last executing test programs:

7m8.540112083s ago: executing program 32 (id=62):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f0000000040)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1)
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

6m59.504309135s ago: executing program 33 (id=130):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000040)='./file0\x00', 0x10400, &(0x7f0000000d40)=ANY=[], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
truncate(&(0x7f0000000080)='./file1\x00', 0xf0fe)

5m55.583989801s ago: executing program 34 (id=778):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x34, r1, 0x207, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x34}}, 0x880)

5m35.846308013s ago: executing program 1 (id=969):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

5m35.766421805s ago: executing program 1 (id=971):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}}], 0x2, 0x200400c0)

5m35.721608288s ago: executing program 1 (id=972):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB='allow_utime=00000000000000000000304,dmask=00000000000000000000011,errors=remount-ro,umask=00000000000000000000020,fmask=00000000000000000000004,discard,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c696f636861727365743d63703933362c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303030382c616c6c6f775f7574696d653d30303030303030d64a64d762d35037932d303030303030303032303030303030302c00"], 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0zS2ySHYa11P7zJYZkkySFJDkmSJElOCUmTbElIDDklDUlIDkNyGEJyiknjfMj5lJAkTZKE5JSs/zXhs9u1/3vvb/dlX3vu33W916z7Xc+9nvW893tYz/POzLedh9RoVLNqAyKCfwte+JEMALEAMAAArgGAAADKxpeNz+rPKTH539sJ+2M9lHalZ8CuJK5/9sb1z964/tkb1z974/pnb1z/7I3rn71x/RnLzjZNK3At37Lvja//Z2f8+f9fJLPUmC/Xlrq+C0DMP5vC9c/euP7/tYJ/ZiOuf/bG9c+uYq/0BNh/AH79Zwc5/m4P1z974/ozlp39udeb5X/c9w0Q+XMfAwVX/ph/dfyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtif4LS/TAHApfaVnhdjjDHGGGOMMcb+OD7HlZ4BY4wxxhhjjDHG/u8hCJCgIIAYyAGxkBPiQADA1ZAbroEIXAvxcB3kgeshL+SD/FAAEqAgFAINBiwQhFAYikAUboCicCMUg+JQAkqCg1KQCDdBabgZysAtUBZuhXJwG5SHClARKsHtUBnugCpwJ1SFu6AaVIcaUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGR6EJNIVm0Bxa/K/yX4Du8CL0gJ6QDL2gN7wEfaAv9IP+MABehoHwCgyCVyEFBsMQeA2GwuswDN6A4TACRsKbMAregtEwBsbCOEiF8TAB3oaJ8A5MgskwBaZCGkyD6fAuzICZMAveg9nwPsyBuTAP5sMC+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCx7AO1sMG2AibYDNsga2wDbbDDvgEdsKnsAt2wx74DPbC5/9i/qm/ye+CgIACBSpUGIMxGIuxGIdxmAtzYW7MjRGMYDzGYx7Mg3kxL+bH/JiACVgIC6FBg4SEhbEwRjGKRbEoFsNiWAJLoEOHiZiIpfFmLINlsCyWxXJYDstjBayAlbASVsbKWAWrYFWsitWwGtbAGng33o29sDbWxjpYB+ti3UuXp7ABNsCG2BAbYSNsjI2xCTbBZtgMW2ALbIktsRW2wjbYBttiW2yH7TAJk7A9tscO2AE7YkfshJ2wM3bGLtgVu2a+kAPwRXwRe2I10Qt7Y2/sgyk5+mF/7I8v40B8BV/BVzEFB+MQfA1fw9dxGJ7E4TgCR+JIrCzewtE4BkmMw1RMxQk4ASfiRJyEk3EyTsU0nIbTcTrOwJk4E9/D2fg+vo9zcS7OxwUIuBAXYTqm42I8hRm4BJfiMlyOK3A5rsLVuArX4se4FtfjetyIG3EzbsatuBW343b8BBUAfoq7cTem4F7ci/twH+7H/XgAD2AmZuJBPIiH8BAexsN4BI/gUTyGx/EYnsATeBJP4Wk8jWfxLJ7D5xK+bvhJ8TUpILIooUSMiBGxIlbEiTiRS+QSuUVuERERES/iRR6RR+QVeUV+kV8kiARRSBQSRhhBIowBABEVUVFUFBXFRDFRQpQQTjiRKBJFaVFalBFlRFlxqygnbhPlRQXR2klRSVQWbVwVcaeoKqqKaqK6qCFqipqilqglaovaoo6oI+qKuqKeeEDUF72wHz4ksirTSAzGxmIINhFNhbz4DtZSDMNWorVoI54QI3A4thMtXZJ4WrQXo7GD+IsYg8+KTmIcdhbPiy6iq+gmXhDdRSvXQ/QUk7CX6C2mYh/RV/QT/cUMrC7ew9k5a4hXRYoYLIaI18R8fF0ME2+I4WKEGCneFKPEW2K0GCPGinEiVYwXE8TbYqJ4R0wSk8UUMVWkiWliunhXzBAzxSzxnpgt3hdzxFwxT8wXC8QHYqFYJNLFh2Kx+EhkiCViqVgmlosVYqVYJVaLNWKt+FisE+vFBrFRbBKbxRaxVWwT28UO8YnYKT4Vu8RusUd8JvaKz8U+8YXYL74UB8RXIlN8LQ6Kb8Qh8a04LL4TR8T34qg4Jo6LH8QJ8aM4KU6J0+KMOCt+EufEz+K88AIkSiGlVDKQMTKHjJU5ZZy8SuaSwcVH91oZL6+TeeT1Mq/MJ/PLAjJBFpSFpJZGWkkylIVlERmVN8ii8kZZTBaXJWRJ6WQpmShvkqXlzbKMvEWWlbfKcvI2WV5WkBVlJXm7rCzvkBC5sI9qsrqsIWvKu2Uy3CNry3tlHXmfrCvvl/XkA7K+fFA2kA/JhvJh2Ug+IhvLR2UT2VQ2k81lC/mYbCkfl61ka9lGPiHbyidlO/mUTJJPy/bSX3yKPCs7yedkZ/m87CK7ym7yZ3leetlD9pTQC2Rv+ZLsI/vKfrK/HCBflgPlK3KQfFWmyMFyiHxNDpWvy2HyDTlcjpAj5ZtylHxLjpZj5Fg5TqbK8XKCfFtOlO/ISXKynCKnyjQ5Tfa7ONIsKf9h/tu/kz/ol71vlJvkZrlFbpXb5Ha5Q34id8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMlNmyoPyoDwkD8nD8rA8Io/Io/KYPCN/kCfkj/KkPCVPyTPyrDwrz118DEChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiE0aVUCWVU6VUorrpX8lXRdWNqpgq/qv8S/NL/jvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeWqAWqIVqoUpX6WqxWqwy1BK1RC1Ty9QKtUKtUqvUGrVGZa2/1qv1KkNtUpvUFrVFbVPb1A61Q+1UO9UutUvtUXvUXrVX7VP71H61Xx1QB1SmylQH1UF1SB1Sh9VhdUQdUUfVUXVcHVcn1Al1Up1Up9VpdVadVefUOXVenc9a9gUiEIEKVBATxASxQWwQF8QFuYJcQe4gdxAJIkF8EB/kCa4P8gb5gvxBgSAhKBgUCnRgAhuIi0WPBjcERYMbg2JB8aBEUDJwQakgMbgpKB3cHJQJbgnKBrcG5YLbgvJBhaBiUCm4Pagc3BFUCe4MqgZ3BdWC6kGNoGZwd1AruCeoHdwb1AnuC+oG9wf1ggeC+sGDQYPgoaBh8HDQKHgkaBw8GjQJmgbNguZBiz90fO9P5nvc9dA9dbLupXvrl3Qf3Vf30/31AP2yHqhf0YP0qzpFD9ZD9Gt6qH5dD9Nv6OF6hB6p39Sj9Ft6tB6jx+pxOlWP1xP023qifkdP0pP1FD1Vp+lperp+V8/QM/Us/Z6erd/Xc/RcPU/P1wv0B3qhXqTT9Yd6sf5IZ+gleqleppfrFXqlXqVX6zV6rf5Yr9Pr9Qa9UW/Sm/UWvVVv09v1Dv2J3qk/1bv0br1Hf6b36s/1Pv2F3q+/1Af0VzpTf60P6m/0If2tPqy/00f09/qoPqaPqx/0Cf2jPqlP6dP6jD6rf9Ln9M/6vPZZi/usj3ejjDIxJsbEmlgTZ+JMLpPL5Da5TcRETLyJN3lMHpPX5DX5TX6TYBJMIVPIZCFDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWZk1kLVvGVGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXlmgVlgFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNpMs1Bc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Ln5eehNrc9o4e5XNZa+2ue019m/j/LaATbAFbSGrbV6b71exsdYWs8VtCVvSOlvKJtqbfhOXtxVsRVvJ3m4r2ztsld/Etew9tra919ax99ma9u5fxXXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/CZeaBfZ1XaNXWs/trvsbnvanrGH7Lf2rP3J9rA97QD7sh1oX7GD7Ks2xQ7+TTzSvmlH2bfsaDvGjrXjfhNPsVNtmp1mp9t37Qw78zfxAvuBnW3T7Rw7186z83+Js+aUbj+0i+1HNsMGsNQus8vtCrvSrvqfuS6z6+0Gu9HutJ/aLXar3Wa32x2XFsJ2t91jP7N77ef2oP3G7rdf2gP2sM20X/8SZx3fYfudPWK/t0ftMXvc/mBP2B/VpeysY//B/mzPW2+BkIAkKQoohnJQLOWkOLqKctHVlJuuoQhdS/F0HeWh6ykv5aP8VIASqCAVIk2GLBGFVJiKUJRuoEvTK0ElyVEpSqSbqDTdTGXoFipLt1I5uo3KUwWqSJXodqpMd1AVupOq0l1UjapTDapJd1Mtuodq071Uh+6junQ/1aMHqD49SA3oIWpID1MjeoQa06PUhJpSM2pOLegxakmPUytqTW3oCWpLT1I7eoqS6GlqT89QB/oLdaRnqRM9R53peepCXakbvUDd6UXqQT0pmXpRb3qJ+lBf6kf9aQC9TAPpFRpEr1IKDaYh9BoNpddpGL1Bw2kEjaQ3aRS9RaNpDI2lcZRK42kCvU0T6R2aRJNpCk2lNJpG0+ldmkEzaRa9R7PpfZpDc2kezacF9AEtpEWUTh/SYvqIMmgJLaVltJxW0EpaRatpDa2lj2kdracNtJE20WbaQltpG22nHfQJ7aRPaRftpj30Ge2lz2kffUH76Us6QF9RJn1NB+kbOkTf0mH6zvek7+koHaPj9AOdoB/pJJ2i03SGztJPdI5+pvPkCUIMRShDFQZhTJgjjA1zhnHhVWGu8Oowd3hNGAmvDePD68I84fVh3jBfmD8sECaEBcNCoQ5NaEMKw7BwWCSMhjeERcMbw2Jh8bBEWDJ0YakwMbwpLB3eHJYJbwnLhreG5cLbwvJhhfCR+yqFt4eVwzvCKuGdYdXwrrBaWD2sEdYM7w5rhfeEtcN7wzrhfWGZ8P6wXvhAWD98MGwQPhQ2DB8OG4WPhI3DR8MmYdOwWdg8bBE+FrYMHw9bha3DNuETYdvwybBd+FSYFD4dtg+f+aX//kV/vz857BX2Dl8KXwq9v1fOi86PLoh+EF0YXRRNj34YXRz9KJoRXRJdGl0WXR5dEV0ZXRVdHV0TXRv9OLouuj66Ibox6n3NHODQCSedcoGLcTlcrMvp4txVLpe72uV217iIu9bFu+tcHne9y+vyufyugEtwBV0hp51x1pELXWFXxEXdDa6ou9EVc8VdCVfSOVfKJbrmroVr4Vq6x10r19q1cU+4J9yT7kn3lHvKPe3au2dcB/cX19E96zq559xz7nnXxXV13dwLrrsbn/vCazLZ9Xa9XR/Xx/Vz/dwAN8ANdAPdIDfIpbgUN8QNcUPdUDfMDXPD3XA30o10o9woN9qNdmPdWJfqUt0EN8FNdBPdJDfJTXFTXJpLc9PddDfDzXCVZ17Yyxz3DgDMcwvcArfQZa0Z091it9hluAy31C11y91yt9KtdKvdarfWrXXr3Dq3wW1wm9wmt8VtcdvcNrfD7XA73U63y19zYVC31+1z+9x+t98dcF+5TPe1O+i+cYfct+6w+84dcd+7o+6YO+5+cCfcj+6kO+VOuzPurPvJnXM/u/POu9TI+MiEyNuRiZF3IpMikyNTIlMjaZFpkemRdyMzIjMjsyLvRWZH3o/MicyNzIvMjyyIfBBZGFkUSY98GFkc+SiSEVkSWRpZFlkeWRHxvuCW0Bf2RXzU3+CL+ht9MV/cl/AlvfOlfKK/yZf2N/sy/hZf1t/qy/nbfHlfwVf0j/omvqlv5pv7Fv4x39I/7lv51r6Nf8K39U/6dv4pn+Sf9u39M76D/4vv6J/1nfxzvrN/3nfxXX03/4Lv7l/0PXxPn+x7+d7+Jd/H9/X9fH8/wL/sB/pX/CD/qk/xg/0Q/5of6l/3w/wbfrgf4UfGvOlHXTpFhnE+1Y/3E/zbfqJ/x0/yk/0UP9Wn+Wl+un/Xz/Az/Sz/np/t3/dz/Fw/z8/3C/wHfqFf5NP9h36x/8hnxP7PRWW/0q/yq/0av9Z/7Nf59X6D3+g3+c1+i9/qt/ntfof/xO/0n/pdfrff4z/ze/3nfp//wu/3X/oD/iuf6b/2B/03/pD/1h/23/kj/nt/1B/zx/0P/oT/0Z/0p/xpf8af9T/5c/5nf57/Zo0xxhhj7J8y/nJT/LrnwuX8Xr+TI/5q494AcPXWApl/3Z+1olyX90K7r0hoGwGAp3t2fujSrVq15OTki9tmSAiKzAW49E1Qlhi4HC+BNvAkJEFrKP278+8rup6lfzB+9FaAuL/KyVqmXoovj/8FACb/zviPPTFyYbnwdPz/Z/y5AMWKXM7JCZfjJdDml+srraHM35l/vpb/YP45v0wFaPVXObngcnx5/onwODwDSb/akjHGGGOMMcYYu6CvqNjx0vnnpd/4/L3z8wR1OScHXI7/0fk5Y4wxxhhjjDHGrrxnu3Z76rGkpNYd//VGlf9V1j/daAz/VyNz43cb3gNcukcBwL85IEBWQ/6ZR7H5T9lXysWXzt92LT/jA/jPKOUf0bjCb0yMMcYYY4yxP9zlRf+v71dXakKMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlg29Gf8O7ErfYyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYlfb/AgAA///HLfwS")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

