kthread+0x10/0x10
[  363.731010][    C1]  ret_from_fork+0x3fc/0x770
[  363.731021][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  363.731032][    C1]  ? __switch_to_asm+0x39/0x70
[  363.731047][    C1]  ? __switch_to_asm+0x33/0x70
[  363.731062][    C1]  ? __pfx_kthread+0x10/0x10
[  363.731075][    C1]  ret_from_fork_asm+0x1a/0x30
[  363.731096][    C1]  </TASK>
[  363.844644][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  363.847239][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  363.851797][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  363.855577][   T34] Call Trace:
[  363.856933][   T34]  <TASK>
[  363.858050][   T34]  dump_stack_lvl+0x99/0x250
[  363.859768][   T34]  ? __asan_memcpy+0x40/0x70
[  363.861506][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.863541][   T34]  ? __pfx__printk+0x10/0x10
[  363.865350][   T34]  vpanic+0x281/0x750
[  363.866855][   T34]  ? __pfx_vpanic+0x10/0x10
[  363.868552][   T34]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  363.870703][   T34]  ? preempt_schedule+0xae/0xc0
[  363.872622][   T34]  ? preempt_schedule_common+0x83/0xd0
[  363.874772][   T34]  panic+0xb9/0xc0
[  363.876256][   T34]  ? __pfx_panic+0x10/0x10
[  363.877957][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  363.879994][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  363.882300][   T34]  watchdog+0xfd2/0xfe0
[  363.883884][   T34]  ? watchdog+0x1de/0xfe0
[  363.885547][   T34]  kthread+0x711/0x8a0
[  363.887149][   T34]  ? __pfx_watchdog+0x10/0x10
[  363.888929][   T34]  ? __pfx_kthread+0x10/0x10
[  363.890767][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  363.892810][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.894850][   T34]  ? __pfx_kthread+0x10/0x10
[  363.896655][   T34]  ret_from_fork+0x3fc/0x770
[  363.898446][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  363.900398][   T34]  ? __switch_to_asm+0x39/0x70
[  363.902204][   T34]  ? __switch_to_asm+0x33/0x70
[  363.904047][   T34]  ? __pfx_kthread+0x10/0x10
[  363.905791][   T34]  ret_from_fork_asm+0x1a/0x30
[  363.907611][   T34]  </TASK>
[  363.909453][   T34] Kernel Offset: disabled
[  363.911193][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:58:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000079 RBX=0000000000000079 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f6b0
R8 =ffff888106f90237 R9 =1ffff11020df2046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af9917 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055ec0ed68f18 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 00007fd9af787d20
XMM02=0302100009b00328 1000089003000484 XMM03=080009e003001000 09d00300100009c0
XMM04=1000098004010000 00080606015cc400 XMM05=0100100009800401 000000080606015c
XMM06=c400080009e00300 100009d003001000 XMM07=09c00302100009b0 0328100008900300
XMM08=04840007a4030002 0007a20314020007 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080000000 RBX=ffff888121c20ae8 RCX=0000000000000000 RDX=0000000000000001
RSI=0000000000000008 RDI=00000000ffffffff RBP=ffffc9000345fc70 RSP=ffffc9000345f960
R8 =ffff888121c20347 R9 =1ffff11024384068 R10=dffffc0000000000 R11=ffffed1024384069
R12=ffff888121c20250 R13=ffff888121c21250 R14=0000000000000001 R15=ffff888121c21074
RIP=ffffffff8409b1e8 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555568b49500 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000056040494de08 CR3=000000010e728000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000080000010015 0000000c00000028 XMM01=0000000e00000001 0000000000000006
XMM02=0043004400010015 0000000000000040 XMM03=0000000000000000 0000000000000000
XMM04=0000ff0000000000 00000000000000ff XMM05=0000000000000071 0000000000000000
XMM06=ffffffff00000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffffffffff XMM09=00000000306e6177 772f74656e2f302e
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