5m34.83803626s ago: executing program 1 (id=973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$xfs(&(0x7f0000009700), &(0x7f0000009740)='./file0\x00', 0x0, &(0x7f0000009780), 0x1, 0x9759, &(0x7f000001c600)="$eJzs/QWcbXXBeP/PhUt3qLSUgklJGUiXiEiDIF2SAlKKgFiAKAZKd3d3d3d3d3fzf124oOIC9ft7/g8+rrVezJzac+ZzPu+9N3Nmzz1n6XkXm3NgYMyBd3vv9K/tsvJYh245sPDZB25y/12rvPbFM4dePfy7J2PNPvR0jqGncw4MDAwaej+D3r1u8GwnnDjMwOCBIf/9tVFHGnmYUQcGRh56cej9DMz87skoB7233NsfiAc66ZBvt/27H+802pA7eWegK84x3sDAwIh/8/VDxjXtPzxQaUvPMd+8f7V6322YoTcP+utt75wOfvdjlP0GBkbZZ+DD148hyw73N1/7v9mQ7znmHZuu/MjH8L3/z7X0HPMt8AH/IdvisEOvm3nINv7BbdDYB9fz1S+5Y8WhUzho6MQN/pvt5eNY7/+fWnqOeRca+PDteOCI+2c68+139puD5x4YGDzPwMDgeQcGBs/3cXvU/0wf68pXVVVVH0tzzDnDkOfsw3zg54ER3/u5ln4uvPiZ528bGBi88LvPEwev+N5zwaqqqqqqqqr6z2yOOWeYC57/j/lRz/+nOXneaXr+X1VVVVVVVfV/pwXmmHOGIc/1P/D8f7yPev7/9kPr7/7u3/7PPvO7X/XWx/sgqqqqqqqqquojm3cBfP4/6Uc9/7/wlPue6fl/VVVVVVVV1f+dFp1h3rkG/uZ19oZePfV7t9Pz/+Men2iVj2u8VVVVVVVVVfXv99aTp53119d8n2TgA6/3/k5Dfy8w6JhzrrnmYxvof0aD/vH3IVt/3GP6/9oQ5xEPm3RgYL0lPu6h1MfQ/5nXqq//v5S/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+Yv7kOP/77/+//hrjPnw0EWnOmWnp9f961e+897/gxde4MltPqahfxz9tx7/H1hr0MDAUN8x1xoYGFh4jkUXn3pgYGDdp3c6ZcqB92+bZchtXxt72HfeIP69fyYyz1h8x1tP/u7pkBVlYNz37+OYd+5/gbf3HXbQBwbxN4110oEHrrn0y1/54OlUH/44hnnvzFLn7rj3e/+WZZgPLDTih3zxe/f/3mP5oPPQsU89ZOzTbLzuBtNstPkWX1pr3ZXWWG2N1dabYfoZp5t2pulmnXbGaVZfa53Vpn3384fM2aTvfJ7rX5mzUT84Z0/O8bdz9sHH9mFzNulHz9k79zjsxSeP9d6cDf4352yuj56zSdca+o3Gmn24gRXfmZpBAwNjzT3cwGZDLkw3wsDAWPMMXXa8Ict+fexhBgZ2+usDHXJuhPfXwUFbD1lm6XkXm/Pd3dTAwF9P/9qHvJ/98ENHPvvQ0zmGns757rcZc+Cvq+Lg2U44cZghc/F30zHqSCMPM+rAwMhDLw69n4FZ3z0Z+fT3lvuQ91n/wEDfeZmV7d/9eKfRBgYGRhlyZu6VBj0/ZOr/F96n/f/p////4DXLoPfXx0FDP4Yu867XHPMt8Nfv9c40DJm7YYdeN/MQk//ht7b/u/5hvJOOODDpR4z3I14X551o/VrlpJvP+J96XRwa73gfMd6PeB3fDx3vMo8se/O7d/U/Nt4P7OsWeufz7P/Kvm7go/d1w9IdrHblxB/c133rw4f4d7vL9+ZohA8s9GH7ukVmvmrrIfc/+0fv6xYaMvbh/m5fN8zAwFhzvbevG7Ljm3e4gZ2GXJh+yIX5hhs4ZMiFGd65MNLAOUMufHmV9ddZdcgV8//jejD1oL/7A03Yzub9wHY26G8e+6AP/H3n4HdPR9nvvfdw+pD95qChD+uf7itovR3zI8b7Ee8/hfM85Lq1z7zsC/9T7z9F4x3xo8f7Ye+X/aHj3fa1re76Hx7v+9vZcH8zXfP/K9vZpH+/nQ15iMP+zZbxr/4ctios/+758d6/t13HOOb9nymG+8D9/rOfKeb/6O1szLU+8HXb7TMw6KPmZr5/ZW4m+od90DZ/Ozf/6s9bU0/x7u3DfsTcXDOw/Fbvzc3w/+bczPfvzs3sA8P+/dwMHphnYGBgyqH7h3n/lbkZ76Pn5l9db0aG5d89v9r7V8090RWTvTc3H5yLfzY38/67czPp++vNlO/cNvkwA8MPP7DZShtvvOF0735+7+L0737+6G1w7n9lLsf8n5nLCQZ/2Fz+dVXdef7lt/sn2+A/7NPfu/+5/925HHh/LgfW+uDGUv+p9fs/d/m7y99d/u7yd5e/u/zFfcjx//df/3+RXc+ZaegvN4ab8O6rx/m4x/sx9199/H+o798d/x/n6rsnHGbg/ds+8vjsu8v8Rx6fnfndk1EOem+5Dx4f5IF++PHZ12bd4bn/peOz/0+9t63+C7+Ha//vLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yF/chx/+nfe/vAC6+4rjlhh4IHe7tWy9f8OMe78fcf/Xx/6G+f3f8f8HLb317mIH3b/vI4//vLuM4/n/K66+99p98/P+9bbXj//VPyt9d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v8xX3I8f/Z3/s7gFkvvHiF9/4e4NK7Hp/o4x7vx9x/6/H/3v/fW/t/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7ihx/8HPvD2lou0XmBw/P//dh/i/938MYv/ovljFv/F8scs/ovnj1n8l8gfs/gvmT9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/+/lj1n8l8sfs/gvnz9m8f9+/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+P8gfs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/w3yxyz+P8wfs/hvmD9m8d8of8ziv3H+mMX/R/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8zi/+P8MYv/T/LHLP5b5o9Z/H+aP2bx3yp/zOK/df6YxX+b/DGL/8/yxyz+2+aPWfx/nj9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8d8uf8ziv33+mMV/h/wxi/9v8scs/jvmj1n8f5s/ZvH/Xf6YxX+n/DGL/+/zxyz+f8gfs/j/MX/M4v+n/DGL/875Yxb/P+ePWfz/kj9m8d8lf8ziv2v+mMV/t/wxi//u+WMW/z3yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxP0Xqv80/ud3if6rU/59l8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8Ctf+HP3KL/4Vq/w/P4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT9m8X8zf8zi/1b+mMX/7fwxif+ggfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP6fyB+z+H8yf8zi/6n8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMX/0/ljFv9J88cs/pPlj1n8J88fs/hPkT9m8Z8yf8zi/5n8MYv/Z/PHLP5T5Y9Z/KfOH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOL/5fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bx/0r+mMV/xvwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H81f8zi/7X8MYv/1/PHLP7fyB+z+M+WP2bx/2b+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/wL5Yxb/BfPHLP7fyh+z+C+UP2bx/3b+mMV/4fwxi/938scs/ovkj1n8v5s/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/kvlj1n8l84fs/gvkz9m8V82f8zi/738MYv/cvljFv/l88cs/t/PH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/KvljFv9V88cs/qvlj1n8V88fs/ivkT9m8V8zf8ziv1b+mMX/B/ljFv+188cs/uvkj1n8180fs/ivlz9m8V8/f8ziv0H+mMX/h/ljFv8N88cs/hvlj1n8N84fs/j/KH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8f5w/ZvH/Sf6YxX/L/DGL/0/zxyz+W+WPWfy3zh+z+G+TP2bx/1n+mMV/2/wxi//P88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/tvlj1n8t88fs/jvkD9m8f9N/pjFf8f8MYv/b/PHLP6/yx+z+O+UP2bx/33+mMX/D/ljFv8/5o9Z/P+UP2bx3zl/zOL/5/wxi/9f8scs/rvkj1n8d80fs/jvlj9m8d89f8ziv0f+mMV/z/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOJ/QP6Yxf/A/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMW/7fzxyT+75zN/x+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4v+J/DGL/yfzxyz+n8ofs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfw/nT9m8Z80f8ziP1n+mMV/8vwxi/8U+WMW/ynzxyz+n8kfs/h/Nn/M4j9V/pjFf+r8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/r+SPWfxnzB+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/1fzxyz+X8sfs/h/PX/M4v+N/DGL/2z5Yxb/b+aPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvFfMH/M4v+t/DGL/0L5Yxb/b+ePWfwXzh+z+H8nf8ziv0j+mMX/u/ljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+38sfs/gvlz9m8V8+f8zi//38MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8V81f8ziv1r+mMV/9fwxi/8a+WMW/zXzxyz+a+WPWfx/kD9m8V87f8ziv07+mMV/3fwxi/96+WMW//Xzxyz+G+SPWfx/mD9m8d8wf8ziv1H+mMV/4/wxi/+P8scs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMX/x/ljFv+f5I9Z/LfMH7P4/zR/zOK/Vf6YxX/r/DGL/zb5Yxb/n+WPWfy3zR+z+P88f8zi/4v8MYv/L/PHLP6/yh+z+P86f8ziv13+mMV/+/wxi/8O+WMW/9/kj1n8d8wfs/j/Nn/M4v+7/DGL/075Yxb/3+ePWfz/kD9m8f9j/pjF/0/5Yxb/nfPHLP5/zh+z+P8lf8ziv0v+mMV/1/wxi/9u+WMW/93zxyz+e+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/TOI/7ED+mMV/UP6YxX+Y/DGL/7D5Yxb/wfljFv/h8scs/sPnj1n8R8gfs/iPmD9m8R8pf8ziP3L+mMV/lPwxi/+o+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/T+SPWfw/mT9m8f9U/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8zi/+n8MYv/pPljFv/J8scs/pPnj1n8p8gfs/hPmT9m8f9M/pjF/7P5Yxb/qfLHLP5T549Z/D+XP2bx/3z+mMX/C/ljFv8v5o9Z/L+UP2bx/3L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+H8lf8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/mj9m8f9a/pjF/+v5Yxb/b+SPWfxnyx+z+H8zf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+WPWfwXyh+z+H87f8ziv3D+mMX/O/ljFv9F8scs/t/NH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/kvljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9e/pjFf7n8MYv/8vljFv/v549Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n818gfs/ivmT9m8V8rf8zi/4P8MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8zi/8P8MYv/hvljFv+N8scs/hvnj1n8f5Q/ZvHfJH/M4r9p/pjFf7P8MYv/5vljFv8t8scs/j/OH7P4/yR/zOK/Zf6Yxf+n+WMW/63yxyz+W+ePWfy3yR+z+P8sf8ziv23+mMX/5/ljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv/t8scs/tvnj1n8d8gfs/j/Jn/M4r9j/pjF/7f5Yxb/3+WPWfx3yh+z+P8+f8zi/4f8MYv/H/PHLP5/yh+z+O+cP2bx/3P+mMX/L/ljFv9d8scs/rvmj1n8d8sfs/jvnj9m8d8jf8ziv2f+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bxPyB/zOJ/YP6Yxf+g/DGL/8H5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfE/sP9xG3WfwfF/t/VBb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+z+L+dPybxHzyQP2bxH5Q/ZvEfJn/M4j9s/pjFf3D+mMV/uPwxi//w+WMW/xHyxyz+I+aPWfxHyh+z+I+cP2bxHyV/zOI/av6YxX+0/DGL/+j5Yxb/MfLHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjF/xP5Yxb/T+aPWfw/lT9m8R8vf8ziP37+mMV/gvwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+H86f8ziP2n+mMV/svwxi//k+WMW/ynyxyz+U+aPWfw/kz9m8f9s/pjFf6r8MYv/1PljFv/P5Y9Z/D+fP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP5fyR+z+M+YP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/2fLHLP7fzB+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4r9g/pjF/1v5Yxb/hfLHLP7fzh+z+C+cP2bx/07+mMV/kfwxi/9388cs/ovmj1n8F8sfs/gvnj9m8V8if8ziv2T+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfy/lz9m8V8uf8ziv3z+mMX/+/ljFv8V8scs/ivmj1n8V8ofs/iv/GH+W/0vjes/NIv/Km3/mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bx/0H+mMV/7fwxi/86+f+1v5kYi/+6+WMW//Xyxyz+6+ePWfw3yB+z+P8wf8ziv2H+mMV/o/wxi//G+WMW/x/lj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+P88cs/j/JH7P4b5k/ZvH/af6YxX+r/DGL/9b5Yxb/bfLHLP4/yx+z+G+bP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bx/3X+mMV/u/wxi//2+WMW/x3yxyz+v8kfs/jvmD9m8f9t/pjF/3f5Yxb/nfLHLP6/zx+z+P8hf8zi/8f8MYv/n/LHLP47549Z/P+cP2bx/0v+mMV/l/wxi/+u+WMW/93yxyz+u+ePWfz3yB+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfc/gPHjgyf8zhPzD4qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B8z+g/a+p8vIvF/3Oj/L2TxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/th/o/+SQ8/+rf9L+WP/jf60/b+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/JvEfbiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/J/LHLP6fzB+z+H8qf8ziP17+mMV//Pwxi/8E+WMW/wnzxyz+E+WPWfwnzh+z+E+SP2bx/3T+mMV/0vwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+H8mf8zi/9n8MYv/VPljFv+p88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4fzl/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/L+SP2bxnzF/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6z5Y9Z/L+ZP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/LHLP4L5Y9Z/L+dP2bxXzh/zOL/nfwxi/8i+WMW/+/mj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/9S+WMW/6Xzxyz+y+SPWfyXzR+z+H8vf8ziv1z+mMV/+fwxi//388cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bx/0H+mMV/7fwxi/86+WMW/3Xzxyz+6+WPWfzXzx+z+G+QP2bx/2H+mMV/w/wxi/9G+WMW/43zxyz+P8ofs/hvkj9m8d80f8ziv1n+mMV/8/wxi/8W+WMW/x/nj1n8f5I/ZvHfMn/M4v/T/DGL/1b5Yxb/rfPHLP7b5I9Z/H+WP2bx3zZ/zOL/8/wxi/8v8scs/r/MH7P4/yp/zOL/6/wxi/92+WMW/+3zxyz+O+SPWfx/kz9m8d8xf8zi/9v8MYv/7/LHLP475Y9Z/H+fP2bx/0P+mMX/j/ljFv8/5Y9Z/HfOH7P4/zl/zOL/l/wxi/8u+WMW/13zxyz+u+WPWfx3zx+z+O+RP2bx3zN/zOK/V/6YxX/v/DGL/z75Yxb/ffPHLP775Y9Z/PfPH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/4vyxd/zf+u/3vyR/zLL9X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYv/m/ljFv+38scs/m/nj0n8hx/IH7P4D8ofs/gPkz9m8R82f8ziPzh/zOI/XP6YxX/4/DGL/wj5Yxb/EfPHLP4j5Y9Z/EfOH7P4j5I/9l/qP2hgYOu/8x81f+y/1P+d/tZ/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6Yxf8T+WMW/0/mj1n8P5U/ZvEfL3/M4j9+/pjFf4L8MYv/hPljFv+J8scs/hPnj1n8J8kfs/h/On/M4j9p/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8P5M/ZvH/bP6YxX+q/DGL/9T5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+X8kfs/jPmD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/9nyxyz+38wfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf9b+WMW/4Xyxyz+384fs/gvnD9m8f9O/pjFf5H8MYv/d/PHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjFf6n8MYv/0vljFv9l8scs/svmj1n8v5c/ZvFfLn/M4r98/pjF//v5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv818scs/mvmj1n818ofs/j/IH/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8N8gfs/j/MH/M4r9h/pjFf6P8MYv/xvljFv8f5Y9Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/j/PHLP4/yR+z+G+ZP2bx/2n+mMV/q/wxi//W+WMW/23yxyz+P8sfs/hvmz9m8f95/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjFf7v8MYv/9vljFv8d8scs/r/JH7P475g/ZvH/rcd/i39nYYv/7zz+/1YW/53yxyz+v88fs/j/IX/M4v/H/DGL/5/yxyz+O+ePWfz/nD9m8f9L/pjFf5f8MYv/rvljFv/d8scs/rvnj1n898gfs/jvmT9m8d8rf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfwPyB+z+B+YP2bxPyh/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8c+6D/S//K4/kOz+D/e9o9Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6YxH+Egfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP6fyB+z+H8yf8zi/6n8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMX/0/ljFv9J88cs/pPlj1n8J88fs/hPkT9m8Z8yf8zi/5n8MYv/Z/PHLP5T5Y9Z/KfOH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOL/5fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bx/0r+mMV/xvwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H81f8zi/7X8MYv/1/PHLP7fyB+z+M+WP2bx/2b+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/wL5Yxb/BfPHLP7fyh+z+C+UP2bx/3b+mMV/4fwxi/938scs/ovkj1n8v5s/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/kvlj1n8l84fs/gvkz9m8V82f8zi/738MYv/cvljFv/l88cs/t/PH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/KvljFv9V88cs/qvlj1n8V88fs/ivkT9m8V8zf8ziv1b+mMX/B/ljFv+188cs/uvkj1n8180fs/ivlz9m8V8/f8ziv0H+mMX/h/ljFv8N88cs/hvlj1n8N84fs/j/KH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8f5w/ZvH/Sf6YxX/L/DGL/0/zxyz+W+WPWfy3zh+z+G+TP2bx/1n+mMV/2/wxi//P88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/tvlj1n8t88fs/jvkD9m8f9N/pjFf8f8MYv/b/PHLP6/yx+z+O+UP2bx/33+mMX/D/ljFv8/5o9Z/P+UP2bx3zl/zOL/5/wxi/9f8scs/rvkj1n8d80fs/jvlj9m8d89f8ziv0f+mMV/z/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOJ/QP6Yxf/A/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMW/7fzxyT+Iw7kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bx/0T+mMX/k/ljFv9P5Y9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv9J8scs/p/OH7P4T5o/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv/P5I9Z/D+bP2bxnyp/zOI/df6Yxf9z+WMW/8/nj1n8v5A/ZvH/Yv6Yxf9L+WMW/y/nj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/9X8scs/jPmj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMV/tvwxi/8388cs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bx/1b+mMV/ofwxi/+388cs/gvnj1n8v5M/ZvFfJH/M4v/d/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/v5Y9Z/JfLH7P4L58/ZvH/fv6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/mvljFv+18scs/j/IH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/j/MH7P4b5g/ZvHfKH/M4r9x/pjF/0f5Yxb/TfLHLP6b5o9Z/DfLH7P4b54/ZvHfIn/M4v/j/DGL/0/yxyz+W+aPWfx/mj9m8d8qf8ziv3X+mMV/m/wxi//P8scs/tvmj1n8f54/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvHfLn/M4r99/pjFf4f8MYv/b/LHLP475o9Z/H+bP2bx/13+mMV/p/wxi//v88cs/n/IH7P4/zF/zOL/p/wxi//O+WMW/z/nj1n8/5I/ZvHfJX/M4r9r/pjFf7f8MYv/7vljFv898scs/nvmj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/wPyxyz+B+aPWfwPyh+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT8m8R9pIH/M4j8of8ziP0z+mMV/2Pwxi//g/DGL/3D5Yxb/4fPHLP4j5I9Z/EfMH7P4j5Q/ZvEfOX/M4j9K/pjFf9T8MYv/aPljFv/R88cs/mPkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/8n8scs/p/MH7P4fyp/zOI/Xv6YxX/8/DGL/wT5Yxb/CfPHLP4T5Y9Z/CfOH7P4T5I/ZvH/dP6YxX/S/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4fyZ/zOL/2fwxi/9U+WMW/6nzxyz+n8sfs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4j9N/pjFf9r8MYv/dPljFv/p88cs/jPkj1n8v5I/ZvGfMX/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/l/NH7P4fy1/zOL/9fwxi/838scs/rPlj1n8v5k/ZvGfPX/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8ziv0D+mMV/wfwxi/+38scs/gvlj1n8v50/ZvFfOH/M4v+d/DGL/yL5Yxb/7+aPWfwXzR+z+C+WP2bxXzx/zOK/RP6YxX/J/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4fy9/zOK/XP6YxX/5/DGL//fzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/2r5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvH/Qf6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4b5A/ZvH/Yf6YxX/D/DGL/0b5Yxb/jfPHLP4/yh+z+G+SP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/H+ePWfx/kj9m8d8yf8zi/9P8MYv/VvljFv+t88cs/tvkj1n8f5Y/ZvHfNn/M4v/z/DGL/y/yxyz+v8wfs/j/Kn/M4v/r/DGL/3b5Yxb/7fPHLP475I9Z/H+TP2bx3zF/zOL/2/wxi//v8scs/jvlj1n8f58/ZvH/Q/6Yxf+P+WMW/z/lj1n8d84fs/j/OX/M4v+X/DGL/y75Yxb/XfPHLP675Y9Z/HfPH7P475E/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9Z/F/PH7P4v5E/ZvF/M3/M4v9W/pjF/+38MYn/yAP5Yxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8P5E/ZvH/ZP6Yxf9T+WMW//Hyxyz+4+ePWfwnyB+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6fzxyz+k+aPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6Yxf8z+WMW/8/mj1n8p8ofs/hPnT9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4v+V/DGL/4z5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvH/av6Yxf9r+WMW/6/nj1n8v5E/ZvGfLX/M4v/N/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8v5U/ZvFfKH/M4v/t/DGL/8L5Yxb/7+SPWfwXyR+z+H83f8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+S+aPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf97+WMW/+Xyxyz+y+ePWfy/nz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/w/yxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/w/zxyz+G+aPWfw3yh+z+G+cP2bx/1H+mMV/k/wxi/+m+WMW/83yx/7qP+7b7/Zxj+j/Yx/iv3n+mGX73yJ/zOL/4/wxi/9P8scs/lvq/Ef6l5ay+P9U5/+vZfHfKn/M4r91/pjFf5v8MYv/z/LHLP7b5o9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/H+dP2bx3y5/zOK/ff6YxX+H/DGL/2/yxyz+O+aPWfx/mz9m8f9d/pjFf6f8MYv/7/PHLP5/yB+z+P8xf8zi/6f8MYv/zvljFv8/549Z/P+SP2bx3yV/zOK/a/6YxX+3/DGL/+75Yxb/PfLHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4ngv+ggYGt/zeH9p+Yxf+ktn/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tR/lP8z/wrj+Q7P4X9f2j1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9Z/F/PH7P4v5E/ZvF/M3/M4v9W/pjF/+38MYn/KAP5Yxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8P5E/ZvH/ZP6Yxf9T+WMW//Hyxyz+4+ePWfwnyB+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6fzxyz+k+aPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6Yxf8z+WMW/8/mj1n8p8ofs/hPnT9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4v+V/DGL/4z5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvH/av6Yxf9r+WMW/6/nj1n8v5E/ZvGfLX/M4v/N/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8v5U/ZvFfKH/M4v/t/DGL/8L5Yxb/7+SPWfwXyR+z+H83f8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+S+aPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf97+WMW/+Xyxyz+y+ePWfy/nz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/w/yxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/w/zxyz+G+aPWfw3yh+z+G+cP2bx/1H+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+P84f8zi/5P8MYv/lvljFv+f5o9Z/LfKH7P4b50/ZvHfJn/M4v+z/DGL/7b5Yxb/n+ePWfx/kT9m8f9l/pjF/1f5Yxb/X+ePWfy3yx+z+G+fP2bx3yF/zOL/m/wxi/+O+WMW/9/mj1n8f5c/ZvHfKX/M4v/7/DGL/x/yxyz+f8wfs/j/KX/M4r9z/pjF/8/5Yxb/v+SPWfx3yR+z+O+aP2bx3y1/zOK/e/6YxX+P/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi/+F+WMW/4vyxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5Yxb/t/LHLP5v549J/EcdyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4v+J/DGL/yfzxyz+n8ofs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfw/nT9m8Z80f8ziP1n+77fV35y3+E+eP2bxnyJ/zOI/Zf6Yxf8z+WMW/8/mj1n8p8ofs/hPnT9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4v+V/DGL/4z5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvH/av6Yxf9r+WMW/6/nj1n8v5E/ZvGfLX/M4v/N/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8v5U/ZvFfKH/M4v/t/DGL/8L5Yxb/7+SPWfwXyR+z+H83f8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+S+aPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf97+WMW/+Xyxyz+y+ePWfy/nz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/w/yxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/w/zxyz+G+aPWfw3yh+z+G+cP2bx/1H+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+P84f8zi/5P8MYv/lvljFv+f5o9Z/LfKH7P4b50/ZvHfJn/M4v+z/DGL/7b5Yxb/n+ePWfx/kT9m8f9l/pjF/1f5Yxb/X+ePWfy3yx+z+G+fP2bx3yF/zOL/m/wxi/+O+WMW/9/mj1n8f5c/ZvHfKX/M4v/7/DGL/x/yxyz+f8wfs/j/KX/M4r9z/pjF/8/5Yxb/v+SPWfx3yR+z+O+aP2bx3y1/zOK/e/6YxX+P/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi/+F+WMW/4vyxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5Yxb/t/LHLP5v549J/EcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4v+J/DGL/yfzxyz+n8ofs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfw/nT9m8Z80f8ziP1n+mMV/8vwxi/8U+WMW/ym9/lt/1I0W/894/T8yi/9n88cs/lPlj1n8p84fs/h/Ln/M4v/5/DGL/xfyxyz+X8wfs/h/KX/M4v/l/DGL/zT5Yxb/afPHLP7T5Y9Z/KfPH7P4z5A/ZvH/Sv6YxX/G/DGL/0z5Yxb/mfPHLP6z5I9Z/GfNH7P4fzV/zOL/tfwxi//X88cs/t/IH7P4z5Y/ZvH/Zv6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/KH7P4L5Q/ZvH/dv6YxX/h/DGL/3fyxyz+i+SPWfy/mz9m8V80f8ziv1j+mMV/8fwxi/8S+WMW/yXzxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/vfwxi/9y+WMW/+Xzxyz+388fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+K+RP2bxXzN/zOK/Vv6Yxf8H+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bxXz9/zOK/Qf6Yxf+H+WMW/w3zxyz+G+WPWfw3zh+z+P8of8ziv0n+mMV/0/wxi/9m+WMW/83zxyz+W+SPWfx/nD9m8f9J/pjFf8v8MYv/T/PHLP5b5Y9Z/LfOH7P4b5M/ZvH/Wf6YxX/b/DGL/8/zxyz+v8gfs/j/Mn/M4v+r/DGL/6/zxyz+2+WPWfy3zx+z+O+QP2bx/03+mMV/x/wxi/9v88cs/r/LH7P475Q/ZvH/ff6Yxf8P+WMW/z/mj1n8/5Q/ZvHfOX/M4v/n/DGL/1/yxyz+u+SPWfx3zR+z+O+WP2bx3z1/zOK/R/6YxX/P/DGL/175Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4n9A/pjF/8D8MYv/QfljFv+D88cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHJP6jD+SPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvH/RP6Yxf+T+WMW/0/lj1n8x8sfs/iPnz9m8Z8gf8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+n84fs/hPmj9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/8/kj1n8P5s/ZvGfKn/M4j91/pjF/3P5Yxb/z+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/1fyxyz+M+aPWfxnyh+z+M+cP2bxnyV/zOI/a/6Yxf+r+WMW/6/lj1n8v54/ZvH/Rv6YxX+2/DGL/zfzxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/Vv6YxX+h/DGL/7fzxyz+C+ePWfy/kz9m8V8kf8zi/938MYv/ovljFv/F8scs/ovnj1n8l8gfs/gvmT9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/+/lj1n8l8sfs/gvnz9m8f9+/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+P8gfs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/w3yxyz+P8wfs/hvmD9m8d8of8ziv3H+mMX/R/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8zi/+P8MYv/T/LHLP5b5o9Z/H+aP2bx3yp/zOK/df6YxX+b/DGL/8/yxyz+2+aPWfx/nj9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8d8uf8ziv33+mMV/h/wxi/9v8scs/jvmj1n8f5s/ZvH/Xf6YxX+n/DGL/+/zxyz+f8gfs/j/MX/M4v+n/DGL/875Yxb/P+ePWfz/kj9m8d8lf8ziv2v+mMV/t/wxi//u+WMW/z3yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+z+L+dPybxH2Mgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/yfyxyz+n8wfs/h/Kn/M4j9e/pjFf/z8MYv/BPljFv8J88cs/hPlj1n8J84fs/hPkj9m8f90/pjFf9L8MYv/ZPljFv/J88cs/lPk//9j586j7KzrO47fJAw71V+P9nSRNrVSoEWyACqtxQCBLMgYRBISkkiWyWISErNAFkOitk1TCmKpIGobTZsKYtFWiRUNRMFi2QRK7UJKRQqIbcS1KSpJz01mYjL9MqfzpM9D9ft6/ZGZe4fvFfI+H+7l5BxDWfq/Qv9Qlv7H6B/K0v9X9Q9l6X+s/qEs/Y/TP5Sl//H6h7L0/zX9Q1n6/7r+oSz9T9A/lKX/K/UPZel/ov6hLP2H6B/K0n+o/qEs/YfpH8rSf7j+oSz9T9I/lKX/yfqHsvQ/Rf9Qlv6v0j+Upf+r9Q9l6f8a/UNZ+p+qfyhL/9/QP5Sl/2/qH8rS/7X6h7L0/y39Q1n6n6Z/KEv/1+kfytJ/hP6hLP1P1z+Upf8Z+oey9D9T/1CW/iP1D2Xpf5b+oSz9z9Y/lKX/KP1DWfqP1j+Upf8Y/UNZ+o/VP5Sl/zn6h7L0f73+oSz9z9U/lKV/p/6hLP3foH8oS/9x+oey9D9P/1CW/m/UP5Sl//n6h7L0f5P+oSz9L9A/lKX/eP1DWfpP0D+Upf+F+oey9J+ofyhL/0n6h7L0v0j/UJb+k/UPZek/Rf9Qlv5T9Q9l6f9m/UNZ+l+sfyhL/2n6h7L0n65/KEv/GfqHsvSfqX8oS/8u/UNZ+s/SP5Sl/2z9Q1n6z9E/lKX/XP1DWfq/Rf9Qlv7z9A9l6T9f/1CW/gv0D2Xpf4n+oSz9F+ofytJ/kf6hLP3fqn8oS//F+oey9F+ifyhL/6X6h7L0X6Z/KEv/S/UPZel/mf6hLP2X6x/K0n+F/qEs/VfqH8rSf5X+oSz936Z/KEv/1fqHsvS/XP9Qlv5r9A9l6b9W/1CW/m/XP5Sl/zv0D2Xp/079Q1n6/7b+oSz9f0f/UJb+v6t/KEv/dfqHsvT/Pf1DWfqv1z+Upf/v6x/K0v8K/UNZ+v+B/qEs/a/UP5Sl/1X6h7L0f5f+oSz9r9Y/lKX/u/UPZen/h/qHsvS/Rv9Qlv5/pH8oS//36B/K0v9a/UNZ+l+nfyhL//fqH8rS/3r9Q1n6v0//UJb+79c/lKX/B/QPZen/x/qHsvT/E/1DWfpv0D+Upf8H9Q9l6f8h/UNZ+m/UP5Sl/5/qH8rS/8/0D2Xpv0n/UJb+f65/KEv/D+sfytL/Bv1DWfrfqH8oS/+P6B/K0v8m/UNZ+n9U/1CW/n+hfyhL/5v1D2Xp/zH9Q1n6f1z/UJb+f6l/KEv/v9I/lKX/J/QPZen/Sf1DWfrfon8oS//N+oey9P+U/qEs/f9a/1CW/p/WP5Sl/636h7L0/4z+oSz9P6t/KEv/LfqHsvS/Tf9Qlv636x/K0n+r/qEs/T+nfyhL/8/rH8rS/w79Q1n636l/KEv/L+gfytL/b/QPZel/l/6hLP2/qH8oS/+/1T+Upf/d+oey9L9H/1CW/vfqH8rS/z79Q1n6369/KEv/L+kfytL/Af1DWfo/qH8oS/+H9A9l6f93+oey9H9Y/1CW/n+vfyhL/y/rH8rS/x/0D2Xp/4/6h7L0/yf9Q1n6/7P+oSz9H9E/lKX/Nv1DWfr/i/6hLP0f1T+Upf+/6h/K0v8r+oey9H9M/1CW/l/VP5Sl/+P6h7L0/zf9Q1n6P6F/KEv/J/UPZen/lP6hLP2/pn8oS/+n9Q9l6f91/UNZ+v+7/qEs/f9D/1CW/tv1D2Xp/w39Q1n6P6N/KEv/b+ofytL/W/qHsvT/tv6hLP2/o38oS//v6h/K0v97+oey9P9P/UNZ+u/QP5Sl/3/pH8rS/1n9Q1n6f1//UJb+P9A/lKX/D/UPZen/nP6hLP136h/K0n+X/qEk/V/c0j+Upf8A/UNZ+g/UP5Sl/yD9Q1n6H6R/KEv/Dv1DWfofrH8oS/9D9A9l6X+o/qEs/Q/TP5Sl/+H6h7L0P0L/UJb+R+ofytL/KP1DWfr/lP6hLP1fpH/oJ64/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/zdLVqycN23+/K7FvvGNb3yz95sX+t9MAADA/7Uffeh/of9OAAAAAAAAAAAAAAAAAAAAIK8m/u/EXuh/RgAAAAAAAAAAAAAA+HE3pvP07YMG7PfUoH0fHH1f1+6vJ++4cM6mTZtLz9fuH58TvOTAfR/s2rVr1/lLtpzV/fCQVqvV/l97cffjQ3sft19/7f2vHrfnURnx3unlxtWtzts3Xfr4ozO+f8KWjt3PdrQunjV3ftfQga1WObOjtbz9YNiAVquc3dG6uv1gePvBqI7WDe0HJ+1+cFhra/vBiTMWzp/ZfmJ05d8z+EkxpnNta9B+i23t92+Dffe/9v5Jy3u+9vGSPa92UKt7/xueG/dwr5/1eJ7997x+Ob33/vv9Dwg8r/7tf9bQnq99vOT/eP8/+4fDtkQ/e/7997x+OcP+oT7B5//9Ntr7c3+vz/+Dg5fce18+ddeg9v6HH/6dWd1PHfS/+fz/o9cvZ/be/8D9Pv+3P8eP7Pn8f0irVc46wN8OSGVM59u39/X+3/f+D/r5XjcD9t3/+imj39Pe/y/d8dhLup/q6Of+R/b1/r++198r0D9jOj+0q9f7fz/23zo2eMm9+99w5ecmtPe/etQtN+7zs/7s/6ze+x+ydMGiIUtWrHzl3AXTZnfN7rrkpOGnDBv6qmGnDj1lyO6PBHt+PcDfFcjhwN7/W4f3uhnQanXtvf/le182sr3/Ozc+Obb7qUP7uf+z+3z/H+z9H0IvH9g6+ODW8mlLly4etufXnofD9/y65y8L9t+P//7/leO6/7KePzMc0Gr97N77NVNaD7T3/4tPPfi67qcO7uf+R/W5/xH7/1kl0D8H+P4/s9fNfvsvH3/R9e39jzpi+D3dT/X3v/9H97n/D3r/hwMxprNV65toe/8Dn7j22mrXZYw//4P6NLH/E8u646pdl7H2D/VpYv9dC0+4rdp1Ocf+oT5N7H/du0afV+26vN7+oT5N7P/ebz1+V7Xrcq79Q32a2P9XOr69otp16bR/qE8T+79p1cRnql2XN9g/1KeJ/b/sume+Wu26jLN/qE8T+5/w9Mil1a7LefYP9Wli/6uOvuDuatfljfYP9Wli/0Nn7Jxc7bqcb/9Qnyb2/9A73/eJatflTfYP9Wli/9c/N+yYatflAvuH+jSx/1sOG/z+atdlvP1DfZrY/87Lrjiq2nWZYP9Qnyb2v/a2jhHVrsuF9g/1aWL/92y9+cvVrstE+4f6NLH/p06+fU616zLJ/qE+Tez/o2NfsrPadbnI/qE+Tey/8yOLSrXrMtn+oT5N7L/j4UfWVbsuU+wf6tPE/o8ffPep1a7LVPuH+jSx/+lTp32s2nV5s/1DfZrY/6hnP/zyatflYvuH+jSx/yPXHfnJatdlmv1DfZrY/+AlRx9e7bpMt3+oTxP7n3fU5g9Uuy4z7B/q08T+129/aEm16zLT/qE+Tez/89eseKLademyf6hPE/v/xuw5F1W7LrPsH+rTxP43/dwd91W7LrPtH+rTxP4feeDctdWuyxz7h/o0sf+rb37yZ6pdl7n2D/VpYv+fnbTjhmrX5S32D/VpYv87XjH5tGrXZZ79Q32a2P9L73zNg9Wuy3z7h/o0sf+pt14zqtp1WWD/UJ8m9r+48x3PVrsul9g/1KeJ/Z869PiF1a7LQvuH+jSx/6u2bZhe7bossn+oTxP7/8LGk79b7bq81f6hPk3s/+nxx4ytdl0W2z/Up4n9bzzuqm3VrssS+4f6NLH/EV/8+knVrstS+4f6NLH/IzafvqnadVlm/1CfJvZ/7BnjfqHadbnU/qE+Tex//mt/cGW163KZ/UN9mtj/T39v2dZq12W5/UN9mtj/xCseHV/tuqywf6hPE/tftuZLX6t2XVbaP9Snif2fNmDm5dWuyyr7h/o0sf9tj7XeXe26vM3+oT5N7P+6DTcdUu26rLZ/qE8T+//MvFs/Xe26XG7/UJ8m9v/Nl5Yh1a7LGvsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/psdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbB9G7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBRAAAA///Tm4+K")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000a80)='ext4\x00', &(0x7f0000000880)='./file1\x00', 0x40, &(0x7f0000000a40), 0x1, 0x56f, &(0x7f0000000140)="$eJzs3U9oHNUfAPDvzGZ/7a+tpoKCSg9FhQqlm6R/tHpqr2Kh0IPgRcNmG0o23ZLdaBNySO5F6EFUeqk3PXhUPHgQLx69elEEb0KxQaHpQVf2XxKTTdzUbLZ2Ph+Y7Hvzdvf73sx+JzuPGTaAzDra+JNGPBMRF5OI4XVtQ9FuPNp63sryQvH+8kIxiXr90q9JJBFxb3mh2Hl+0n48GBGLEfF0RHyTjziebo5bnZufGi+XSzPt+kht+tpIdW7+xJXp8cnSZOnqqZdfOXP29Jmxk2PrX3a/vv698jsb640fb75347vXbt/89LMji8X3x5M4F4fabevHsZta2yQf5zasP92PYAOUDLoDPJBctHK/4akYjlw767upD+9Zt4A9UN8XUQcyKpH/kFGd7wGN89/OspffP+6cb000NOKutJdWy1BrbiL2N0/zD/yWrJ2ZJFufo8BOLC5FxOjQ0ObPf9L+/D240d3oIH319fnWjtq8/9PV409sPP5ENOcN/+3nI9Yd/1Y2Hf/W4ue6xE8i4mKPMf5486ePtoy/FPFs1/jJavykS/w0It7uMf6tN748u1Vb/eOIY9E9fkey/fzwyOUr5dJo62/XGF8dO/LqduM/sEX81pzt/sOxxfbvMq3d1Rfffv7c4jbxX3x++/3fbfv/vNRj8Ih44t4nr2/Vdmcpudv4FrDT/Z9EPm73GP+lc0d/6L23AAAAAAAAAABAr9LmtWxJWlgtp2mh0LqH98k4kJYr1drxy5XZqxOta94ORz7tXGk13KonjfpYs7xWP7mhfirXDpj7f7NeKFbKEwMeOwAAAAAAAAAAAAAAAAAAADwsDm64///3XPP+/40/Vw08qvycHmSX/Ifs+nv+JwPrB7D3/P+HzKrLf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5Bd8h8AAAAAAAAAAAAAAAAAAAAAAAAAAPri4oULjaV+f3mh2KhPDM3NTlXeOTFRqk4VpmeLhWJl5lphslKZLJcKxcr0P71fUqlcG42rs9dHaqVqbaQ6N//WdGVxtbmU7/N4AAAAAAAAAAAAAAAAAAAA4L/oUHNJ0kJEpM1ymhYKEY9FxOEkkstXyqXRiHg8Ir7P5fc16mOD7jQAAAAAAAAAAAAAAAAAAAA8Yqpz81Pj5XJpJiOFoZ08OSIWd7cbjXfc8avy7X31sGxDhSwUBnxgAgAAAAAAAAAAAAAAAACADFq76bfXV/zZ3w4BAAAAAAAAAAAAAAAAAABAJqW/JBHRWI4Nv3BoY+v/kpVc8zEi3r116YPr47XazFhj/d3V9bUP2+tPDqL/QK86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBNdW5+arxcLs30sTDoMQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8iL8CAAD//7PR13w=")
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0x3, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_pidfd_open(r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

5m34.813150744s ago: executing program 1 (id=977):
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x2, 0x2e, 0x38, 0x65, 0x0, 0x2, 0x6, 0x0, @private=0xa010100, @remote, {[@ssrr={0x89, 0x7, 0x98, [@private=0xa010100]}, @generic={0x44, 0x2}, @timestamp_prespec={0x44, 0x4, 0x8b, 0x3, 0x6}]}}, {{0x4e24, 0x4e23, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x40, 0x0, 0x0, 0xfe}}}}}}, 0x0)

5m33.905078832s ago: executing program 1 (id=987):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000004c0)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x0, 0xfffffffd, @local}, @in={0x2, 0x5e1d, @dev={0xac, 0x14, 0x14, 0x21}}], 0x2c)

5m33.46527078s ago: executing program 35 (id=987):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000004c0)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x0, 0xfffffffd, @local}, @in={0x2, 0x5e1d, @dev={0xac, 0x14, 0x14, 0x21}}], 0x2c)

4m36.316926718s ago: executing program 6 (id=1641):
r0 = inotify_init1(0x800)
poll(&(0x7f0000003ac0)=[{r0, 0x11a8}], 0x1, 0x1)

4m36.244281473s ago: executing program 6 (id=1643):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0xa00, 0x0)
r1 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(r1, 0x4008550d, 0x0)
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000080)=0x5)
syz_emit_ethernet(0x3b6, 0x0, 0x0)

4m36.244121348s ago: executing program 6 (id=1644):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000080)={0x9, {0x8071eb, 0x8, 0x4, 0x1000}})

4m36.187167399s ago: executing program 6 (id=1645):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xf5, 0x1219, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1o1JU/NHrdX2oA948TQ0OXgSJEgKkgWlNkIrCFOz0SVjNmRCYEWsnrz2dXj2JvgOcvE1eMvFYw/iSGYam223VMHdFfv5HDI/nuf55pln2F2YZZ49eefel7s7ZbaTH0ZrZiZa+xHpfooUrTjz+mZzvHV7c73T2biR0vX1m6tvp5SW3vj5k6/nIuLixz8u/TQXxyufnvy29uvx5eMrJ3/c/KJXpl6ZVvqHKU93+v3D/E7RTdu9cjdL6cOim5fd1NsruwdD/TtFf39/kPK97cWF/YNuWaZ8b5B27+UR/XR4MEj553lvL2VZlhYXgieaffqQrR/uV1UVUVWz8XxUVVVdiIW4GC/EYizFtxHxYrwUL8eleCUux6vxWlypR03i9AEAAAAAAAAAAAAAAAAAAODZcX7/f0QM7f9fjhX7/wEAAAAAAAAAAAAAAAAAAGACPrp1e3O909m4kdJ8RPH90dbRVnNs+td3ohdFdONaLMfvUe/+bzT19fc7G9dSbSW+K+4+yN892nquyZ/+Oc2v1j8n8CDfrvvO8qtNPg3n52Lh/PxrsRyXRs+/NjI/H2+9eS6fxXL88ln0o4jteu6H+W9WU3rvg84j+av1OAAAAPg/yNJfRt6/Z9mT+pv83/5+oB2P3F+342p7umsnohx8tZu3iu5BXRRnxfxjLWMrZiNiUnONq5gbbmmNaa7WUy7UzLgW2P6PXGfF48Xpu/jf+D8XYrhl2p9MTMLDl8G0zwQAAAAAAAAAAIB/YszPJ7ZjxJNl705nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//I6LAUA==")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x40)
io_setup(0x9, &(0x7f0000000300)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}])
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x7, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
chdir(0x0)
mkdir(0x0, 0x0)
rmdir(&(0x7f0000000000)='./control\x00')
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x12)
r3 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r3, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)

4m35.556034815s ago: executing program 6 (id=1647):
syz_emit_ethernet(0x7e, &(0x7f00000006c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x4, 0x8, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc, 0x57}}]}]}}}}}}}, 0x0)

4m35.264907503s ago: executing program 6 (id=1648):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x0, 0x0, 0x2, @stepwise={0x0, 0x1, 0xffffffff, 0x0, 0x40, 0xc7}})

4m35.101609851s ago: executing program 36 (id=1648):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x0, 0x0, 0x2, @stepwise={0x0, 0x1, 0xffffffff, 0x0, 0x40, 0xc7}})

3m53.764126571s ago: executing program 7 (id=2070):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000040)='./file1\x00', 0xc00, &(0x7f00000007c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESOCT, @ANYRES8, @ANYRES32=0x0, @ANYRESOCT, @ANYRES8, @ANYRES16=0x0, @ANYRESOCT=0x0], 0x1, 0x6207, &(0x7f0000012500)="$eJzs3ctvHVcdB/DfffoRmkZdVCVCyG3Do5TmWUKgQNsFLNiwQNmiRK5bRaSAkoDSKiKuvGHBHwFCYokQS1b8AV2wZccfQKQECdRVpxr7HGc88c21k/rOtc/nIzlzf3NmfM/ke+c+PDP3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQP/7RT8/1IuLKb9KMExFfiEFEP2KprlciYmnlRHOdF2KzOZ6PiNFCRL3+5j/PRrweER8fj7j/4M5qPfv8Hvvxw7/+608/O/aTf/5ldOb/f7s1eGPScrdv//5/f7/75NsLAAAAJaqqquqlj/knI2KYPtsDAEdffv2vkjxfPXf1+pz1R61Wq9WHsG6qdne3WUTEenOd+j2Dw/EAcMisxyddd4EOyb9ow4g41nUngLnW67oDHIj7D+6s9lK+vebrwcpWez4XZEf+673t6zsmTadpn2Myq8fXRgziuQn9WZpRH+ZJzr/fzv/KVvs4LXfQ+c/KpPzHW5c+FSfnP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/Ex0f/114+k3Zk8cd/12ZUR8AAAAAAAAA4PO23/H/hq3x/7YZ/w8AAADmVv1ZvfaH4w/nTfoutnr+5V7EM63lgcKki2WWu+4HAAAAAAAAAAAAAJRkuHUO7+VexCginllerqqq/mlq1/v1tOsfdqVvP5Ss6yd5AADY8vHx1rX8vYjFiLicvutvtLy8XFWLS8vVcrW0kN/PjhcWq6XG59o8rectjPfwhng4rupftthYr2na5+Vp7e3fV9/XuBrsoWOz0WHgABARW69G970iHTFV9Wx0/S6Hw8H+f/TY/9mLrh+nAAAAwMGrqqrqpa/zPpmO+fe77hQAMBP59b99XECtVqvVavXRq5uq3d1tFhGx3lynfs9gOH4AOGTW45Ouu0CH5F+0YUS80HUngLnW67oDHIj7D+6s9lK+vebrQRrfPZ8LsiP/9d7menn93abTtM8xmdXjayMG8dyE/jw/oz7Mk5x/v53/la32cVruoPOflUn519t5ooP+dC3nP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/E3N1/Hf8pJsz1eOO/64c2L0CAAAAAAAAwMG6/+DOar7uNR///9Iuy7n+82jK+ffkX6Scf7+V/9dbyw0at++9/TD//z64s/rnW//5Yp7uMf+Hv66XHlm99IjopabeME2fZusetTEajOt7GvX6g2E656cavRvX4nqsxdkdy/bT/8fD9nOPbMRos70abLWf39E+3G7P61/Y0T5KZzpVS7n9dKzGL+N6vLPZXrctTNn+xSnt1ZT2nP/A/l+knP+w8VPnv5zae61p7d5H/Uf2++Z0t/t569qXf3f24Ddnqo0YbG9bU719L3XQn83/k2Pj+PXNtRunb1+9devGuUiTHXPPR5p8znL+o/Sz/fz/8lZ7fqJu7q/3PhrvO/95sRHDifm/3Lhdb+8rM+5bF3L+4/ST838nte++/x/m/Cfv/6920B8AAAAAAAAAAAAAAAB4nKqqNi8RfSsiLqbrf7q6NhMAmK38+l8lef6s6sGM70+tPuR1b876M9P602q++qNWH8a6qdrdm80iIv7RXKd+z/Db3X4ZADDPPo2If3fdCToj/4Ll7/urp6e67gwwUzc/+PDnV69fX7txs+ueAAAAAAAAAABPKo//udIY//lUVVV3W8vtGP/17Vh52vE/h/nG9gCjEwaqHux/mx5noz8e9BvDjb8Yk8b/Hm3fetz438Mp9zea0j6e0r7w6KylZrE4Zf1dL/RoyPm/2Bjv/FREnGwNv17C+K/tMe9LkPN/qfF4rvP/Wmu5Zv7VHw9z/v0d+Z+59f6vztz84MPXrr1/9b2199Z+ceHcubMXLl68dOnSmXevXV87u/Vvhz0+WDn/PPa180DLkvPPmcu/LDn/r6Ra/mXJ+X811fIvS84/v9+Tf1ly/vmzj/zLkvN/JdXyL0vO/xupln9Zcv6vplr+Zcn5fzPV8i9Lzv+1VMu/LDn/06mWf1ly/mdSvcf8lw66X8xGzj8f4bL/lyXnn89skH9Zcv7nUy3/suT8L6Ra/mXJ+b+eavmXJef/rVTLvyw5/4upln9Zcv7fTrX8y5Lzv5Rq+Zcl5/+dVMu/LDn/76Za/mXJ+b+RavmXJef/vVTLvyw5/++nWv5lyfn/INXyL0vO/81Uy78sD7//3w03Znxj5OE3vze6fmYCAAAAAAAAAAAAANpmcTpx19sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMYOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrB3dzFynfX9wM+ud9drBxIDIX8nfwMbx4SQONn1S/xCm2LCa8N7IBT6gu1612bBb3jtEmgkGwVKJIyKKtqGi7aAUMlNhVWhilaAcoFaVa0E7QW9QVS0XERVQAG1UltBtppznufZmdnZmVnvZH3mnM9Hin/emTNzzpw5c3a/63xnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABodutr5z41kmVZ47/8jy1Z9rzG3zdNbckve9W13kIAAABgrX6R//nMDemCQ33cqGmZv3vpd762uLi4mL13wx+Of25xMV0xlWXjG7Msvy668sP3jTQvEzyaTY6MNn092mP1G3pcP9bj+vEe10/0uH5jj+sne1y/bAcss6n4fUx+Zzvyv24pdml2YzaeX7ejw60eHdk4Ohp/l5MbyW+zOH48m89OZnPZTMvyxbIj+fLfuLWxrjdlcV2jTeva1jhCfvrIsbgNI2Ef72hZ19J9Rj9+TTb1s58+cuzPzz99c6fZcze03F+xnXdsb2znJ8IlxbaOZBvTPonbOdq0nds6PCcbWrZzJL9d4+/t2/lMn9u5YWkz11X7cz6ZjeZ//26+n8aaf62X9tO2cNl/35Zl2aWlzW5fZtm6stFsc8slo0vPz2RxRDbuo3EovTAbW9Vxemsfx2ljzu5oPU7bXxPx+b813G5shW1ofpp+/PGJpuf954tXc5xGjUe90mul/Rgc9GulLMdgPC6+mz/oxzoegzvC43/k9pWPwY7HTodjMD3upmNwe69jcHRiQ77No1/ZHNe+veUY3NWy/IZ8TSP5fOr27sfg9PlTZ6cXPvqxu+dPHT0xd2Lu9J5du2b27Nt34MCB6ePzJ+dmij+ven+X3eZsNL0Gtod9F18Dr2hbtvlQXfzixLLz79W+Die7vA63tC076NfhWPuDG1mfF+TSMR0vKV4b727s9MnLo9kKr7H8+blz7a/D9LibXodjTa/Djt9Tlm3zSH6bXq/DxjJn7+zvZ5axpv86bcPK3wvWdgxuaToG238eaT8GB/3zSFmOwclwXHz/zpW/F2wL2/vYztX+PLJh2TGYHm449zQuST/vTx7IR6fj8pbGFddNZBcW5s7d8/DR8+fP7crCWBcvajpW2o/XzU2PKVt2vI6u+ng9NP/Sx27pcPmWsK8m7278Mbnic9VYZu893Z+r/Ltb5/3ZcunuLIwBW+/92em7eWN/TmTZ57/98Qe/+cjnX7vi/mzkzU9Mr/1n8ZRLm86/4yucf2Puf7ZYX7qrRzeMjxWv3w1p74y3nI9bn6qx/Nw1kq/7men+zsfj4b/1Ph/f2OV8vLVt2UGfj8fbH1w8H4/0+m3H2rQ/n5PhODk50/183Fhm6+7VHpNjXc/Ht4U5Evb/K0NSSLmo6dhZ6bhN6xobGw+PayyuofU43dOy/HjIZo11PbH76o7TO24r7mtDenRL1us4nWpbdtDHafrd10rH6Uiv375dnfbnczIcFzfu6X6cNpZ5cu/az52b4l+bzp0TvY7B8Q0TjW0eTwdhfr7PFjfFY/Ce7Fh2JjuZzebXTuTH00i+rp339ncMToT/1vtcubXLMXhH27KDPgbT97GVjr2RseUPfgDan8/JcFw8fm/3Y7CxzOv2D/Zn1zvCJWmZpp9d23+/ttLvvG5p203P1bEyFrbz2/u7/262sczJA6vNmd33013hkus67Kf21+9Kr6nZbH3209awnU8fWHk/NbanscznDvZ5PB3Ksuzih+/Pf98b/n3lLy9872st/+7S6d90Ln74/p88//jfrmb7ARh+zxZjc/G9rulfpvr5938AAABgKMTcPxpmIv8DAABAZcTcH/+v8ET+BwAAgMqIuX8szKQm+X/r656ef/Zilpr5i0G8Pu2GB4rlYsd1Jnw9tbikcfn9X577r7+52N+6R7Ms+/kDv9tx+a0PxO0qTIXtvPL61suX+drdfa37yEMX03qb++tfCPcfH0+/h0GnCu5MlmXfuOEz+Xqm3nc5n08+cCSfD1567NHGMs8cLL6Ot3/qRcXyfxLKv4eOH225/VNhP/wozJk3d94f8XZfvfzKbfvfs7S+eLuR7dfnD/vx9xf3G98n57OPFsvH/bzS9n/z0098tbH8wy/vvP0XRztv/xPhfr8c5v+8pFi++TlofB1v98mw/XF98Xb3fOlbHbf/yqeK5c++oVjuSJhx/XeEr3e84en55v318MjRlseVvbFYLq5/5nu/n18f7y/ef/v2Tx6+3LI/2o+PJ/+5uJ/ptuXj5XE90V+3rb9xP83HZ1z/E793pGU/91r/lQefeknjftvXf1fbcmc/fGe+/qX7a33Hpj/95Gc6ri9uz6G/ONvyeA69M7yOw/off384HsP1/3uluL/2d1c48s7W809c/gtbLrY8nuhNPyvWf+XVJ/K5cXLT5uue9/zrL72sse+y7Lsbi/vrtf4Tf3amZfu/eFOxP+L1saPfvv6VxPWf+8jO02cWLszPpr36yA35e+e8pdieuL03hHNr+9eHz5z/wNy5qZmpmSybqu5b6F21L4X5k2Jc6r704rIz6J0Phefzlj/+xubb/+nT8fJ/eXdx+eU3F9+3XhGW+2y4fEt4/la3/uUev/Wm/PU98mTYwsXl7xe8Ftt2/MeBvhYMj7/954J4vJ998Qfy/dC4Lv++EV/Xa9z+H8wW9/P1sF8Xwzszb79paX3Ny8f3Rrj8ruL1vub9F05z8Xn9Sni+3/qj4v7jdsXH+4Pwc8y3trae7+Lx8fWLo+33n7+Lx6VwPskuFdfHpeL+vvzMTR03L74PSXbp5vzrP0j3c/OqHuZKFj66MH1y/vSFh6fPzy2cn1746McOnzpz4fT5w/l7eR7+YK/bL52fNufnp9m5fXuz/Gx1phjPsWu9/WcfOja7f+b22bnjRy8cP//Q2blzJ44tLBybm124/ejx43Mf6XX7+dn7du0+uGf/7p0n5mfvO3Dw4J6DO+dPn2lsRrFRPeyb+dDO0+cO5zdZuG/vwV333rt3ZuepM7Nz9+2fmdl5odft8+9NOxu3/p2d5+ZOHj0/f2pu58L8x+bu23Vw377dPd8N8NTZ4wtT0+cunJ6+sDB3brp4LFPn84sb3/t63Z5qWvjX4ufZdiPFG/Flb79rX3p/1oYvf3zFuyoWaXsD0afDe9H8/QvOHujn65j7x8NMapL/AQAAoA5i7p8IM5H/AQAAoDJi7t8YZiL/AwAAQGXE3D8ZZlKT/F+5/v/Wi32tX/9f/795f+n/16z//66y9f8b54u51OvU/1+btfbv9f8D/X/9f/1//X/9fwagbP3/mPs3ZVkt8z8AAADUQcz9m8NM5H8AAACojJj7rwszkf8BAACgMmLuf16YSU3yv/6//r/+v/6//n/n9a9v/9/n/w+K/n93+v896P9PZ/Xq/18a5Pbr//fZ/5/qdU9USdn6/zH3Pz/MpCb5HwAAAOog5v7rw0zkfwAAAKiMmPtvCDOR/wEAAKAyYu7fEmZSk/yv/6//r/+v/6//33n9+v/DSf+/O/3/HvT/ff6//r/P/2egytb/j7n/BWEmNcn/AAAAUD3Lf5kQc/8Lw0zkfwAAACifsau7Wcz9LwozWZb/r3IFAAAAwDUXc/+NWVsRvCb//q//r/+v/6//r//fef399/83ZPr/5aH/353+fw/6/2vrzzdOjPr/+v/6/zQpW/8/z/3ZZPbiMJOa5H8AAACog5j7bwozkf8BAACgMmLu/39hJvI/AAAAVEbM/VvDTGqS//X/9f/r1v//t736//r/Pv+/yvT/u9P/70H/3+f/6//r/zNQZev/x9x/c5hJTfI/AAAA1EHM/beEmcj/AAAAUBkx9///MBP5HwAAACoj5v5tYSY1yf/6/yXv/8fmqP6/z//X/9f/1//vi/5/d/r/Pej/6//r/+v/M1Bl6//H3P+SMJOa5H8AAACog5j7XxpmIv8DAABAZcTc/7IwE/kfAAAAKiPm/qkwk5rkf/3/kvf/ix78hM//1//X/9f/1//vj/5/d/r/Pej/6//r/+v/M1Bl6//H3H9rmElN8j8AAADUQcz928NM5H8AAACojJj7bwszkf8BAACgMmLu3xFmUpP8r/8/FP3/TP9f/1//X/9f/78/+v/d6f/3oP+v/6//r//PQJWt/x9z/8vDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/FWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dev/7/cNL/707/vwf9f/1//X/9fwaqbP3/mPtfGWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx9+8MM6lJ/tf/1//X/9f/1//vvH79/+Gk/9+d/n8P+v/6//r/+v8MVNn6/zH33x1mUpP8DwAAAHUQc/89YSbyPwAAAFRGzP3TYSbyPwAAAFRGzP0zYSY1yf/6//r/+v+l7P/nNyll//9lS/er/1/Q/y8X/f/u9P970P/X/7/m/f9x/X8qpWz9/5j7d4WZ1CT/AwAAQB3E3L87zET+BwAAgMqIuX9PmIn8DwAAAJURc//eMJOa5H/9f/1//f9S9v9zpez/N9H/L+j/l4v+f3eD7//Hh6j/r/+v/+/z//X/Wa5s/f+Y++8NM6lJ/gcAAIA6iLl/X5iJ/A8AAACVEXP//jAT+R8AAAAqI+b+A2EmNcn/+v/6//r/+v/6/53Xr/8/nMrZ/x/te/3D1//3+f/6/0v0//X/9f9pV7b+f8z9B8NMapL/AQAAoA5i7n9VmIn8DwAAAJURc/8vhZnI/wAAAFAZMff/cphJTfK//n/Z+/+jmf6//r/+v/6//n//ytn/75/+v/6//v/wbr/+v/4/y5Wt/x9z/31hJjXJ/wAAAFAHMff/SpiJ/A8AAACVEXP/q8NM5H8AAACojJj7D4WZ1CT/V6z/P9nfmoep/+/z//X/9f/1//X/V0P/vzv9/x70//X/9f/1/xmosvX/Y+5/TZhJTfI/AAAA1EHM/feHmcj/AAAAUBkx9782zET+BwAAgMqIuf91YSY1yf8V6/9X8PP/9f/1//X/9f/1/1dD/787/f8e9P/1//X/9f8ZqLL1/2Puf32YSU3yPwAAANRBzP1vCDMav2ZbBAAAAAxazP1vDDPx7/8AAABQGTH3vynMpCb5X/9f/1//X/9f/7/z+vX/h5P+f3f6/z3o/+v/6//r/zNQZev/x9z/q2EmNcn/AAAAUAcx9z8QZiL/AwAAQGXE3P/mMBP5HwAAACoj5v63hJnUJP/r/+v/6//r/+v/d16//v9w0v/vbsj6/7+4Plyu/1/Q/y/39q+2/z/W9vVz0v//4Ur9/8WN7bfX/+e5ULb+f8z9bw0zqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1vDzOR/wEAAKAyYu5/R5hJTfK//n9jO5bay/r/+v/5BevS/3/Hf+r/6/9n+v8Dp//f3ZD1/33+fxv9/3Jvv8//1/9nubL1/2Puf2eYSU3yPwAAANRBzP0PhpnI/wAAAFAZMfe/K8xE/gcAAIDKiLn/3WEmNcn/+v8+/1//3+f/6/93Xr/+/3DS/+9O/78H/X/9/7L1//9d/5/hVrb+f8z9D4WZ1CT/AwAAQB3E3P+eMBP5HwAAACoj5v5fCzOR/wEAAKAyYu5/b5hJTfL/te7/b9L/77P/P6X/r/+v/9/2ePT/9f870f/vTv+/B/1//f+y9f99/j9Drmz9/5j73xdm0n/+n+x7SQAAAOCaiLn/18NMavLv/wAAAFAHMff/RpiJ/A8AAACVEXP/b4aZ1CT/X+v+v8//9/n/+v816v+P6v/r/z/31q//H888+v/6//r/kf6//r/+P+3K1v+Puf+3wkxqkv8BAACgDmLuf3+YifwPAAAAQ6HT/5PdLub+w2Em8j8AAABURsz9R8JMapL/9f9r1P//q38ortT/H47+/x9t/8fvf+dtR3ZVqf/v8//1/9fBun7+f+PF7/P/9f/1/xP9f/1//X/ala3/H3P/0TCTmuR/AAAAqIOY+387zET+BwAAgMqIuf9YmIn8DwAAAJURc/9smElN8r/+f436/z7/f7j6/0P8+f9xf+j/txpY/z+edPX/O1rX/v97lnri+v+r7f9PdLxU/1//f5i3X/9f/5/lytb/j7l/LsykJvkfAAAA6iDk/tHjxVy6Qv4HAACAyoi5/0SYifwPAAAAlRFz/wfCTGqS//X/9f/1//X/ff5/5/WXtv/v8/+70v/vrjz9/870//X/h3n79f/1/1mubP3/mPvnw0xqkv8BAACgDmLu/2CYifwPAAAAlRFz/4fCTOR/AAAAqIyY+0+GmdQk/+v/6//r/+v/6/93Xr/+/3DS/+9O/78H/X/9/6vZ/nDc6P/r/7Nc2fr/MfefCjOpSf4HAACAOoi5/3SYifwPAAD8H3v38WRpWfZx/DQM0l1UiTsXblzrn8BC1/oHuHDjxip1YcKcGMwRE+aAOWMARUyomMGEYhYRc0BFFANijeXMdV3TPefp53TPnNP9nPv+fBZevvM6ngPvlL4/hm/dQDNy9z8qbrH/AQAAoBm5+x8dt3Sy//X/+v9m+//76f93+3z9v/6/Zfr/cfr/BfT/+n/v/+v/Waqp9f+5+x8Tt3Sy/wEAAKAHufsfG7fY/wAAANCM3P0Xxi32PwAAADQjd//j4pZO9v8p/f/GrM/+PzNe/X9L/b/3/3f9fP2//r9lB9v/X/z//+TT/+v/9f9B/6//1/9zqqn1/7n7Hx+3dLL/AQAAoAe5+58Qt9j/AAAA0Izc/U+MW+x/AAAAaEbu/ifFLZ3sf+//e/9f/6//1/8Pf77+fz15/39cT/3/hTee98jbr7rX1fv5/NX3/7ft7P+D/n85Dvv76//1/8ybWv+fu//JcUsn+x8AAAB6kLv/KXGL/Q8AAADNyN3/1LjF/gcAAIBm5O5/WtzSyf7X/+v/9f/6/1b6/0vjx/X/fdP/j+up/z+dz/f+v/5f/6//Z7mm1v/n7n963NLJ/gcAAIAe5O5/Rtxi/wMAAEAzcvdfFLfY/wAAANCM3P1H45ZO9r/+f/X9/3/1//r/uPp/7//r/1dP/z9O/7+A/l//r//X/7NUU+v/c/dfHLd0sv8BAACgB7n7nxm32P8AAADQjNz9z4pb7H8AAABoRu7+Z8ctnex//b/3//X/+n/9//Dn6//Xk/5/nP5/Af3/mfbz5+j/9f/6f7bbZ/9/58h/bC+l/8/d/5y4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/+v/9f/6f/3/aff/87/0jtP/D1te/79V/576/3n6/3GT6f83jgz+sP5/7ft/7//r//X/7DC19/9z978gbulk/wMAAEAPcve/MG4Z2f/7/ov5AAAAwKHK3f+iuMXv/wMAAMDay+osd/+L45ZO9r/+X/+v/9f/e/9/+PPH+v+rt30/7/9Pi/5/3GT6/13o//X/6/z99f/6f+ZNrf/P3f+SuKWT/Q8AAAA9yN1/Sdxi/wMAAEAzcve/NG6x/wEAAKAZuftfFrd0sv+H+/+T/3v9/97o/3d+f/3/8K+PZfX/+e+o/x/t/+/f7vv/+v8x+v9x+v8F9P/77+e3/SHq/5vu/7cW/Xz9P0Om1v/n7n953NLJ/gcAAIAe5O5/Rdxi/wMAAEAzcve/Mm6x/wEAAKAZufsvjVs62f/e/9f/Zz+/uQb9/9n6f+//T+T9/9mB9/9H9P97pP8fp/9fQP/v/f82+v/8Ie//c+im1v/n7n9V3NLJ/gcAAIAe5O5/ddxi/wMAAMB62P73Dpz6N5SG3P2viVvsfwAAAGhG7v7Xxi2d7H/9v/7f+//6f/3/8OdPq//3/v9e6f/H6f8X0P+vop8/0lj/f9luP38K/f9Fq3v/X//PadnR/19z8scPq//P3f+6uKWT/Q8AAAA9yN3/+rjF/gcAAIBm5O5/Q9xi/wMAAEAzcve/MW7pZP+vvP/f2v2z9f/6f/2//l//f+JXj/5/efT/4/T/C+j/vf/fxvv/+n8mY0f/v81h9f+5+98Ut3Sy/wEAAKAHufvfHLfY/wAAANCM3P2XxS32PwAAADQjd/9b4pZO9r/3//X/+n/9v/5/+PO9/7+e9P/j9P8L6P+39/MPn+n/9f/6f87Q1Pr/3P1vjVs62f8AAADQg9z9b4tb7H8AAABoRu7+t8ct9j8AAAA0I3f/O+KWTva//n+1/X/+uP5f/z/T/+v/9f8Hotv+f2Pov4nm7dL/X/+wow/c+SP6f/2/9//1//p/lmAS/f+xk//fZe7+d8Ytnex/AAAA6EHu/nfFLfY/AAAANCN3/7vjFvsfAAAAmpG7/z1xyz73/z2W+q0Ojv7f+//6f/2//n/48/X/66nb/n+PvP+/gP5f/6//1/+zVJPo/7f9z7n73xu3+P1/AAAAaEbu/vfFLfY/AAAANCN3//vjFvsfAAAAmpG7/wNxSyf7X/+v/9f/6//1/8Ofr/9fT/r/cRPt/7fyn+j/T6v/v/U++v9JfH/9v/6feVPr/3P3Xx63dLL/AQAAoAe5+z8Yt9j/AAAA0Izc/R+KW+x/AAAAaEbu/g/HLZ3sf/2//l//r//X/w9/vv5/Pen/x020/y8H0v9fMfIFhvr/Y+dOvf/3/v9Evr/+X//PvKn1/7n7PxK3dLL/AQAAoAe5+6+IW+x/AAAAaEbu/ivjFvsfAAAAmpG7/6NxSyf7X/+v/9f/6//1/8OfP9D/H9n+vfT/06T/H6f/X2A93//X/0/k++v/9f/Mm1r/n7v/Y3FLJ/sfAAAAepC7/6q4xf4HAACAZuTu/3jcYv8DAABAM3L3Xx23dLL/9f/6f/2//l//P/z53v9fT6vr/2f6f/2//n+BffXz5y7lKx/e9x+g/9f/M29q/X/u/k/ELZ3sfwAAAOhB7v5Pxi172f9b56/qawEAAABLlLv/U3GL3/8HAACAZuTu/3Tc0sn+1//PZmdti5f1//r/4z+g/9f/L7v/P1//f1C8/z9O/7+A/t/7//p//T9LNbX+P3f/Z+KWTvY/AAAA9CB3/zVxi/0PAAAAzbjj+D9uzj4bt9j/AAAA0Izc/Z+LWzrZ//p/7//v7P9nM/2//l//f8IBvP+/OdP/L53+f5z+fwH9f5v9/1mzhvr/rV1/vv6fKZpa/5+7//NxSyf7HwAAAHqQu//auMX+BwAAgGbk7v9C3GL/AwAAQDNy938xbulk/+v/9f/e/9f/6/+HP/8A+v/6s6r/Xx79/zj9/wL6/zb7f+//6/85NFPr/3P3fylu6WT/AwAAQA9y9385brH/AQAAoBm5+78St9j/AAAA0Izc/V+NWzrZ//p//b/+X/+v/x/+fP3/etL/j9P/L6D/1//r//X/LNXU+v/c/V+LWzrZ/wAAANCD3P3XxS32PwAAADQjd//1cYv9DwAAAM3I3f/1uKWT/a//1//r/9ez/9/U/+v/9f+DptL/X3DBA27Q/+v/9f/6f/2//r93U+v/c/d/I27pZP8DAABAD3L3fzNusf8BAACgGbn7vxW32P8AAADQjNz9345bOtn/8/3/ObMTheoJQ/1/NGr6/230/zu/v/5/+NeH9//1//r/1Tu1/z93nz/f+/9B/6//1/+vtv+/9/zP1//Toqn1/7n7b4hbOtn/AAAA0IPc/d+JW+x/AAAAaEbu/u/GLfY/AAAANCN3/41xSyf73/v/+n/9/0H2/xv6f/2//n/FpvL+v/7/9L6//l//v87fv5n3/8/W/7M8q+//t+Kf7a3/z93/vbilk/0PAAAAPcjd//24xf4HAACAZuTu/0HcYv8DAABAM3L3/zBu6WT/6//1//p/7//r/4c/X/+/nvT/4/T/C/TT/28O/eBh9/Nn6rC/fzP9v/f/WaKpvf+fu/9HcUsn+x8AAAB6kLv/x3GL/Q8AAADNyN3/k7jF/gcAAIBm5O7/adzSyf7X/+v/2+//H6L/P+XzD6n/P6r/1/8fBP1//jf6MP3/ApPp/4f/r+j9/2l/f/2//p95U+v/c/ffFLd0sv8BAACgB7n7fxa32P8AAADQjNz9N8ct9j8AAAA0I3f/z+OWTva//r+v/n9j1mP/7/3/ifT/3v/X/x8I/f84/f8Ck+n/V/7+/6DD7ucP4fvftczvr//X/zNvav1/7v5bNo50uf8BAABgXT3ovo+4aa//2luO/+Pm7Bdxi/0PAAAAzcjd/8u4xf4HAACAZuTu/1Xc0sn+1//31f/3+f6//l//r//vif5/nP5/Af1/b/3/Ur+//l//z7yp9f+5+38dt2wbfkf2/UcJAAAATEnu/t/ELZ38/j8AAAD0IHf/b+OWuf1/bI9/VzsAAAAwNbn7fxe3dPL7/2vc/w9nGa31/7MV9f/xr+u1/7/2gp1/vvT/+v+hz9f/ryf9/7gz7P+Pbej/9f8jhvv5m++u/9f/6//7NbX+P3f/7+OWTvY/AAAANGrHX1HI3f+HuMX+BwAAgGbk7v9j3GL/AwAAQDNy998at3Sy/9e4/9/lD6ix/v+03v/fqn/m/f/O3/+/ZHPw85fe/5+z849X/z9M/38w9P/jvP+/gP7f+//6f/0/SzW1/j93/5/ilk72PwAAAPQgd/+f4xb7HwAAAJqRu/8vcYv9DwAAAM3I3X9b3NLJ/tf/t9j/7+H9f/1/H/3/Lp/fzvv/9zzv6HUPfuiVl+v/Oekg+//8taD/1//r/0/Q/+v/9f+camr9f+7+v8Ytnex/AAAA6EHu/tvjFvsfAAAAmpG7/29xi/0PAAAAzcjd//e4pZP9r//X/0+l/88/14fQ/x9dv/4/m+Le+3/v/+v/53n/f5z+fwH9v/5f/6//Z6mm1v/n7r8jbulk/wMAAEAPcvf/I27J/b+x7790DwAAAExM7v5/Hr/b/h4tv/8PAAAAzTix+zdn/4pbOtn/+n/9/1T6/+T9/5M/z/v/J+j/9f/7sfb9/+ws/b/+X/+/pt9f/6//Z97U+v/c/f+OWzrZ/wAAANCD3P13xi079//dDvZbAQAAAMuUu/8/cYvf/wcAAIBm5O6/K27pZP/r//X/+n/9v/5/+PP1/+tp7ft/7//r//X/a/v99f/6f+ZNrf/P3f+/AAAA//+4rmTi")
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)

3m52.880788869s ago: executing program 7 (id=2074):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

3m52.086696971s ago: executing program 7 (id=2079):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000100001000000000000f1ff000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000208000140000000050600030076657468315f6d6163767461700000000900010073797a31"], 0xe8}}, 0x0)
close(r1)

3m50.136498929s ago: executing program 7 (id=2095):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

3m50.135786361s ago: executing program 7 (id=2097):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x13)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000))

3m49.826576472s ago: executing program 7 (id=2102):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000000)={r2, 0x5}, &(0x7f0000000080)=0x8)

3m49.730758247s ago: executing program 37 (id=2102):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000000)={r2, 0x5}, &(0x7f0000000080)=0x8)

3m36.616589301s ago: executing program 4 (id=2212):
syz_usb_connect(0x0, 0x24, &(0x7f0000001d00)={{0x12, 0x1, 0x200, 0x59, 0xfb, 0xfa, 0x10, 0x403, 0xfa78, 0xbcca, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4b, 0x2, 0xe0, 0x5, [{{0x9, 0x4, 0x88, 0x0, 0x0, 0xb6, 0x5e, 0xcd, 0x50}}]}}]}}, 0x0)

3m35.306882392s ago: executing program 5 (id=2219):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000002c0)={r2, 0x11, 0x6, @random="08d32bfb45c9"}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

3m35.241148945s ago: executing program 5 (id=2220):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x5, 0x0, 0x2, 0xa, 0x0, 0x700, 0x0, [@sadb_address={0x3, 0x6, 0xb8, 0x0, 0x0, @in={0x2, 0x3, @private}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e23, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0xfe, 0x0, 0x3, 0x2}]}, 0x50}, 0x1, 0x7}, 0x0)

3m35.24089855s ago: executing program 4 (id=2221):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00i'], 0x20}}, 0x4000000)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

3m35.232611477s ago: executing program 5 (id=2222):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f00000000c0)=0x1, 0xfffffffffffffd92)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
rt_sigaction(0x15, &(0x7f00000000c0)={0x0, 0xc0000002, 0x0}, 0x0, 0x8, &(0x7f0000000200))

3m35.140548059s ago: executing program 5 (id=2223):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@lazytime}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
pwrite64(r0, &(0x7f0000000880)='u', 0x1, 0x83)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})
chdir(&(0x7f00000001c0)='./file0\x00')
creat(&(0x7f0000000040)='./file1\x00', 0x5e)

3m34.963144782s ago: executing program 5 (id=2225):
syz_mount_image$jfs(&(0x7f0000000700), &(0x7f0000000840)='./bus\x00', 0x2000002, &(0x7f0000000100)=ANY=[], 0xfe, 0x6124, &(0x7f000000f680)="$eJzs3c1vHGcdB/Df7JtfSlOrh6pECLkpb6U0ryUECjQ9wIELB5QrSuS6VVQXUBJQWkXElS8c+CNASBwR4gYn/oAeuHLjDyBSggTqATFovM8Tz252s04d76w9n4/kzP7mmVk/k+/Ovnhm9gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIH7w/R+dKyLi6i/SjLWIz0Q3ohOxUtXrEbGyvpaX70XEi7HbHC9ERH8polp/95/nIl6PiI9PRNx/cGejmn1+n/343h///rsfP/PDv/2hf+Y/f7rVfWPacrdv//rff7l7sG0GAACAtinLsizSx/yT6fN9p+lOAQBzkV//yyTPPwr1oLYdi9AftXq3GOzNWIj+qOdYby3X5zTfH7X60bqunOxuvYiI7fo61XsGh+MB4IjZjk+a7gINkn+r9SLimaY7ASy0oukOcCjuP7izUaR8i/rrwfqwPZ8LMpL/dvHw+o5p01nGzzGZ1+NrJ7rx/JT+rMypD4sk598Zz//qsD0fWzvs/OdlWv6D4aVPrZPz747nP+b45N+ZmH9b5fx7T5R/V/4AAAAAALDA8t//1xo+/rt08E3Zl8cd/13f311cftp9AgAAAAAAAICDOuj4fw8Z/w8AAAAWVvVZvfKbE3vzpn0XWzX/ShHx7NjyQMuki2VWm+4HAAAAAAAAAAAAALRJb3gO75Uioh8Rz66ulmVZ/dSN10/qoOsfdW3ffmizpp/kAQBg6OMTY9fyFxHLEXElfddff3V1tSyXV1bL1XJlKb+fHSwtlyu1z7V5Ws1bGuzjDXFvUFZ3tlxbr27W5+VZ7eP3V/2uQdndR8fmo8HAASAihq9G9ye9Iv23ge7wlJTlc9H0uxyOhin7P0eY/Z/9aPpxCgAAABy+sizLIn2d98l0zL/TdKcAgLnIr//jxwXUarVarVYfv7qunOxuvYiI7fo61XsGw/EDwBGzHZ803QUaJP9W60XEi013AlhoRdMd4FDcf3Bno+gM8y3qrwdpfPd8LshI/tvF7np5/UnTWcbPMZnX42snuvH8lP68MKc+LJLd/NP2j+R/ddg+SMuN5FNMz32f+Rdjf0acm2n5V9u51kB/mpbz747nP+aw9/952YnOxPzbKuffe6L8u/IHAAAAAIAFlv/+v+b4b95kAAAAAAAAADhy7j+4s5Gve83H/z83YTnXfx5POf9C/q2U8++M5f+VseW6tdv33trL/18P7mz8/tY/P5un+81/Kd8o0iOrSI+IIv2mopemB9m6R+30u4Phtg7veD0iyv47cT22YjPOjizbSf8fe+3nRtqrnvZH2s+PtPceab8w0t5P3ztQruT207ERP42teHu3vWpbmrH9yzPayxntOf+u/b+Vcv692k+V/2pqL8amlXsfdR7Z7+vTSb/n8vXP/+rs4W/OTDvRfbhtddX2nWqgP7v/J88M4uc3N2+cvn3t1q0b5yJNRuaejzR5ynL+/fTz8Pn/5WF7ft6v76/3Pho8cf6LYid6U/N/uXa72t5X5ty3JuT8B+kn5/92ap+8/x/l/Kfv/6820B8AAAAAAAAAAAAAAAB4nLIsdy8RvRwRF9P1P01dmwkAzFd+/S+TPF+tVh/L+s8L1h+1Wj3nuq6c7M16ERF/ra9TvWf45aQ7AwAW2f8i4h9Nd4LGyL/F8vf99fa+kRdoiZsffPjeta2tzRs3I5ab7gwAAAAAAAAA8Knk8T/Xa+M/fyEi1saWGxn/9a1YP+j4n7184+EAo095oO8pdjqDbqc23PhL8fjxv0/F48f/7s34ff0Z7YMZ7bPOypp1zsbECz1qcv4v1cY7r/I/OTb8ehvGfx0f874Ncv6nao/nKv8vjy1Xz7/87VHOvzOS/5lb7//szM0PPnzt+vvX3t18d/MnF86dO3vh4sVLly6deef61ubZ4b8N9vhw5fzz2Nc5f9oh558zl3+75Py/mGr5t0vO/0upln+75Pzz+z35t0vOP3/2kX+75PxfSbX82yXn/9VUy79dcv6vplr+7ZLz/1qq5d8uOf/XUr2//LuH3i/mI+d/OtX2/3bJ+Z9JtfzbJeefj3DJv11y/vnMBvm3S87/fKrl3y45/wupln+75PxfT7X82yXn//VUy79dcv4XUy3/dsn5fyPV8m+XnP+lVMu/XXL+30y1/Nsl5/+tVMu/XXL+b6Ra/u2S8/92quXfLjn/76R6Qv4O9h9jOf/vptr+3y45/zdTLf922fv+fzfcmM+N99JYkp/+fiJiu+mtOO43mn5mAgAAAAAAAAAAAADGzeN04qa3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI9dd3wH8zHrXXjskMRBSJzWwdoxxnCW7vsQXWhcTINBwK5dQ6AXb9a7Ngm947RIoko0CJRJGRRVt89JyEWrzUmFVPNCKojz0IqRK0D7QF0RViYeoCiggVaKozVZzzv//35nZuezas+uZcz4fKf55Z87MOXPmzOW7zncGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDRtjfMfraWZVn9v/yPzVn2ovrfN05szk977a3eQgAAAOBm/V/+5/N3phOOLuNCDcv88yu++42FhYWF7P3r/mTsiwsL6YyJLBvbkGX5edH1//xArXGZ4IlsvDbS8PNIj9Wv63H+aI/zx3qcv77H+Rt6nD/e4/wlO2CJjcXvY/Ir25H/dXOxS7O7srH8vB1tLvVEbcPISPxdTq6WX2Zh7FQ2l53JZrPppuWLZWv58t/aVl/XW7K4rpGGdW2tHyE//eTJuA21sI93NK1r8TqjH78+m/jZTz958i8vPXdPu9lzNzRdX7Gdu7bXt/PT4ZRiW2vZhrRP4naONGzn1jb3ybqm7azll6v/vXU7n1/mdq5b3Mw11Xqfj2cj+d+/l++n0cZf66X9tDWc9vP7siy7urjZrcssWVc2km1qOmVk8f4ZL47I+nXUD6WXZKMrOk63LeM4rc+ZHc3HaetjIt7/28LlRjtsQ+Pd9ONPrV9yv6/0OI3qt7rTY6X1GOz3Y2VQjsF4XHwvv9FPtj0Gd4Tb/8mdnY/BtsdOm2Mw3e6GY3B7OgY3tt/mkfXr8m1Od0Itv8ziMbinafl1+Zpq+Xx2Z/djcOrS2QtT8x//xGvmzp44PXt69ty+PXum9x04cOjQoalTc2dmp4s/b2hfD4NN2Uh6DGwP+y4+Bl7dsmzjobrwlRt/HG5u+Xm8y+Owddl+Pw5HW29cbW0ekEuP6eKx8d76Th+/NpJ1eIzl98/um38cptvd8DgcbXgtaPua0uZxOLqMx2F9mQu7l/eeZbThv3bbsFqvBZsbjsHW9yOtx2C/348MyjE4Ho6LH+zu/FqwNWzvk5MrfT+ybskxmG5ueO6pn5Le748fyke74/Le+hm3rc8uz89efPDxE5cuXdyThbEmXtpwrLQer5sablO25HgdWfHxenTuFU/e2+b0zWFfjb+m/sd4x/uqvsz+B7vfV/mrW/v92XTq3iyMPlvr/dnu1by+P1OW7LI/68t8eurm34unXNrw/DvW4fk35v4XivWlq3pi3dho8fhdl/bOWNPzcfNdNZo/d9XydT8/tbzn47Hw31o/H9/V5fl4S8uy/X4+Hmu9cfH5uNbrtx03p/X+HA/HyZnp7s/H9WW27F3pMTna9fn4vjBrYf/fH5JCykUNx06n4zata3R0LNyu0biG5uN0X9PyYyGb1df19N4bO0533Vdc17p06xat1XE60bJsv4/T9HzV6Tit9frt241pvT/Hw3Fx177ux2l9mWf23/xzZ0qJDc+d63sdg2Pr1te3eSwdhMXz/cLGeAw+mJ3Mzmdnspn83PX58VQk0smHlncMrg//rfVz5ZYux+CulmX7fQym17FOx15tdOmN74PW+3M8HBdPPdT9GKwv88aD/X3vuiuckpZpeO/a+vu1Tr/zurdlN63m77zq2/kPB7v/bra+zJlDK82Z3ffTA+GU29rsp9bHb6fH1Ey2NvtpS9jO5w513k/17akv88XDyzyejmZZduWjD+e/7w3/vvI3l7//jaZ/d2n3bzpXPvrwT24/9U8r2X4Aht8LxdhUvNY1/MvUcv79HwAAABgKMfePhJnI/wAAAFAaMffH/ys8kf8BAACgNGLuHw0zqUj+3/LG5+ZeuJKlZv5CEM9Pu+HRYrnYcZ0OP08sLKqf/vDXZv/7764sb90jWZb976N/0Hb5LY/G7SpMhO28/qbm05de8Mqy1n/8scXlGvvrXw7XH2/Pcg+DdhXc6SzLvnXn5/P1THzgWj6fefR4Pt999ckn6ss8f7j4OV7+2ZcWy/95KP8ePXWi6fLPhv3wozCn39p+f8TLff3a/VsPvm9xffFyte135Df7qQ8W1xs/J+cLTxTLx/3cafv//nNPf72+/OOvar/9V0bab//T4Xq/Fub/vLxYvvE+qP8cL/eZsP1xffFyD3712223//pni+UvPPLcXP3hfPyRcJyG9e8KP++on9/g8dqJptuVvblYLq5/+vt/lJ8fr+/CI+23f/zYtab90Xp8PPNvxfVMtSwfT4/rif62Zf3162k8PuP6n/7D4037udf6r7/72ZfXr7d1/Q+0LHfho7vz9S9eX/MnNv3FZz7fdn1xe47+9YWm23P0XeFxHNb/1AfD8RjO/8X14vpaP13h+Luan3/i8l/efKXp9kRv+Vmx/uuvO53PDeMbN932otvvuPrK+r7Lsu+9p7i+Xus//aXzTdv/lbuL/RHPjx391vV3Etd/8WOT587PX56badir+WfnvK3Ynri9d4bn1tafj52/9KHZixPTE9NZNlHej9C7YV8N8yfFuLrSy+9+LNyf9/7Ztzbt/NfPxdP//b3F6dfeWrxuvTos94Vw+uZw/93s+p/adnf++K49k/84li0s/bzgm7F1x38dWtaC4fa3vi+Ix/uFl30o3w/18/LXjfi4bt7+5s8/XoYfzhTX882wXxfCJzNvv3txfY3Lx89GuPae4vF+s+uPT3Pxfv2rcH+//UfF9cftirf3h+F9zLe3ND/fxePjm1dGWq8//xSPq+H5JLtanB+Xivv72vN3t928+Dkk2dV78p//OF3PPSu6mZ3Mf3x+6szcucuPT12anb80Nf/xTxw7e/7yuUvH8s/yPPbhXpdffH7alD8/zcwe2J/lz1bni7HKbvX2X3jsdVmW7ZyZPXXi8qlLj12YvXj65Pz8ydmZ+Z0nTp2a/Vivy8/NHNmz9/C+g3snT8/NHDl0+PC+w5Nz587XN6PYqB4OTH9k8tzFY/lF5o/sP7znoYf2T0+ePT8ze+Tg9PTk5V6Xz1+bJuuX/v3Ji7NnTlyaOzs7OT/3idkjew4fOLC356cBnr1wan5i6uLlc1OX52cvThW3ZeJSfnL9ta/X5Smn+f8o3s+2qhUfxJe984ED6fNZ6772qY5XVSzS8gGiz4XPovnOiy8cWs7PMfePhZlUJP8DAABAFcTcvz7M9CsB+R8AAABKI+b+DWEm8j8AAACURsz942EmFcn/+v/6/2Xt/79wRf+/0/r1//X/y6xk/f+V99d70P/vQf9f//+m+v8nZw5OD2T/f6HptXW0/eX1/1kNg9b/j7l/Y5ZVMv8DAABAFcTcvynMRP4HAACA0oi5/7YwE/kfAAAASiPm/heFmVQk/+v/6//r/+v/6/+3X7/+/3DS/+9O/78H/X/9/3L2/33/P7fMoPX/Y+6/PcykIvkfAAAAqiDm/jvCTOR/AAAAKI2Y++8MM5H/AQAAoDRi7t8cZlKR/K//r/+v/6//r//ffv36/8PpBvr3P2+siA9u/3/jSq+qrTXu/2/U/9f/1//X/9f/r7ZB6//H3P/iMJOK5H8AAACogpj7XxJmIv8DAABAacTc/9IwE/kfAAAASiPm/rvCTCqS//X/9f/1//X/h6P//6klt0f/X/+/nap+///6ZV6/7//vLF9Q/1//X/9f/5++GrT+f8z9LwszqUj+BwAAgCqIuf/uMBP5HwAAAEoj5v5fCjOR/wEAAKA0Yu7fEmZSkfyv/6//r/+v/z8c/X/f/6//vzyr2P/PG4mD2v9fLv3/HvT/9f9L2P+/I9P/59YZtP5/zP33hJlUJP8DAABAFcTcf2+YifwPAAAApRFz/y+Hmcj/AAAAUBox928NM6lI/tf/72v///7GYpb+v/5/y/Gh/6//r/+/Bqr6/f/Lpf/fg/6//n8J+/++/59badD6/zH3vzzMpCL5HwAAAKog5v5XhJnI/wAAAFAaMfe/MsxE/gcAAIDSiLl/IsxsfTijIvlf/9/3/+v/6/9XvP9fi1eo/18O+v/d6f/3sNr9/+KNp/7/KrnV26//r//PUoPW/4+5f1uYSUXyPwAAAFRBzP3bw0zkfwAAACiNmPvvCzOR/wEAAKA0Yu7fEWZSkfw/pP3/kc43SP8/0//X/++xfv1/3/9fZoPb/2/3SrGU/n/J+/++/39V3ertX8X+/3caDveO9P8ZRIPW/4+5/1VhJhXJ/wAAAFAFMffvDDOR/wEAAKA0Yu5/dZiJ/A8AAAClEXP/rjCTiuT/Ie3/d7lB+v+Z/v/q9/93f6m4oP6//r/+/8AZ3P7/8uj/6//r/w/v9vv+/4b+/8Zwov5/5Q1a/z/m/vvDTCqS/wEAAKAKYu7fHWYi/wMAAEBpxNz/QJiJ/A8AAAClEXP/ZJhJRfK//r/+v/6/7//X/2+/fv3/4aT/353+fw/6//r/Hbf/9p7r1//3/f8sNWj9/5j7XxNmUpH8DwAAAFUQc/+DYeZq8j8AAACUScz9U2Em8j8AAACURsz902EmFcn/a93/b9jD+v/6//r/+v/6//r/faf/392t6/+3e6VcSv9f/3+Yt1//X/+fpQat/x9z/54w0zu6iuR/AAAAqIKY+/eGmcj/AAAAUBox9+8LM5H/AQAAoDRi7t8fZlKR/O/7//X/9f/1//X/269f/384tBbs9f+78/3/Pej/6//r/+v/01eD1v+Puf+hMJOK5H8AAACogpj7D4SZyP8AAABQGjH3Hwwzkf8BAACgNGLuPxRmUpH8r/+v/6//r/+v/99+/fr/w0n/v7uq9P8j/f+VudX9+WHffv1//X+WGrT+f8z9h8NMKpL/AQAAoApi7n9tmIn8DwAAAKURc/+vhJnI/wAAAFAaMff/aphJRfK//r/+v/7/re3/X9X/1//X/+8r/f/uqtL/X53v/x/X/+9B/1//X/+fVoPW/4+5/0iYSUXyPwAAAFRBzP2/FmYi/wMAAEBpxNz/ujAT+R8AAABKI+b+o2EmFcn/+v/6//r/vv9f/7/9+vX/h5P+f3eD2/+Pj6xB7v/7/v9el9f/1//X/6fVoPX/Y+5/fZhJRfI/AAAAVEHM/Q+HmSzN/yNrt1UAAABAP8Xc/4YwE//+DwAAAKURc/8bw0wqkv/1//X/O/b/63e2/r/+v/5/ov8/HPT/uxvc/n9hsL//X/+/1+X1//X/9f9pNWj9/5j73xRmUpH8DwAAAFUQc/8jYSbyPwAAAJRGzP1vDjOR/wEAAKA0Yu5/S5hJRfK//r/+v+//X7P+/3Sm/78K/f9abZD6/63PoY30/9eG/n93g9v/Lx5R+v/6/8O8/fr/+v8sNWj9/5j7fz3MpCL5HwAAAKog5v5Hw0zkfwAAACiNmPvfGmYi/wMAAEBpxNz/tjCTiuR//X/9f/1/3/8/3P1/3/9PM/3/7ga3/1/Q/9f/H+bt1//X/2epQev/x9z/9jCTiuR/AAAAqIKY+98RZiL/AwAAQGnE3P/OMBP5HwAAAEoj5v7fCDOpSP7X/9f/1//X/9f/b79+/f/hpP/fnf5/D/r/+v/6//r/9NWg9f9j7n9XmElF8j8AAABUQcz97w4zkf8BAACgNGLuf0+YifwPAAAApRFz/3vDTCqS//X/9f/1//X/9f/br1//fzjp/3fX1P//xXjnBfX/9f/1//X/9f/pg0Hr/8fc/1iYSUXyPwAAAFRBzP3vCzOR/wEAAKA0Yu7/zTAT+R8AAABKI+b+94eZVCT/6//r/+v/6//3q/8fi85D3f9veBnQ/x9O+v/d+f7/HvT/9f+Hsf8fjlv9fwbRoPX/Y+7/QJhJRfI/AAAAVEHM/b8VZiL/AwAAQGnE3P/bYSbyPwAAAJRGzP2/E2ZSkfyv/6//r/+v/+/7/9uvX/9/OOn/d6f/34P+v/7/MPb/A/1/BtGg9f9j7v/dMJOK5H8AAACogpj7PxhmIv8DAABAacTcfyzMRP4HAACAoTHe4/yY+4+3Ll2R/K//r/+v/z+g/f8/3f4vP/juO47v0f/X/9f/XxH9/+70/3vQ/9f/1//X/6evBq3/H3P/iTCTiuR/AAAAqIKY+38vzET+BwAAgNKIuf9kmIn8DwAAAKURc/9MmElF8r/+v/6//v+A9v99/3+i/6//vxL6/93p//eg/6//r/+v/09frbj/P9HxqvrS/4+5fzbMpCL5HwAAAKog5v5TYSbyPwAAAJRGzP2nw0zkfwAAACiNmPs/FGZSkfyv/6//r/+v/6//3379+v/DSf+/O/3/HvT/9f/1//X/6atB+/7/mPvnwkwqkv8BAACgCmLu/3CYifwPAAAApRFz/0fCTOR/AAAAKI2Y+8+EmVQk/+v/6//r/69C//8f2x8f+v/6//r/q0//vzv9/x70//X/9f/1/+mr/vT/F7J+9f9j7j8bZlKR/A8AAABVEHP/uTAT+R8AAABKI+b+82Em8j/8P3v30WxpXe1x/HTd7ktTDO6tO7kDB058Ac6ZMLIKq3wFlkOdaaFgDmDOOWfFHBAFRcw5YUQxZwwoKioGVBxY0GutrnPOPvvp8HT38/zX5zNZKjR7k7rqV+23/gAAAMPI3X9J3NJk/+v/9f/6f+//6/83f77+f530/9vp/yfo//X/+n/9P7Na2vv/ufsfGrc02f8AAADQQe7+h8Ut9j8AAAAMI3f/pXGL/Q8AAADDyN1/WdzSZP/r//X/567/P3RY/6//1//r/+c2bP+/91+MU6T/n6D/b9D/H/wvk/5f/8/8ltb/5+5/eNzSZP8DAABAB7n7HxG32P8AAAAwjNz9j4xb7H8AAAAYRu7+R8UtTfa//l//7/1//b/+f/Pn6//Xadj+fyad+v9Lb7rgIbdfd4/rT+bz9f8d+v8z9/31//p/9lta/5+7/9FxS5P9DwAAAB3k7n9M3GL/AwAAwDBy9z82brH/AQAAYBi5+x8XtzTZ//p//b/+X/+v/9/8+fr/ddL/b9ep/z+Vz9f/6//1//p/5rW0/j93/+Pjlib7HwAAADrI3f+EuMX+BwAAgGHk7r88brH/AQAAYBi5+6+IW5rsf/2//l//r//X/2/+fP3/Oi2o/z+i/9f/6//1//r/yx58yYPO0/83trT+P3f/E+PWabL/AQAAoIPc/U+KW+x/AAAAGEbu/ifHLfY/AAAADCN3/1Pilib7X/+v/9f/6//1/5s/X/+/TtP9//9dvO3He/8/6P/1//p//b/3/5nB0vr/3P1PjVua7H8AAADoIHf/0+IW+x8AAACGkbv/6XGL/Q8AAADDyN3/jLilyf7X/5+Z/j97Rf2//n9H/3/8n0v9v/7/LFjQ+/+n9Pn6f/2//n+931//r/9nv6X1/7n7nxm3NNn/AAAA0EHu/mfFLfY/AAAADCN3/7PjFvsfAAAAhpG7/zlxS5P9r//3/r/+X/8/T/9/uP73tfX/Rw/4fP3/Oun/t9P/T9D/6//1//p/ZrW0/j93/3Pjlib7HwAAADrI3f+8uMX+BwAAgGHk7n9+3GL/AwAAwDBy978gbmmy/+fo/6/Q/+v/93x//f/mfz7G7v+PW1v/7/3/sej/t9P/T9D/6//1//p/ZrW0/j93/wvjlib7HwAAADrI3f+iuMX+BwAAgGHk7n9x3GL/AwAAwDBy978kbpnc/3fMXOSdG7v7/0Pe/9f/6/939P/6/2P0/+uk/99O/z9B/6//X0T/f7X+n2Esrf/P3f/SuMWv/wMAAMAwcve/LG6x/wEAAGAYuftfHrfY/wAAADCM3P2viFua7P853v8fuP8/qv/X/7fo/+/6E9D/6/8HMV//f6//0f/r//f2/0f2/HXQ/++m//f+/wn1/4en/kiMZGn9f+7+V8YtTfY/AAAAdJC7/1Vxi/0PAAAAw8jd/+q4xf4HAACAYeTuf03c0mT/6/+9/6//X2b/f7n3/4v+X/9/Mrz/v90p9f87+n/v/6+l/z8//pP+f9H9P60srf/P3f/auKXJ/gcAAIAOcve/Lm6x/wEAAGAYuftfH7fY/wAAADCM3P1viFua7P9Z+/+7fpT+v+j/9f97//lY7Pv/+v+Nn6//Xyf9/3be/5+g/195/+/9f/0/S7O0/j93/xvjlib7HwAAADrI3X9l3GL/AwAAwDBy978pbrH/AQAAYBi5+98ctzTZ/97/37mn/l//r//X/2/6fP3/Oun/t9P/T9D/6//1//p/ZrW0/j93/1vilib7HwAAADrI3f/WuMX+BwAAgGHk7n9b3GL/AwAAwDBy9789bmmy//X/p/3+/90JsP5/9/c/oP+vv0z6/92/v/7/GP2//n8O+v/t9P8T9P/6f/2//p9ZLa3/z93/jrilyf4HAACADnL3vzNusf8BAABgGLn73xW32P8AAAAwjNz9745bmux//f9p9/93G63//6/ozL3/r//X/x//4+r/10H/v53+f4L+X/+v/9f/M6ul9f+5+6+KW5rsfwAAAOggd/974hb7HwAAAIaRu//quMX+BwAAgGHk7n9v3NJk/+v/9f9n8f1//b/+X/+v/z/j9P/b6f93dnau2fIF9P/6f/2//p9ZLa3/z93/vrilyf4HAACADnL3XxO32P8AAAAwjNz918Yt9j8AAAAMI3f/++OWJvtf/6//1//r//X/mz9f/79Ovfv/rOUPpv+foP/X/+v/9f/Mamn9f+7+D8QtTfY/AAAAdJC7/7q4xf4HAACAYeTu/2DcYv8DAADAMHL3Xx+3NNn/u/r/jFr1//r/M9j/33kK/f+R+G36//n6/4s3fL7+X/8/gt79/zT9/4T/PfZTgv5f/6//1/8zj6X1/7n7PxS3XLRnGAIAAACrlbv/w3FLk1//BwAAgA5y938kbrH/AQAAYBi5+z8atzTZ/97/1/97/79n/+/9f/3/qPT/2+n/J3j/X/+v/9f/M6ul9f+5+z8WtzTZ/wAAANBB7v6Pxy32PwAAAAwjd/8n4paLNv5fugEAAIAVyt3/ybilya//6//1//p//b/+f/Pn6//XSf+/nf5/gv5f/6//1/8zq6X1/7n7PxW3NNn/AAAA0EHu/k/HLfY/AAAADCN3/2fiFvsfAAAAhpG7/7NxS5P9r//X/+v/m/X/V563s6P/1/8PTP+/nf5/gv5f/6//1/8zq6X1/7n7Pxe3NNn/AAAA0EHu/s/HLfY/AAAADCN3/xfiFvsfAAAAhpG7/4txS5P9r//X/+v/m/X/3v/X/w9O/7+d/n+C/l//r//X/zOrpfX/ufu/FLc02f8AAADQQe7+G+IW+x8AAACGkbv/y3GL/Q8AAADDyN3/lbilyf7X/+v/9f+j9v/nH/j5+n/9/8iW0v9feOF9b9T/6//1//p//b/+v7ul9f+5+78atxw4/O643wn8aQIAAAALkrv/a3FLk1//BwAAgA5y9389brH/AQAAYBi5+78RtzTZ//p//X/H/n+vMfv/3Z9/H/2//r+JpfT/3v8/te+v/9f/r/n76//1/+y3tP4/d/+NcUuT/Q8AAAAd5O7/Ztxi/wMAAMAwcvd/K26x/wEAAGAYuftvilua7H/9/7b+/7/1/4P2/z3e/z/48/X/+v+Rrbr/P6r/1/+fy/7/orPYz98yw/fdJ39a1v/r/1mQpfX/ufu/Hbc02f8AAADQQe7+78Qt9j8AAAAMI3f/d+MW+x8AAACGkbv/e3FLk/2v//f+v/5f/6//3/z5+v91WnX/7/1//b/3/1f9/fX/+n/2W1r/n7v/+3FLk/0PAAAAHeTu/0HcYv8DAADAMHL3/zBusf8BAABgGLn7fxS3NNn/+n/9v/7/BPv/I/E76/+L/v8Y/f+y6P+30/9P0P/r//X/+n9mtbT+P3f/j+OWJvsfAAAAOsjd/5O4xf4HAACAYeTu/2ncYv8DAADAMHL3/yxuabL/9f/6f/2/9//1/5s/X/+/Tvr/7fT/E/T/+n/9v/6fWS2t/8/d//O4pcn+BwAAgA5y998ct9j/AAAAMIzc/b+IW+x/AAAAGEbu/l/GLU32f8v+/5D+/yT6/5tvPfabGvf/x//u6v/1/2ej/z+k/z8t+v/t9P8T9P/6/4nvf2TLjx++/z+8/cdP9f8TP5xBLa3/z93/q7ilyf4HAACADnL3/zpusf8BAABgGLn7b4lb7H8AAAAYRu7+38QtTfZ/y/7f+//e//f+v/5/wf2/9/9Pj/5/u3PZ/992Ah+r/9f/r/n7D9//T/D+P5ssrf/P3f/buKXJ/gcAAIAOcvffGrfY/wAAADCM3P2/i1vsfwAAABhG7v7fxy1N9r/+X/+v/9f/6/83f77+f530/9t5/3+C/l//r//X/zOrpfX/ufv/ELc02f8AAADQQe7+2+IW+x8AAACGkbv/j3GL/Q8AAADDyN3/p7ilyf7X/y+k/48vof/X/+v/T6b///8Lrrjh/g+89ir9P8fp/7fT/0+Yr/9/wL31//p//b/+n7PV/x890f4/d/+f45Ym+x8AAAA6yN1/e9xi/wMAAMAwcvf/JW6x/wEAAGAYufv/Grc02f/6/4X0//Fj9P/6/0X3/+ft/uOe+/7f+//6//30/9vp/yecaP9/108c3v/fR/+v/9f/s9dZ6v8P7P33/vfc/X+LW5rsfwAAAOggd//f4xb7HwAAAIaRu/+OuMX+BwAAgGHk7v9H3NJk/+v/9f/6f/3/et//P2P9/91/S/X/66T/307/P2G+9//1//p//b/+nwX2/7n7/xm3NNn/AAAA0EHu/n/FLfY/AAAADCN3/51xi/0PAAAAw8jd/++4pcn+1/+vs/8/Eh24/l//r//3/j+76f+30/9P0P/r//X/+n9mtbT+P3f/fwIAAP//Qhhjug==")

3m34.962607683s ago: executing program 4 (id=2226):
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x1, 0x42, &(0x7f00000002c0), 0x10)

3m34.806876642s ago: executing program 4 (id=2227):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000980)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
chdir(&(0x7f00000000c0)='./file1\x00')
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)

3m34.50148953s ago: executing program 5 (id=2230):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x5e, 0xc4, 0x92, 0x40, 0x545, 0x800d, 0x30a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xeb, 0x2, 0x0, 0xd, 0x95}}]}}]}}, 0x0)

3m34.494526493s ago: executing program 4 (id=2232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x15, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8000080}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3m34.106477732s ago: executing program 38 (id=2230):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x5e, 0xc4, 0x92, 0x40, 0x545, 0x800d, 0x30a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xeb, 0x2, 0x0, 0xd, 0x95}}]}}]}}, 0x0)

3m34.059737813s ago: executing program 4 (id=2234):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='//', 0x0)

3m33.768832988s ago: executing program 39 (id=2234):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='//', 0x0)

3m6.627170952s ago: executing program 9 (id=2425):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f0000000740)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000480)={0x0, 0x13, 0x4, "0cb54be7"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

3m4.45533921s ago: executing program 9 (id=2434):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x25dfdbfe, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x9}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x7, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x6c}}, 0x0)

3m4.455024393s ago: executing program 9 (id=2435):
syz_usb_connect$uac1(0x3, 0xa2, &(0x7f0000000040)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902900003010380000904000000010100000a24010f00030201020c2402060602040c0032a304090401000001020000090401010101020000072401200404000c2402010201400f0a3b4725090501090000f7090607250183020c000904020000010300000904020101010200000724"], 0x0)

3m3.240146841s ago: executing program 9 (id=2449):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRESOCT], 0x1, 0x2dd, &(0x7f0000000600)="$eJzs3T9rZFUUAPDzJpPJ26hkERvF4oEWVmG3tkmUFcRUygjaaHCzIHlhIYHABjG7lZ/AUj+HH8HGxi8ggq1gtxbRK+9fZiZ5o4PJrEh+v+rOvfece/JumKnmzKevHuzff5jFk6c/R/5TFoOt2Io/s7gdg+g8jmFc1jcHAPwf/J5S/Jb+TeRwcP3VAADPQvP531g86tYySwIAluyDjz5+b3tn5977RZHHyxuRjbOIOPjqeNysbz+Iz6OMvbgTG3EWkc4143fe3bkXw6JyO14/OD0eV5EHn/zQ5t/+NaKOf66d6Im/WzSm4k+Px6uxHkVsP1jtSt2Il/rPX+l2TMXHeBRvvDZV/2ZsxI+fxcMo435dxiT+y7tF8XbK2yRVfDaI8Vq9byI1x+TLvQ8AAAAAAAAAAAAAAAAAAAAAAG6GzaLImvY9df+eaqrtv7NyVq9vts15imHM9udp4rMuUdMfKHUdfk5TfNP117lTFEVqNo4m+YfxytCPCAAAAAAAAAAAAAAAAAAAAEDl6NHJ/m5Z7h1ey6DrBtB9rX+xqNGlma3JzFqV5/mYn7DeMFrorOluA1Wt8zavV4MYDuPvEz5NjaNHJ6sxszS6sHnQHdqf8Nb8pSsM1iaX+2E0g+5irpQ5XbiLF99qXp/s7xbtnu4h7+9m/3RW3uX5buZfIhau54WIvs2prvAszSxFfl5q9TQeVxXWS6NrevKjQe/SHymlxfK8+UtzR+1MVrfYWOz01XYwFT67J798F9/PTzj3LWPlau84AAAAAAAAAAAAAAAAAADAPPV3fde/3Ts86ll8Mv3ii68vrA6WWxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDv17/+X5d7h+SCPiN2yXOtZ6ganbXDP0sXBKA6P/uM/EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBvgrwAAAP//fS1B4A==")
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0)
mount(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000200)='proc\x00', 0x16, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

3m3.115845075s ago: executing program 9 (id=2451):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000fc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "cfc5"}]}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "8f"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xdc}}, 0x0)

3m2.803567791s ago: executing program 9 (id=2456):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000000c0)={@mcast2, 0x57, r2})

3m2.579675s ago: executing program 40 (id=2456):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000000c0)={@mcast2, 0x57, r2})

2m7.516703034s ago: executing program 2 (id=2990):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x34325241, 0x3, [0x2], [0x80ffff, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x3], [0x1000]})

2m7.465801975s ago: executing program 2 (id=2993):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000100)={[{@nls={'nls', 0x3d, 'maccroatian'}}, {}, {@uid}, {@force}, {@nobarrier}, {@gid}]}, 0x20, 0x6de, &(0x7f0000001f80)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT")
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m7.391814321s ago: executing program 2 (id=2996):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)
recvmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0xa3)

2m6.096788355s ago: executing program 2 (id=3002):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x1, 0x3, 0x10004, 0x5}, 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7, 0x32, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x35)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call]}, &(0x7f0000000300)='GPL\x00', 0x9}, 0x94)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000d00)={0xf})
setsockopt$packet_int(r1, 0x107, 0x7, 0x0, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000f80)=ANY=[@ANYRES32, @ANYRESOCT=r3, @ANYRES64, @ANYRES32=r2, @ANYRESHEX=r0, @ANYBLOB="dcbad75874838ee9d635d231d8ada4fbce283fc108eb1674c447c2cacd7712c7124967176232231e047bcd3750482cbe917dcb65eb8367e7bb4952aea27a49b689a096991e45e3d935deb6e18d4d78227f2011d3c930", @ANYRES8], 0xff, 0x6e5, &(0x7f0000001600)="$eJzs3c9vHGcZB/DvrNeON1TBaZM2QkVYiVSQIhInVgrhgkEI5VChqhx6thKnsbpJqsRFaYUgBQQnJA79AwqSbxwQEvegcOFSbr36WAmJS8QhqpAWzezsetdex3Zirx34fKLxvO+877zzzDO/vOusNsD/rStn03yQIlfOvnGvrK+tzrfXVueP1M3tJGW5kTS7sxS3kuJhslC2FwNTBuabfLx8+a3PHq193q0166nqP9Ffb3pHIY/Yxv16ymw93uzINSd3NH53rCq8vJDkaj0fNrXTsYY6lkk7U8/hwHU2ub+b1be83oHDr/d0KrrPzU1mkqP1k7n6naC+OzTGF+H+2NVdDgAAAJ5Tn94+6AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+VN//39RT416ntkUve//n+otq8uH0MKOez7Y1zgAAAAAAAAAYDy+9jiPcy/HevVOUf3N/3RVOZEvOsmX8n7uZil3ci73spiVrOROLiSZGRho6t7iysqdC/01S6PXvDhyzYvj2mMAAAAAAAAA+J/0i7TW//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHQZFMdGfVdKKeZyaNZtbbcj/5R5Kpg453F4pRCx+MPw4AAAB4JtNPsc6XH+dx7uVYr94pqtf8L1evl6fzfm5lJctZSTtLuVa/hi5f9TfWVufba6vzN8uprA+P+71/7SqMqXqEiao2asunqh6tXM9yteRcrhbJfzqdTqO77TPJqV48A3EN+KiMqfhubYeRNeu0lnv+u63eRdgTw29FNJ7Qs7UeXNLPyFwdW7nm8W4GiuqNmmRjJrY9Os2h2kw16mR/SxfS6L/zc2Ifcn60npf78+t9zflu9TPRSJWJi2n0j9TLT85E8vW//PHtG+1b7964fvfs4dmlbUxssXzjOTE/kIlXnutMNHfZf67KxMl+/Up+mB/nbGbzZu5kOT/JYlaylE7dvlifz+XPmSdnamGo9uZ2kUzVx6V7zHYS02x+UJUWc7pa91iWU+R2rmUpr1f/LuZCvpVLuZTLA0f45JZxV/tWXfWNjVd970j/dWTwZ75RF8q722/W73ILT9rjrc7OvdK995d5PT6Q1+5Z/6jf6/jAdTA3kKUXe9mZHDn409wbm1+pC+U2frnNc2K8ZupMlBdQ7ynRi+6lbiaa1bNo83n++065Xtq3Op0bi+9tMf79DfXX6nl5Wq1+dbvePaMPxd4qz5cXM13fSYbPjrLtpf5dZqCts34ud9uGn7jleiertqLoXak/yu3qBNh8pU7Vv8N1R5oYGOli1fbKyK3MV22nBtqGft/K7bRzbQz5A+Bp/P3tfnEmR6da/2x92vqk9avWjdYb098/8u0jr05l8m+T32nOTbzWeLX4cz7Jz9Zf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/v7gcfvrvYbi/dGV1obN20uND74pp2e6mVjX02jlw0U/U5MnrAov5Cn23iOZSFNDc3TZd5GVwy2U3UmCNsbQxjU6Hz82TsGet9ieDoPr8tC81NZ9SowsLQkj9tHvCjXUZY7Oy62MdCI+PdaHkVj2o6oBsSMDbnV26+d/7uBx9+c/nm4jtL7yzdmrx06fLc5Uuvz5+/vtxemuv+POgogf2w/tA/6EgAAAAAAAAAAACAnRr1wYDTL2z3oZEdfcbD/ywEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9sSVs2k+SJELc+fmyvra6ny7nHrl9Z7NJI1GUvw0KR4mC+lOmRkYrsgfHqYzYjsfL19+67NHa5+vj9Xs9k8a9XxrT25Ncr+eMptkop4/g6Hxrj7zeMW/e/tQJuyLTqez8Gzxwd74bwAAAP//uNjyEw==")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4aa, &(0x7f0000001140)="$eJzs3c9PXFsdAPDvvUChlBaqXahRW2u1mqYzMG1J01V1oTFNE2PjykWLMCWEGYYwgxbsgv4PJjZxpX+CCxMXJl25d6e7t+lbNOl7r3kv5SVvMS/3zvCjlAHeK2US5vNJTu499wzzPYfJPWf4AnMC6FkXImItIk5ExIOIGG1fT9olbrdK9rjXrx5Pr796PJ1Es3nv4yRvz67Ftq/JnGo/51BE/OaXEb9P3o5bX1mdn6pUykvterFRXSzWV1avzlWnZsv9sVAqTU5Mjt+8dqN0aGM9X/3Hy1/M3fntv//1vef/Xfvpn7JujbTbto/jMLWGPrAZJ9MfEXfeR7Au6GuP50S3O8LXkkbENyLiYn7/j0Zf/moCAMdZszkazdHtdQDguEvzHFiSFtq5gJFI00KhlcM7F8NppVZvXHlYW16YaeXKxmIgfThXKY+3c4VjMZBk9Yn8fKte2lG/FhFnI+LPgyfzemG6Vpnp5hsfAOhhp3as/58NttZ/AOCYG+p2BwCAI2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvLru3ez0lxvf/71zB9WlucHI6Jcny9Ul6cL07WlxcJsrTabf2ZPdb/nq9RqixPXY/lRsVGuN4r1ldX71dryQuN+/rne98sDRzIqAGAvZ88/+38SEWu3TuYltu3lYK2G4y3tdgeArunrdgeArrHbF/QuP+MDu2zR+4aOfyL09PD7AhyNy9+W/4deJf8PvUv+H3qX/D/0rmYzsec/APQYOX7A7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqxvJS5IW2nuBj0SaFgoRpyNiLAaSh3OV8nhEnImI/w0ODGb1iW53GgB4R+mLpL3/1+XRSyM7W08knw/mx4j441/v/eXRVKOxNJFd/2TzeuNp+3qpG/0HAPazsU5vrOMbXr96PL1RjrI/L3/W2lw0i7veLq2W/ujPj0MxEBHDnybtekv2fqXvEOKvPYmIb+02/iTPjYy1dz7dGT+LffpI46dvxE/zttYx+1588xD6Ar3mWTb/3N7t/kvjQn7c/f4fymeod7cx/62/Nf+lm/NfX4f578JBY1z/z686tj2J+E7/VvwXP9+afzbiJx3iXzpg/A+++/2Lndqaf4u4HLuNP3kjVrFRXSzWV1avzlWnZsuz5YVSaXJicvzmtRulYp6jLm5kqt/20a0rZ/Ya/3CH+EP7jP9HBxz/37948Lsf7BH/Jz/c/fU/t0f8bE388QHjTw3/s+P23Vn8mQ7j3+/1v3LA+M8/XJ054EMBgCNQX1mdn6pUyktOnDhxsnnS7ZkJeN+2bvpu9wQAAAAAAAAAAAAAAOjkKP6dqNtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pj6MgAA//8Z7dZO")
syz_emit_vhci(&(0x7f0000001100)=ANY=[@ANYBLOB="040e04001120"], 0x7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

2m5.955532361s ago: executing program 2 (id=3004):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r0, &(0x7f0000000080)="29000000140005b7ff000000040860eb01cb02fcb2e4e6589b3e0ed7283f14b912685e684c42b9eeb9", 0x29)

2m5.646655294s ago: executing program 2 (id=3009):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x26, 0xe4, @void}, 0x10)

2m5.20802755s ago: executing program 41 (id=3009):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x26, 0xe4, @void}, 0x10)

2.322052247s ago: executing program 0 (id=4579):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000280)="fb", 0x1}], 0x1)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x9}, 0x8)
close(r1)

1.348686918s ago: executing program 0 (id=4591):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x12, &(0x7f0000000140)=@framed={{0x18, 0x8, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x40004}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x9}, @generic={0x66, 0x0, 0x0, 0x0, 0xf1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x1001}, @exit, @printk={@x, {0x3, 0x3, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0xa}, 0x94)

1.293014702s ago: executing program 0 (id=4592):
syz_usb_connect(0x1, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x9, 0x94, 0x73, 0x8, 0x1199, 0x6821, 0x9859, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0x3, 0x0, 0x0, 0x37, 0x5d, 0xd2}}]}}]}}, 0x0)

1.221357824s ago: executing program 8 (id=4595):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0xc00, 0x0)
ioctl$FBIOPUTCMAP(r0, 0x4605, 0x0)

1.221161366s ago: executing program 8 (id=4596):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x4a, &(0x7f0000000000)=0x20, 0x4)

1.221038948s ago: executing program 8 (id=4597):
r0 = shmget$private(0x0, 0x2000, 0x54003f00, &(0x7f0000ffc000/0x2000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0x6000)
madvise(&(0x7f0000109000/0x3000)=nil, 0x3000, 0x9)

1.145370906s ago: executing program 8 (id=4598):
r0 = io_uring_setup(0x4126, &(0x7f00000007c0)={0x0, 0x0, 0x800, 0x0, 0x1000000})
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x13, &(0x7f0000001bc0), 0x2)

504.689372ms ago: executing program 3 (id=4608):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000280)={0xe0, 0x10, 0x509, 0x0, 0x0, "", [@nested={0x9d, 0x9c, 0x0, 0x1, [@nested={0x8, 0x13a, 0x0, 0x1, [@nested={0x4, 0x7d}]}, @typed={0x8, 0xe9, 0x0, 0x0, @uid}, @typed={0x8, 0xb7, 0x0, 0x0, @ipv4=@local}, @generic="46e16f7519cabb74e75f5284a7644ee2669cf260d7ee8a72b1d2136dd2cf8f62ab5e0a5db5c620d94653ffcf494387a7cace4f6db5809d7bfd444c39f08538cf4ab4867900a34e58819453bee4b96fc4da12184791474d35fe57ec181883bcd4803ca788a4adfedaaf47763633fea932df1a5ecc8e402f4288d8b2085e457fcdfc"]}, @generic="b7b86d126d136b69478a408c8a3294c0ebf12eb1653e0d0ce38a7973dbf1402bbd1ead61ed55bb641efcc2b6ac"]}, 0xe0}], 0x1}, 0x0)

408.683858ms ago: executing program 3 (id=4609):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x41071, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000005, 0x20000000ec071, 0xffffffffffffffff, 0x0)

226.540855ms ago: executing program 8 (id=4610):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = syz_open_procfs(0x0, &(0x7f0000002280)='oom_adj\x00')
write$cgroup_int(r0, &(0x7f0000000300)=0x3fc, 0x12)

224.973401ms ago: executing program 8 (id=4611):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r2 = fanotify_init(0xf00, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000540), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000f40)=""/4096, 0x1001}], 0x1)

221.264409ms ago: executing program 3 (id=4612):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000200000006110000000000000620000000000000095"], &(0x7f0000000100)='GPL\x00', 0x5, 0xd2, &(0x7f00000002c0)=""/210, 0x0, 0x5}, 0x94)

141.562508ms ago: executing program 3 (id=4613):
r0 = socket(0x10, 0x3, 0x0)
r1 = getpid()
sendmsg$netlink(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000440)={0x10, 0x33, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x10}], 0x1, &(0x7f0000001dc0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x10}}], 0x30, 0x4}, 0x4000000)

141.193105ms ago: executing program 3 (id=4614):
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x5452, &(0x7f0000000000))
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

64.71881ms ago: executing program 0 (id=4615):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)={0x1, 0x16b, 0x7, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @can={{0x2}, 0x8, 0x3, 0x0, 0x0, "ae771949a0cb35d4"}}, 0x48}}, 0x20000000)

64.419075ms ago: executing program 3 (id=4616):
r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x1)
write$binfmt_elf32(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03"], 0xd8)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

64.236813ms ago: executing program 0 (id=4617):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x6a, 0x2, 0x0, &(0x7f0000000000)=0x8328be7a30208093)

0s ago: executing program 0 (id=4618):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@allocspi={0x100, 0x16, 0x1, 0x0, 0x0, {{{@in6=@loopback, @in=@broadcast}, {@in=@dev, 0x0, 0x6c}, @in6=@mcast2}, 0x0, 0x7fff}, [@proto={0x5, 0x1b}]}, 0x100}}, 0x0)

kernel console output (not intermixed with test programs):

382.104677][   T47] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  382.111321][   T47] usb 4-1: config 253 has no interface number 0
[  382.114843][   T47] usb 4-1: config 253 interface 176 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  382.144391][   T47] usb 4-1: config 253 interface 176 has no altsetting 0
[  382.158287][   T47] usb 4-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=25.28
[  382.164849][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.172717][   T47] usb 4-1: Product: syz
[  382.174642][   T47] usb 4-1: Manufacturer: syz
[  382.187819][   T47] usb 4-1: SerialNumber: syz
[  382.205684][   T47] usb 4-1: cannot find UAC_HEADER
[  382.242781][   T47] snd-usb-audio 4-1:253.176: probe with driver snd-usb-audio failed with error -22
[  382.280640][T14136] 8021q: adding VLAN 0 to HW filter on device bond0
[  382.302623][T14136] 8021q: adding VLAN 0 to HW filter on device team0
[  382.320535][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.323596][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  382.357236][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.359701][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  382.421013][ T5897] usb 4-1: USB disconnect, device number 12
[  382.501807][T14136] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.526814][   T55] Bluetooth: hci2: command tx timeout
[  382.554542][T14136] veth0_vlan: entered promiscuous mode
[  382.561448][T14136] veth1_vlan: entered promiscuous mode
[  382.578525][T14136] veth0_macvtap: entered promiscuous mode
[  382.583287][T14136] veth1_macvtap: entered promiscuous mode
[  382.597382][T14136] batman_adv: batadv0: Interface activated: batadv_slave_0
[  382.604889][T14136] batman_adv: batadv0: Interface activated: batadv_slave_1
[  382.623697][ T5867] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  382.627872][ T5911] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  382.632544][ T5911] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  382.642743][ T5911] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  382.782644][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.789999][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.831620][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.838507][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.154297][T14269] loop0: detected capacity change from 0 to 128
[  383.182348][T14269] affs: No valid root block on device loop0
[  383.631256][T14295] loop8: detected capacity change from 0 to 2048
[  383.660014][T14295] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.684421][   T33] audit: type=1800 audit(383.539:123): pid=14295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3048" name="bus" dev="loop8" ino=18 res=0 errno=0
[  383.783815][T11619] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.246684][T14304] loop8: detected capacity change from 0 to 40427
[  384.253735][T14304] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  384.261016][T14304] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  384.271752][T14304] F2FS-fs (loop8): invalid crc value
[  384.353771][T14304] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  384.361322][T14304] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  384.364588][T14304] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  384.596574][   T55] Bluetooth: hci2: command tx timeout
[  384.862078][T14346] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3064'.
[  384.946999][T14352] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3067'.
[  385.108665][T14354] loop0: detected capacity change from 0 to 32768
[  385.116685][T14354] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3068 (14354)
[  385.123886][T14354] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  385.128485][T14354] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  385.135874][   T47] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  385.157615][T14354] BTRFS info (device loop0): enabling ssd optimizations
[  385.161635][T14354] BTRFS info (device loop0): enabling free space tree
[  385.192362][T14136] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  385.248421][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.376399][   T47] usb 4-1: Using ep0 maxpacket: 16
[  385.380637][   T47] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  385.385256][   T47] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  385.397498][   T47] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  385.401803][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.412015][   T47] usb 4-1: Product: syz
[  385.413966][   T47] usb 4-1: Manufacturer: syz
[  385.422193][   T47] usb 4-1: SerialNumber: syz
[  385.632264][   T47] usb 4-1: 0:2 : does not exist
[  385.640761][   T47] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  385.666780][   T47] usb 4-1: USB disconnect, device number 13
[  385.945196][    T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  386.097091][    T9] usb 1-1: config 0 has an invalid interface number: 84 but max is 0
[  386.099766][    T9] usb 1-1: config 0 has no interface number 0
[  386.104014][    T9] usb 1-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[  386.107768][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.110661][    T9] usb 1-1: Product: syz
[  386.112104][    T9] usb 1-1: Manufacturer: syz
[  386.114099][    T9] usb 1-1: SerialNumber: syz
[  386.117729][    T9] usb 1-1: config 0 descriptor??
[  386.122287][    T9] ljca 1-1:0.84: bulk endpoints not found
[  386.251266][T14381] loop3: detected capacity change from 0 to 8
[  386.328128][T14375] loop0: detected capacity change from 0 to 8
[  386.333414][T14375] unable to read inode lookup table
[  386.338783][    T9] usb 1-1: USB disconnect, device number 16
[  387.065536][T14386] loop0: detected capacity change from 0 to 32768
[  387.072854][T14386] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  387.082011][T14386] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  387.124139][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  387.250811][T14394] tmpfs: Bad value for 'mpol'
[  387.381100][T14404] bridge_slave_0: left allmulticast mode
[  387.383563][T14404] bridge_slave_0: left promiscuous mode
[  387.392094][T14404] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.404076][T14404] bridge_slave_1: left allmulticast mode
[  387.410472][T14404] bridge_slave_1: left promiscuous mode
[  387.414134][T14404] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.433164][T14404] bond0: (slave bond_slave_0): Releasing backup interface
[  387.443473][T14404] bond0: (slave bond_slave_1): Releasing backup interface
[  387.464795][T14404] team0: Port device team_slave_0 removed
[  387.472317][T14404] team0: Port device team_slave_1 removed
[  387.477424][T14404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  387.480484][T14404] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.485587][T14404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  387.489244][T14404] batman_adv: batadv0: Removing interface: batadv_slave_1
[  387.903522][T14420] loop3: detected capacity change from 0 to 32768
[  387.908262][T14420] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section errors: entries out of order
[  387.908262][T14420] errors (size 64):
[  387.908262][T14420] (unknown error 63098)           98139432299383  16981954538416098692
[  387.908262][T14420] backpointer_to_missing_ptr      0               34376515584
[  387.908262][T14420] (unknown error 62899)           26163           1611530240
[  387.908262][T14420] 
[  387.926504][T14420] bcachefs: bch2_fs_get_tree() error: invalid_sb_errors
[  388.003594][   T33] audit: type=1326 audit(387.859:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.025575][   T33] audit: type=1326 audit(387.859:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.038727][   T33] audit: type=1326 audit(387.889:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.055442][   T33] audit: type=1326 audit(387.899:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.073616][   T33] audit: type=1326 audit(387.899:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.103768][   T33] audit: type=1326 audit(387.899:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.112819][   T33] audit: type=1326 audit(387.899:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.129668][   T33] audit: type=1326 audit(387.899:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14429 comm="syz.8.3097" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f4198eba9 code=0x7ffc0000
[  388.186148][T14428] loop0: detected capacity change from 0 to 32768
[  388.239466][T14428] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  388.332397][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  388.961004][T14457] loop0: detected capacity change from 0 to 1024
[  388.976682][T14457] hfsplus: bad catalog entry type
[  388.994355][ T7485] hfsplus: b-tree write err: -5, ino 4
[  389.021921][T14461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3110'.
[  389.648963][T14465] loop0: detected capacity change from 0 to 32768
[  389.658325][T14465] XFS: noikeep mount option is deprecated.
[  389.660626][T14465] XFS: attr2 mount option is deprecated.
[  389.663034][T14465] XFS: noikeep mount option is deprecated.
[  389.781749][T14465] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  390.043056][T14465] XFS (loop0): Ending clean mount
[  390.101727][T14465] XFS (loop0): Quotacheck needed: Please wait.
[  390.207572][T14465] XFS (loop0): Quotacheck: Done.
[  390.248217][   T33] audit: type=1800 audit(390.109:132): pid=14465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3112" name="bus" dev="loop0" ino=9291 res=0 errno=0
[  390.307181][T14136] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  391.421140][T14506] loop0: detected capacity change from 0 to 32768
[  391.486802][T14506] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  391.554041][T14506] XFS (loop0): Ending clean mount
[  391.558781][T14506] XFS (loop0): Quotacheck needed: Please wait.
[  391.602238][T14506] XFS (loop0): Quotacheck: Done.
[  391.708434][T14136] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  392.012529][T14530] loop8: detected capacity change from 0 to 32768
[  392.134896][T14538] 9pnet: p9_errstr2errno: server reported unknown error 
[  392.440513][T14558] loop8: detected capacity change from 0 to 2048
[  392.446881][T14558] UDF-fs: error (device loop8): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  392.565559][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  392.730485][   T24] usb 4-1: Using ep0 maxpacket: 8
[  392.739295][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  392.743521][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  392.780105][   T24] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  392.784798][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.791978][   T24] usb 4-1: Product: syz
[  392.794011][   T24] usb 4-1: Manufacturer: syz
[  392.804913][   T24] usb 4-1: SerialNumber: syz
[  392.842618][   T24] usb 4-1: config 0 descriptor??
[  393.056114][T14578] trusted_key: encrypted_key: master key parameter is missing
[  393.118423][T14580] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  393.302340][ T5897] usb 4-1: USB disconnect, device number 14
[  393.350579][T14582] loop0: detected capacity change from 0 to 32768
[  393.354776][T14582] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3157 (14582)
[  393.361761][T14582] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  393.365654][T14582] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  393.450285][T14582] BTRFS info (device loop0): enabling ssd optimizations
[  393.452959][T14582] BTRFS info (device loop0): enabling free space tree
[  393.459053][T14582] BTRFS info (device loop0): use lzo compression, level 0
[  393.530212][T14601] loop8: detected capacity change from 0 to 256
[  393.532634][T14136] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  394.149177][T14615] loop8: detected capacity change from 0 to 32768
[  394.173855][T14615] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  394.220797][T11619] ocfs2: Unmounting device (7,8) on (node local)
[  395.584025][T14662] loop0: detected capacity change from 0 to 8192
[  395.589179][T14659] loop8: detected capacity change from 0 to 32768
[  395.628727][T14662] Dev loop0 Sun disklabel: Csum bad, label corrupted
[  395.688458][T14659] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=ask,norecovery,nojournal_transaction_names
[  395.688492][T14659]   allowing incompatible features above 0.0: (unknown version)
[  395.688502][T14659]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  395.705876][T14659] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  395.710410][T14659] bcachefs (loop8): recovering from clean shutdown, journal seq 10
[  395.713972][T14659] bcachefs (loop8): superblock requires following recovery passes to be run:
[  395.713972][T14659]   delete_dead_inodes,fix_reflink_p
[  395.722634][T14659] bcachefs (loop8): Version upgrade required:
[  395.722634][T14659] Version upgrade from 0.8: (unknown version) to 1.7: mi_btree_bitmap incomplete
[  395.722634][T14659] Doing incompatible version upgrade from 0.8: (unknown version) to 1.28: inode_has_case_insensitive
[  395.722634][T14659]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  395.735249][   T33] audit: type=1326 audit(395.569:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.0.3185" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14b78eba9 code=0x7ffc0000
[  395.779907][T14659] bcachefs (loop8): invalid bkey in btree_node btree=alloc level=0: u64s 29 type deleted 1:256:65536 len 0 ver 0: 
[  395.780014][T14659]   nonzero snapshot, deleting
[  395.793117][T14659] bcachefs (loop8): btree node read error at btree freespace level 0/0
[  395.793226][T14659]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[  395.793238][T14659]   loop8 node offset 0/32 bset u64s 0: invalid bkey format: field 4 too large: 0 + 4294967296 > 4294967295
[  395.793247][T14659]   u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:4294967296, 0:0
[  395.793254][T14659]   loop8 btree validate error
[  395.793261][T14659]   flagging btree freespace lost data
[  395.793269][T14659]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  395.793277][T14659]   ret btree_node_read_err_bad_node
[  395.816449][   T33] audit: type=1326 audit(395.569:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.0.3185" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa14b78eba9 code=0x7ffc0000
[  395.818689][T14659] bcachefs (loop8): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  395.845322][T14659] bcachefs (loop8): check_topology... done
[  395.848899][T14659] bcachefs (loop8): accounting_read... done
[  395.852091][T14659] bcachefs (loop8): alloc_read... done
[  395.854904][T14659] bcachefs (loop8): snapshots_read... done
[  395.858141][T14659] bcachefs (loop8): Fixed errors, running fsck a second time to verify fs is clean
[  395.861595][T14659] bcachefs (loop8): done starting filesystem
[  395.875233][ T5858] Bluetooth: hci1: command 0x0406 tx timeout
[  395.923842][T11619] bcachefs (loop8): shutting down
[  395.942975][T11619] bcachefs (loop8): shutdown complete
[  396.229842][T14690] nbd: must specify an index to disconnect
[  396.261300][T14692] netlink: 'syz.3.3196': attribute type 16 has an invalid length.
[  396.612726][T14708] loop3: detected capacity change from 0 to 64
[  396.621458][T14708] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  396.765554][T14714] Invalid ELF header type: 0 != 1
[  397.102363][T14722] Bluetooth: MGMT ver 1.23
[  397.170575][T14722] comedi comedi0: No channels found!
[  397.299804][T14724] netlink: 'syz.0.3208': attribute type 3 has an invalid length.
[  397.303386][T14724] netlink: 'syz.0.3208': attribute type 3 has an invalid length.
[  397.309157][T14724] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3208'.
[  398.132737][T14740] loop3: detected capacity change from 0 to 4096
[  398.137682][T14740] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  398.150297][T14739] loop8: detected capacity change from 0 to 4096
[  398.155156][T14739] ntfs3(loop8): Primary boot: invalid bytes per MFT record 0 (0).
[  398.157010][T14740] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  398.161786][T14739] ntfs3(loop8): try to read out of volume at offset 0x1ffe00
[  398.186527][T14740] ntfs3(loop3): ino=1f, "file2" failed to open parent directory r=5 to update
[  398.248614][   T53] ntfs3(loop3): ino=1f, failed to open parent directory r=5 to update
[  398.333252][T14748] loop8: detected capacity change from 0 to 1024
[  398.374453][ T2982] hfsplus: b-tree write err: -5, ino 4
[  398.545215][  T791] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  398.695125][  T791] usb 4-1: Using ep0 maxpacket: 32
[  398.699022][  T791] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  398.701962][  T791] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  398.705653][  T791] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  398.709671][  T791] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  398.713461][  T791] usb 4-1: config 1 has no interface number 0
[  398.716245][  T791] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  398.719776][  T791] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.070301][  T791] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  399.165350][   T55] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  399.235211][   T55] Bluetooth: hci2: command 0x0401 tx timeout
[  399.271690][  T791] snd_usb_pod 4-1:1.1: set_interface failed
[  399.273758][  T791] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  399.278612][  T791] snd_usb_pod 4-1:1.1: probe with driver snd_usb_pod failed with error -71
[  399.283113][  T791] usb 4-1: USB disconnect, device number 15
[  399.439732][T14774] loop8: detected capacity change from 0 to 16
[  399.443762][T14774] erofs (device loop8): unsupported chunk format ffff of nid 36
[  400.135992][T14800] loop3: detected capacity change from 0 to 512
[  400.140727][T14800] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  400.184256][T14800] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #17: comm syz.3.3239: iget: bad i_size value: -6917529027641081756
[  400.192923][T14800] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3239: couldn't read orphan inode 17 (err -117)
[  400.199146][T14807] loop0: detected capacity change from 0 to 256
[  400.199554][T14800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.202337][T14807] exfat: Deprecated parameter 'namecase'
[  400.210114][T14807] exfat: Deprecated parameter 'utf8'
[  400.226345][T14807] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  400.237195][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.475680][T14813] loop3: detected capacity change from 0 to 512
[  400.509121][T14813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.575454][T14813] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  400.593042][T14813] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32768 with max blocks 2048 with error 28
[  400.599095][T14813] EXT4-fs (loop3): This should not happen!! Data will be lost
[  400.599095][T14813] 
[  400.603305][T14813] EXT4-fs (loop3): Total free blocks count 0
[  400.606151][T14813] EXT4-fs (loop3): Free/Dirty block details
[  400.608802][T14813] EXT4-fs (loop3): free_blocks=39626
[  400.611139][T14813] EXT4-fs (loop3): dirty_blocks=2048
[  400.613467][T14813] EXT4-fs (loop3): Block reservation details
[  400.616290][T14813] EXT4-fs (loop3): i_reserved_data_blocks=2048
[  400.665270][    T9] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  401.069171][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  401.077282][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  401.082478][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[  401.088551][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  401.095232][    T9] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  401.106973][    T9] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  401.116125][    T9] usb 1-1: Manufacturer: syz
[  401.119060][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.123981][    T9] usb 1-1: config 0 descriptor??
[  401.400374][T14840] loop3: detected capacity change from 0 to 128
[  401.404508][T14840] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  401.469677][    T9] rc_core: IR keymap rc-hauppauge not found
[  401.471999][    T9] Registered IR keymap rc-empty
[  401.477274][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.501058][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.529648][    T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  401.536872][    T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input19
[  401.614131][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.645644][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.669711][T14847] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3256'.
[  401.681114][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.716016][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  401.851166][T14850] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  401.855665][T14850] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  401.985157][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.005466][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.032206][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.056265][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.075586][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.096101][    T9] mceusb 1-1:0.0: Error: mce write urb status = -71
[  402.123539][T14853] loop3: detected capacity change from 0 to 4096
[  402.125994][    T9] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  402.128087][T14853] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  402.130956][    T9] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  402.139162][T14853] ntfs3(loop3): try to read out of volume at offset 0xffffffff0000
[  402.140161][    T9] usb 1-1: USB disconnect, device number 17
[  402.142772][T14853] ntfs3(loop3): Failed to initialize $Bitmap (-5).
[  402.218745][T14855] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3259'.
[  402.439990][T14867] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3265'.
[  402.454277][T14865] loop3: detected capacity change from 0 to 2048
[  402.459633][T14865] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  402.486617][T14869] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3266'.
[  402.519640][T14872] loop3: detected capacity change from 0 to 128
[  402.523144][T14872] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  402.536518][T14872] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  402.549015][   T33] audit: type=1800 audit(402.409:135): pid=14872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3267" name="bus" dev="loop3" ino=1048733 res=0 errno=0
[  402.549729][T14872] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  402.571602][T14872] FAT-fs (loop3): Filesystem has been set read-only
[  402.584536][T14875] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3269'.
[  402.636894][T14881] afs: Bad value for 'source'
[  403.771224][T14905] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3282'.
[  404.489882][T14913] loop0: detected capacity change from 0 to 32768
[  404.493050][T14913] XFS: noikeep mount option is deprecated.
[  404.496430][T14913] XFS (loop0): no-recovery mounts must be read-only.
[  404.563169][T14927] loop8: detected capacity change from 0 to 128
[  404.567048][T14927] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  404.571983][T14927] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  405.159442][T14931] loop0: detected capacity change from 0 to 32768
[  405.166125][T14931] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  405.187827][T14931] XFS (loop0): Ending clean mount
[  405.241115][T14136] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  405.318462][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  405.487473][    T9] usb 4-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  405.491501][    T9] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  405.504497][    T9] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  405.508803][    T9] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  405.512430][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.518674][T14935] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  406.014126][    T9] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  406.019061][    T9] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input20
[  406.033684][    T9] usb 4-1: USB disconnect, device number 16
[  406.036178][    C0] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  406.478288][T14963] netlink: 'syz.0.3304': attribute type 9 has an invalid length.
[  407.532226][T14983] openvswitch: netlink: IPv4 frag type 32 is out of range max 2
[  407.634338][T14991] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3316'.
[  407.683097][T14993] binder: 14992:14993 ioctl c0306201 200000000080 returned -14
[  407.711355][T14994] loop0: detected capacity change from 0 to 164
[  407.716704][T14994] iso9660: Unknown parameter ''
[  408.102228][T15001] loop3: detected capacity change from 0 to 32768
[  408.106676][T15001] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3320 (15001)
[  408.121417][T15001] BTRFS info (device loop3): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  408.126435][T15001] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  408.181612][T15001] BTRFS info (device loop3): enabling ssd optimizations
[  408.184651][T15001] BTRFS info (device loop3): enabling free space tree
[  408.214299][T12632] BTRFS info (device loop3): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  408.728001][T15034] loop0: detected capacity change from 0 to 8192
[  408.957051][T15050] loop3: detected capacity change from 0 to 1024
[  408.961114][T15050] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  408.967824][T15050] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  408.972879][T15050] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  408.980181][T15050] EXT4-fs error (device loop3): ext4_get_journal_inode:5800: comm syz.3.3335: inode #1: comm syz.3.3335: iget: illegal inode #
[  408.996062][T15050] EXT4-fs (loop3): no journal found
[  408.998290][T15050] EXT4-fs (loop3): can't get journal size
[  409.009558][T15050] EXT4-fs (loop3): failed to initialize system zone (-22)
[  409.015137][T15050] EXT4-fs (loop3): mount failed
[  409.070890][T15057] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3338'.
[  409.118987][T15064] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3340'.
[  409.221927][T15077] loop8: detected capacity change from 0 to 1024
[  409.291865][T15083] loop0: detected capacity change from 0 to 256
[  409.318336][T15083] FAT-fs (loop0): Directory bread(block 64) failed
[  409.323171][T15083] FAT-fs (loop0): Directory bread(block 65) failed
[  409.333343][T15083] FAT-fs (loop0): Directory bread(block 66) failed
[  409.335819][T15083] FAT-fs (loop0): Directory bread(block 67) failed
[  409.338900][T15083] FAT-fs (loop0): Directory bread(block 68) failed
[  409.342104][T15083] FAT-fs (loop0): Directory bread(block 69) failed
[  409.347872][T15083] FAT-fs (loop0): Directory bread(block 70) failed
[  409.352735][T15083] FAT-fs (loop0): Directory bread(block 71) failed
[  409.360235][T15083] FAT-fs (loop0): Directory bread(block 72) failed
[  409.363075][T15083] FAT-fs (loop0): Directory bread(block 73) failed
[  409.582104][T15091] loop3: detected capacity change from 0 to 40427
[  409.586802][T15091] F2FS-fs (loop3): build fault injection rate: 16
[  409.589721][T15091] F2FS-fs (loop3): build fault injection type: 0x3bfe8d
[  409.594569][T15091] F2FS-fs (loop3): invalid crc value
[  409.598653][T15091] F2FS-fs (loop3): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x4429/0x6ff0
[  409.602827][T15091] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[  410.051927][T15107] loop3: detected capacity change from 0 to 2048
[  410.063325][T15107] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  410.073646][T15107] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  410.752319][T15127] netlink: 'syz.0.3369': attribute type 3 has an invalid length.
[  410.791134][T15129] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3370'.
[  410.911827][T15134] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3372'.
[  410.937811][T15134] 8021q: adding VLAN 0 to HW filter on device bond1
[  410.950031][T15134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3372'.
[  411.291620][T15142] loop0: detected capacity change from 0 to 32768
[  411.297072][T15146] loop3: detected capacity change from 0 to 256
[  411.305896][T15142] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  411.310254][T15146] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  411.314129][T15146] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  411.403899][   T33] audit: type=1800 audit(411.259:136): pid=15142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3375" name="file2" dev="loop0" ino=17061 res=0 errno=0
[  411.670330][T15163] loop3: detected capacity change from 0 to 1024
[  411.687546][T15163] hfsplus: inconsistency in B*Tree (0,1,255,1,0)
[  411.691791][T15163] hfsplus: xattr searching failed
[  411.734177][T15165] Device name not specified.
[  411.734177][T15165] 
[  411.869384][T15171] IPVS: Error connecting to the multicast addr
[  412.207853][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  412.418865][T15196] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3397'.
[  412.492495][ T5867] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  412.589888][T15212] loop0: detected capacity change from 0 to 128
[  412.689271][T15220] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  412.713594][T15222] mmap: syz.3.3410 (15222) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  413.106398][    T9] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  413.305263][    T9] usb 4-1: Using ep0 maxpacket: 32
[  413.310924][    T9] usb 4-1: config 0 has an invalid interface number: 235 but max is 0
[  413.314401][    T9] usb 4-1: config 0 has no interface number 0
[  413.327669][    T9] usb 4-1: New USB device found, idVendor=085a, idProduct=0009, bcdDevice=a3.47
[  413.331733][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.336998][    T9] usb 4-1: Product: syz
[  413.338856][    T9] usb 4-1: Manufacturer: syz
[  413.340886][    T9] usb 4-1: SerialNumber: syz
[  413.344033][    T9] usb 4-1: config 0 descriptor??
[  413.561600][    T9] kaweth 4-1:0.235: Firmware present in device.
[  413.751846][    T9] kaweth 4-1:0.235: Statistics collection: 0
[  413.754196][    T9] kaweth 4-1:0.235: Multicast filter limit: 0
[  413.756748][    T9] kaweth 4-1:0.235: MTU: 0
[  413.758661][    T9] kaweth 4-1:0.235: Read MAC address 00:00:00:00:00:00
[  414.235180][ T5897] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  414.353907][    T9] kaweth 4-1:0.235: Error setting receive filter
[  414.361472][    T9] kaweth 4-1:0.235: probe with driver kaweth failed with error -5
[  414.368300][    T9] usb 4-1: USB disconnect, device number 17
[  414.395284][ T5897] usb 1-1: Using ep0 maxpacket: 16
[  414.399410][ T5897] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  414.403657][ T5897] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  414.410435][ T5897] usb 1-1: New USB device found, idVendor=1d6b, idProduct=1301, bcdDevice= 1.40
[  414.414171][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.418647][ T5897] usb 1-1: Product: syz
[  414.420431][ T5897] usb 1-1: Manufacturer: syz
[  414.422399][ T5897] usb 1-1: SerialNumber: syz
[  414.631997][ T5897] usb 1-1: 0:2 : does not exist
[  414.639928][ T5897] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  414.651839][ T5897] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5)
[  414.658356][ T5897] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  414.668812][ T5897] usb 1-1: 5:0: cannot get min/max values for control 8 (id 5)
[  414.681583][ T5897] usb 1-1: USB disconnect, device number 18
[  414.997099][T15252] loop3: detected capacity change from 0 to 64
[  415.001379][T15252] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  415.411623][T15263] ALSA: mixer_oss: invalid OSS volume 'LI'
[  415.893874][T15267] loop8: detected capacity change from 0 to 32768
[  415.899258][T15267] bcachefs (/dev/loop8): error validating superblock: Invalid superblock section replicas_v0: invalid device 1 in entry (unknown data_type 224): 1/245 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 4 5 5 6 10 11 11 11 26 33 34 45 45 56 80]
[  415.899258][T15267] replicas_v0 (size 40):
[  415.899258][T15267] (unknown data_type 224): 15 [0 0 0 0 0 0 255 255 255 255 255 255 255 255 255] (unknown data_type 224): 245 [5 0 0 0 0 1 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 34 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 45 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
[  415.899413][T15267] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  416.005222][ T5897] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  416.069691][T15277] loop8: detected capacity change from 0 to 512
[  416.074479][T15277] EXT4-fs: Mount option(s) incompatible with ext3
[  416.197269][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  416.201420][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  416.208375][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  416.212969][ T5897] usb 1-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  416.216924][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.221285][ T5897] usb 1-1: config 0 descriptor??
[  416.223630][T15269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  416.354195][T15279] loop8: detected capacity change from 0 to 1024
[  416.702653][T15284] loop3: detected capacity change from 0 to 2048
[  416.707782][T15284] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  416.751700][ T5897] aureal 0003:0755:2626.0013: unknown main item tag 0x6
[  416.754733][ T5897] aureal 0003:0755:2626.0013: report_id 29495 is invalid
[  416.762687][ T5897] aureal 0003:0755:2626.0013: item 0 2 1 8 parsing failed
[  416.766903][ T5897] aureal 0003:0755:2626.0013: probe with driver aureal failed with error -22
[  416.951889][   T47] usb 1-1: USB disconnect, device number 19
[  417.035138][    T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  417.205354][    T9] usb 4-1: Using ep0 maxpacket: 16
[  417.216018][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.225643][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.232321][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  417.245173][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  417.249057][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.256596][    T9] usb 4-1: config 0 descriptor??
[  417.497145][T15304] loop0: detected capacity change from 0 to 512
[  417.501936][T15304] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  417.674664][    T9] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  417.678594][    T9] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  417.681871][    T9] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  417.689977][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0014/input/input21
[  417.708470][T15312] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  417.788710][    T9] microsoft 0003:045E:07DA.0014: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  417.887800][   T24] usb 4-1: USB disconnect, device number 18
[  417.900343][T15320] netlink: 'syz.0.3453': attribute type 4 has an invalid length.
[  418.053707][T15328] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  418.100115][T15330] netlink: 'syz.0.3458': attribute type 3 has an invalid length.
[  418.103469][T15330] netlink: 'syz.0.3458': attribute type 16 has an invalid length.
[  418.107033][T15330] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3458'.
[  418.141752][T15332] loop0: detected capacity change from 0 to 8
[  418.152069][T15332] SQUASHFS error: xz decompression failed, data probably corrupt
[  418.158131][T15332] SQUASHFS error: Failed to read block 0x108: -5
[  418.160973][T15332] SQUASHFS error: Unable to read metadata cache entry [106]
[  418.163981][T15332] SQUASHFS error: Unable to read inode 0x11f
[  418.311299][ T5867] nci: nci_ntf_packet: unknown ntf opcode 0x703
[  419.496202][T15353] loop0: detected capacity change from 0 to 32768
[  419.503914][T15353] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  419.531501][T15353] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  419.750253][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  419.837475][T15367] loop3: detected capacity change from 0 to 1024
[  419.869341][ T1090] hfsplus: b-tree write err: -5, ino 4
[  420.020686][T15375] loop3: detected capacity change from 0 to 8
[  420.144834][T15383] sctp: [Deprecated]: syz.0.3479 (pid 15383) Use of int in maxseg socket option.
[  420.144834][T15383] Use struct sctp_assoc_value instead
[  420.272366][T15389] netlink: 'syz.0.3481': attribute type 32 has an invalid length.
[  420.275150][T15389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3481'.
[  420.280045][T15389] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  420.396634][   T47] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  420.424937][T15398] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input22
[  420.568792][   T47] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  420.573688][   T47] usb 4-1: config 0 interface 0 has no altsetting 0
[  420.573713][T15405] loop8: detected capacity change from 0 to 1024
[  420.576358][   T47] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  420.582248][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.587659][   T47] usb 4-1: config 0 descriptor??
[  420.598570][T15405] EXT4-fs: Ignoring removed orlov option
[  420.608069][T15405] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.642633][T15405] EXT4-fs: Ignoring sb option on remount
[  420.646604][T15405] EXT4-fs: Ignoring removed orlov option
[  420.649032][T15405] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  420.657200][T15405] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  420.662154][T15405] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000.
[  420.693499][T11619] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.735764][T15413] netlink: 60 bytes leftover after parsing attributes in process `syz.8.3491'.
[  420.742242][T15413] unsupported nlmsg_type 40
[  420.770556][T15417] loop8: detected capacity change from 0 to 8
[  420.774329][T15417] squashfs image failed sanity check
[  420.907781][T15429] loop8: detected capacity change from 0 to 2048
[  420.913088][T15429] UDF-fs: warning (device loop8): udf_verify_domain_identifier: Descriptor for logical volume marked write protected. Forcing read only mount.
[  421.034077][   T47] logitech 0003:046D:C294.0015: unknown main item tag 0x0
[  421.037091][   T47] logitech 0003:046D:C294.0015: unknown main item tag 0x0
[  421.044925][T15438] loop0: detected capacity change from 0 to 4096
[  421.054834][   T47] logitech 0003:046D:C294.0015: hidraw0: USB HID v0.04 Device [HID 046d:c294] on usb-dummy_hcd.3-1/input0
[  421.069807][   T47] logitech 0003:046D:C294.0015: no inputs found
[  421.262664][  T791] usb 4-1: USB disconnect, device number 19
[  421.948432][T15452] loop3: detected capacity change from 0 to 32768
[  421.960485][T15452] JBD2: Ignoring recovery information on journal
[  421.982107][T15452] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  422.015788][T12632] ocfs2: Unmounting device (7,3) on (node local)
[  422.105926][T15458] loop0: detected capacity change from 0 to 3
[  422.229394][T15470] loop3: detected capacity change from 0 to 512
[  422.232817][T15470] EXT4-fs: Ignoring removed i_version option
[  422.239967][T15470] EXT4-fs: Ignoring removed bh option
[  422.262934][T15470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.287524][   T33] audit: type=1800 audit(421.877:137): pid=15470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3517" name="bus" dev="loop3" ino=18 res=0 errno=0
[  422.325360][T15478] Failed to get privilege flags for destination (handle=0x2:0x0)
[  422.347477][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.489848][T15492] netlink: 15 bytes leftover after parsing attributes in process `syz.3.3528'.
[  422.494004][T15492] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3528'.
[  422.621260][T15504] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3534'.
[  422.624465][T15504] netlink: 43 bytes leftover after parsing attributes in process `syz.0.3534'.
[  422.627309][T15504] netlink: 'syz.0.3534': attribute type 6 has an invalid length.
[  422.630017][T15504] netlink: 'syz.0.3534': attribute type 5 has an invalid length.
[  422.633199][T15504] netlink: 43 bytes leftover after parsing attributes in process `syz.0.3534'.
[  422.899448][T15513] openvswitch: netlink: Flow key attr not present in new flow.
[  423.299207][T15526] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  423.299274][T15525] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  423.795541][   T47] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  423.959985][   T47] usb 4-1: unable to get BOS descriptor or descriptor too short
[  423.964744][   T47] usb 4-1: config 3 has an invalid interface number: 51 but max is 0
[  423.968446][   T47] usb 4-1: config 3 has no interface number 0
[  423.973786][   T47] usb 4-1: New USB device found, idVendor=0b57, idProduct=2c68, bcdDevice=6e.32
[  423.978837][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.982272][   T47] usb 4-1: Product: syz
[  423.984059][   T47] usb 4-1: Manufacturer: syz
[  423.986025][   T47] usb 4-1: SerialNumber: syz
[  423.994114][   T47] usbhid 4-1:3.51: couldn't find an input interrupt endpoint
[  424.210211][  T791] usb 4-1: USB disconnect, device number 20
[  424.385468][T15539] loop0: detected capacity change from 0 to 128
[  424.389986][T15539] EXT4-fs (loop0): Test dummy encryption mode enabled
[  424.397017][T15539] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  425.097979][T15541] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  425.473917][T15556] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  425.943872][    C0] vkms_vblank_simulate: vblank timer overrun
[  426.381469][T15574] loop3: detected capacity change from 0 to 128
[  426.386021][T15574] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  426.432035][T15574] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  426.522929][T15564] loop8: detected capacity change from 0 to 65536
[  426.662336][T15564] XFS (loop8): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  426.735540][T15564] XFS (loop8): Ending clean mount
[  426.897045][T14136] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  427.160703][   T33] audit: type=1800 audit(426.405:138): pid=15590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3556" name="file2" dev="loop8" ino=71 res=0 errno=0
[  427.308589][T15584] loop3: detected capacity change from 0 to 32768
[  427.315592][T15584] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3563 (15584)
[  427.393361][T15584] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  427.397149][T15584] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  427.448607][T11619] XFS (loop8): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  427.476613][T15584] BTRFS info (device loop3): setting nodatasum
[  427.479350][T15584] BTRFS info (device loop3): setting nodatacow
[  427.481978][T15584] BTRFS info (device loop3): enabling free space tree
[  427.493751][T15584] BTRFS info (device loop3): max_inline set to 0
[  427.535453][  T791] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  427.698414][  T791] usb 1-1: Using ep0 maxpacket: 16
[  427.712667][  T791] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  427.716489][  T791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.724611][T12632] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  427.728335][  T791] usb 1-1: Product: syz
[  427.730822][  T791] usb 1-1: Manufacturer: syz
[  427.732666][  T791] usb 1-1: SerialNumber: syz
[  427.736874][  T791] usb 1-1: config 0 descriptor??
[  427.741470][  T791] visor 1-1:0.0: Sony Clie 3.5 converter detected
[  427.809013][T15609] loop8: detected capacity change from 0 to 8
[  427.814098][T15609] SQUASHFS error: zlib decompression failed, data probably corrupt
[  427.817722][T15609] SQUASHFS error: Failed to read block 0x9b: -5
[  427.821421][T15609] SQUASHFS error: Unable to read metadata cache entry [99]
[  427.824669][T15609] SQUASHFS error: Unable to read inode 0x127
[  427.863981][T15611] loop8: detected capacity change from 0 to 512
[  427.951460][T15611] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  427.962621][  T791] usb 1-1: clie_3_5_startup: get config number bad return length: 0
[  427.968615][  T791] visor 1-1:0.0: probe with driver visor failed with error -5
[  428.182445][  T791] usb 1-1: USB disconnect, device number 20
[  428.375120][T15620] loop3: detected capacity change from 0 to 32768
[  428.380280][T15620] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section journal_seq_blacklist: entry 2 start >= end (16259633109040355076 >= 202532834100012515)
[  428.380280][T15620] journal_seq_blacklist (size 64):
[  428.380280][T15620] 0-9895604649984 8747515680081339234-12315680807489264408 16259633109040355076-202532834100012515
[  428.380280][T15620] 
[  428.396408][T15620] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal_seq_blacklist
[  428.596669][T15624] loop3: detected capacity change from 0 to 128
[  428.604024][T15624] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  428.613727][T15624] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  428.736190][T15628] loop3: detected capacity change from 0 to 1024
[  428.908272][T11619] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.914512][T15635] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3577'.
[  428.973997][T15637] loop8: detected capacity change from 0 to 2048
[  428.978258][T15637] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  428.991209][T15638] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  429.071266][T15642] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3580'.
[  429.107821][  T791] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  429.270178][  T791] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  429.273883][  T791] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  429.277517][  T791] usb 4-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[  429.282375][  T791] usb 4-1: config 220 has no interface number 2
[  429.285348][  T791] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  429.293889][  T791] usb 4-1: config 220 interface 0 has no altsetting 0
[  429.296855][  T791] usb 4-1: config 220 interface 76 has no altsetting 0
[  429.299926][  T791] usb 4-1: config 220 interface 1 has no altsetting 0
[  429.305986][  T791] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  429.309687][  T791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.313678][  T791] usb 4-1: Product: syz
[  429.315616][  T791] usb 4-1: Manufacturer: syz
[  429.317831][  T791] usb 4-1: SerialNumber: syz
[  429.449286][T15662] loop8: detected capacity change from 0 to 64
[  429.454832][T15662] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing
[  429.548500][  T791] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  429.551294][  T791] usb 4-1: No valid video chain found.
[  429.553729][  T791] usb 4-1: selecting invalid altsetting 0
[  429.565578][  T791] usb 4-1: selecting invalid altsetting 0
[  429.568812][  T791] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  429.574137][  T791] usb 4-1: USB disconnect, device number 21
[  429.837918][T15683] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3600'.
[  429.844062][T15683] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'.
[  429.850936][T15683] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3600'.
[  429.854928][T15683] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3600'.
[  429.970173][T15692] loop0: detected capacity change from 0 to 256
[  430.183836][T15710] loop8: detected capacity change from 0 to 2048
[  430.194228][T15710] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  430.270638][T15718] loop0: detected capacity change from 0 to 1024
[  430.275169][T15718] EXT4-fs: Ignoring removed nomblk_io_submit option
[  430.293084][T15718] EXT4-fs: Ignoring removed nomblk_io_submit option
[  430.296188][T15718] EXT4-fs: Ignoring removed orlov option
[  430.299681][T15718] EXT4-fs: Mount option(s) incompatible with ext2
[  430.316189][T15718] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  430.562652][T15739] loop0: detected capacity change from 0 to 2048
[  430.565842][T15739] EXT4-fs: Ignoring removed bh option
[  430.578722][T15739] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  430.609306][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.626872][T15738] 9pnet_fd: p9_fd_create_unix (15738): problem connecting socket: ./file0: -5
[  430.738284][T15752] loop0: detected capacity change from 0 to 512
[  430.744241][T15752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  430.782718][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.969694][T15749] loop8: detected capacity change from 0 to 4096
[  430.975701][T15749] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[  431.349899][T15781] netlink: 'syz.3.3646': attribute type 1 has an invalid length.
[  431.355221][T15781] netlink: 'syz.3.3646': attribute type 4 has an invalid length.
[  431.358320][T15781] netlink: 208 bytes leftover after parsing attributes in process `syz.3.3646'.
[  431.361980][T15781] NCSI netlink: No device for ifindex 3088861696
[  431.406038][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  431.579982][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  431.584039][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  431.600837][   T24] usb 1-1: New USB device found, idVendor=04b8, idProduct=ef02, bcdDevice= 0.3f
[  431.604602][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.608567][   T24] usb 1-1: Product: syz
[  431.611306][   T24] usb 1-1: Manufacturer: syz
[  431.613263][   T24] usb 1-1: SerialNumber: syz
[  431.750916][T15794] loop3: detected capacity change from 0 to 128
[  431.760230][T15794] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  431.792807][T12632] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  431.847741][   T24] usb 1-1: USB disconnect, device number 21
[  431.878642][T15800] loop3: detected capacity change from 0 to 4096
[  431.894023][T15800] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  431.897086][T15800] ntfs3(loop3): Failed to load $Secure (-22).
[  431.899680][T15800] ntfs3(loop3): Failed to initialize $Secure (-22).
[  431.998174][T15804] loop3: detected capacity change from 0 to 1024
[  432.002665][T15804] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 64
[  432.189276][T15817] kAFS: No cell specified
[  432.281456][T15823] netlink: 27 bytes leftover after parsing attributes in process `syz.3.3665'.
[  432.500616][T15837] netlink: 'syz.0.3671': attribute type 10 has an invalid length.
[  432.503970][T15837] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3671'.
[  432.508185][T15837] team0: entered promiscuous mode
[  432.510518][T15837] team_slave_0: entered promiscuous mode
[  432.513171][T15837] team_slave_1: entered promiscuous mode
[  432.515675][T15837] team0: entered allmulticast mode
[  432.518211][T15837] team_slave_0: entered allmulticast mode
[  432.520861][T15837] team_slave_1: entered allmulticast mode
[  432.524171][T15837] bridge0: port 3(team0) entered blocking state
[  432.527101][T15837] bridge0: port 3(team0) entered disabled state
[  432.528010][T15839] loop3: detected capacity change from 0 to 2048
[  432.532349][T15837] bridge0: port 3(team0) entered blocking state
[  432.535519][T15837] bridge0: port 3(team0) entered forwarding state
[  432.536852][T15839] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  432.548749][T15839] UDF-fs: warning (device loop3): udf_fill_super: No fileset found
[  432.891807][   T24] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  433.067618][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  433.073851][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  433.077943][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.091120][   T24] usb 1-1: config 0 descriptor??
[  433.623461][T15847] loop3: detected capacity change from 0 to 1024
[  433.676425][ T2982] hfsplus: b-tree write err: -5, ino 4
[  433.722895][T15849] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3677'.
[  434.180102][   T24] usbhid 1-1:0.0: can't add hid device: -71
[  434.182900][   T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  434.189864][   T24] usb 1-1: USB disconnect, device number 22
[  434.459283][T15866] netlink: 'syz.8.3685': attribute type 1 has an invalid length.
[  434.462797][T15866] netlink: 'syz.8.3685': attribute type 4 has an invalid length.
[  434.467372][T15866] __nla_validate_parse: 1 callbacks suppressed
[  434.467390][T15866] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.3685'.
[  434.476140][T15866] netlink: 'syz.8.3685': attribute type 1 has an invalid length.
[  434.479540][T15866] netlink: 'syz.8.3685': attribute type 4 has an invalid length.
[  434.482665][T15866] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.3685'.
[  434.831260][T15883] tipc: Started in network mode
[  434.833609][T15883] tipc: Node identity 4, cluster identity 4711
[  434.836221][T15883] tipc: Node number set to 4
[  434.946060][T15888] loop3: detected capacity change from 0 to 1024
[  435.025526][T15891] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  435.510629][    T9] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  435.639074][   T24] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  435.699159][    T9] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  435.705816][    T9] usb 4-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  435.709903][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.713313][    T9] usb 4-1: Product: syz
[  435.717618][    T9] usb 4-1: Manufacturer: syz
[  435.719567][    T9] usb 4-1: SerialNumber: syz
[  435.729920][    T9] usb 4-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  435.810495][   T24] usb 1-1: Using ep0 maxpacket: 8
[  435.818413][   T24] usb 1-1: config 0 has no interfaces?
[  435.821546][   T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  435.825267][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.830436][   T24] usb 1-1: config 0 descriptor??
[  436.151653][  T791] usb 1-1: USB disconnect, device number 23
[  436.380431][    T9] usb 4-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  436.392635][    T9] usb 4-1: USB disconnect, device number 22
[  436.771259][T15912] loop0: detected capacity change from 0 to 1024
[  436.801176][ T7475] hfsplus: b-tree write err: -5, ino 4
[  436.971900][T15918] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3709'.
[  437.336983][T15924] serio: Serial port ptm0
[  438.284911][T15949] rtc_cmos 00:04: Alarms can be up to one day in the future
[  438.335117][   T33] audit: type=1326 audit(436.892:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15952 comm="syz.3.3723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88d678eba9 code=0x7ffc0000
[  438.359339][   T33] audit: type=1326 audit(436.892:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15952 comm="syz.3.3723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88d678eba9 code=0x7ffc0000
[  438.375435][   T33] audit: type=1326 audit(436.892:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15952 comm="syz.3.3723" exe="/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f88d678eba9 code=0x7ffc0000
[  438.390253][T15955] netlink: 392 bytes leftover after parsing attributes in process `syz.0.3725'.
[  438.395111][   T33] audit: type=1326 audit(436.892:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15952 comm="syz.3.3723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88d678eba9 code=0x7ffc0000
[  438.404872][   T33] audit: type=1326 audit(436.892:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15952 comm="syz.3.3723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88d678eba9 code=0x7ffc0000
[  438.608359][T15961] loop3: detected capacity change from 0 to 32768
[  438.621336][T15961] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  438.666807][T12632] (syz-executor,12632,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  438.677757][T12632] ocfs2: Unmounting device (7,3) on (node local)
[  438.848692][T15976] loop3: detected capacity change from 0 to 512
[  438.851893][T15976] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  438.859022][T15976] EXT4-fs (loop3): 1 truncate cleaned up
[  438.861994][T15976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.871137][T15976] EXT4-fs error (device loop3): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.3.3733: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  438.878624][T15976] EXT4-fs (loop3): Remounting filesystem read-only
[  438.881074][T15976] EXT4-fs warning (device loop3): ext4_rename_delete:3731: inode #2: comm syz.3.3733: Deleting old file: nlink 4, error=-117
[  438.901138][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.928190][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.172627][T15984] loop3: detected capacity change from 0 to 32768
[  439.184007][T15984] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  439.196590][T15995] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3739'.
[  439.208679][T15984] XFS (loop3): Ending clean mount
[  439.210825][T15995] netlink: 'syz.8.3739': attribute type 20 has an invalid length.
[  439.227015][T15995] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3739'.
[  439.231827][ T5911] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  439.237609][T15995] netlink: 'syz.8.3739': attribute type 20 has an invalid length.
[  439.241396][ T5911] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  439.247260][ T5911] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  439.256682][ T5911] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  439.274760][T12632] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  439.279549][    T9] rtc_cmos 00:04: Alarms can be up to one day in the future
[  439.288931][    T9] rtc_cmos 00:04: Alarms can be up to one day in the future
[  439.293126][    T9] rtc_cmos 00:04: Alarms can be up to one day in the future
[  439.308012][    T9] rtc_cmos 00:04: Alarms can be up to one day in the future
[  439.317766][    T9] rtc rtc0: __rtc_set_alarm: err=-22
[  439.340730][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.408709][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.497429][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.854782][T16008] loop3: detected capacity change from 0 to 32768
[  439.862760][T16008] (syz.3.3744,16008,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  439.868472][T16008] (syz.3.3744,16008,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  439.882402][T16008] JBD2: Ignoring recovery information on journal
[  439.914310][T16008] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  439.971756][T16027] loop8: detected capacity change from 0 to 128
[  439.983883][T12632] ocfs2: Unmounting device (7,3) on (node local)
[  440.011564][T16027] EXT4-fs: Ignoring removed nobh option
[  440.032977][T16027] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  440.080426][T11619] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  440.163414][T16025] loop0: detected capacity change from 0 to 32768
[  440.403428][   T55] Bluetooth: hci1: unexpected event for opcode 0x080f
[  440.774525][T16037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3751'.
[  440.780530][   T47] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  440.957353][   T47] usb 4-1: config 240 has too many interfaces: 108, using maximum allowed: 32
[  440.963910][   T47] usb 4-1: config 240 has 1 interface, different from the descriptor's value: 108
[  440.969322][   T47] usb 4-1: config 240 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  440.979156][   T47] usb 4-1: config 240 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  440.986066][   T47] usb 4-1: config 240 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  440.991357][   T47] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  440.995916][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.328505][    T9] IPVS: starting estimator thread 0...
[  441.385896][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  441.388667][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  441.433023][T16040] IPVS: using max 46 ests per chain, 110400 per kthread
[  441.514172][   T47] dragonrise 0003:0079:0011.0016: unknown main item tag 0x0
[  441.517855][   T47] dragonrise 0003:0079:0011.0016: unknown main item tag 0x0
[  441.522759][   T47] dragonrise 0003:0079:0011.0016: unknown main item tag 0x0
[  441.525852][   T47] dragonrise 0003:0079:0011.0016: unknown main item tag 0x0
[  441.529616][   T47] dragonrise 0003:0079:0011.0016: unknown main item tag 0x0
[  441.554782][   T47] dragonrise 0003:0079:0011.0016: hidraw0: USB HID v0.00 Device [HID 0079:0011] on usb-dummy_hcd.3-1/input0
[  441.859373][   T47] usb 4-1: USB disconnect, device number 23
[  441.956816][T16048] loop8: detected capacity change from 0 to 40427
[  441.970018][T16048] F2FS-fs (loop8): invalid crc value
[  442.056796][T16048] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  442.061708][T16048] F2FS-fs (loop8): Start checkpoint disabled!
[  442.077149][T16048] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  442.089660][   T33] audit: type=1800 audit(440.400:144): pid=16048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3760" name="file1" dev="loop8" ino=10 res=0 errno=0
[  442.307312][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.307312][ T7489] loop8: rw=1, sector=77824, nr_sectors = 8 limit=40427
[  442.333732][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.333732][ T7489] loop8: rw=1, sector=77832, nr_sectors = 4088 limit=40427
[  442.344530][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.344530][ T7489] loop8: rw=1, sector=49152, nr_sectors = 8 limit=40427
[  442.365260][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.365260][ T7489] loop8: rw=1, sector=49160, nr_sectors = 4088 limit=40427
[  442.373267][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.373267][ T7489] loop8: rw=1, sector=57344, nr_sectors = 8 limit=40427
[  442.397133][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.397133][ T7489] loop8: rw=1, sector=57352, nr_sectors = 4064 limit=40427
[  442.408845][ T7489] kworker/u9:12: attempt to access beyond end of device
[  442.408845][ T7489] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  442.415345][ T7489] CPU: 0 UID: 0 PID: 7489 Comm: kworker/u9:12 Not tainted syzkaller #0 PREEMPT(full) 
[  442.415361][ T7489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  442.415369][ T7489] Workqueue: writeback wb_workfn (flush-7:8)
[  442.415389][ T7489] Call Trace:
[  442.415395][ T7489]  <TASK>
[  442.415401][ T7489]  dump_stack_lvl+0x189/0x250
[  442.415421][ T7489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.415436][ T7489]  ? __pfx_queue_work_on+0x10/0x10
[  442.415446][ T7489]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  442.415462][ T7489]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  442.415486][ T7489]  f2fs_handle_critical_error+0x37c/0x540
[  442.415507][ T7489]  f2fs_write_end_io+0x886/0xb60
[  442.415553][ T7489]  __submit_merged_bio+0x27a/0x6a0
[  442.415576][ T7489]  __submit_merged_write_cond+0x255/0x530
[  442.415607][ T7489]  f2fs_write_data_pages+0x261d/0x3000
[  442.415650][ T7489]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  442.415733][ T7489]  ? f2fs_write_meta_pages+0x357/0x450
[  442.415771][ T7489]  ? __lock_acquire+0xab9/0xd20
[  442.415795][ T7489]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  442.415808][ T7489]  do_writepages+0x32e/0x550
[  442.415831][ T7489]  ? reacquire_held_locks+0x127/0x1d0
[  442.415842][ T7489]  ? writeback_sb_inodes+0x384/0x1010
[  442.415865][ T7489]  __writeback_single_inode+0x145/0xff0
[  442.415881][ T7489]  ? do_raw_spin_unlock+0x4d/0x240
[  442.415899][ T7489]  writeback_sb_inodes+0x6c7/0x1010
[  442.415937][ T7489]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  442.416015][ T7489]  ? rcu_is_watching+0x15/0xb0
[  442.416037][ T7489]  wb_writeback+0x43b/0xaf0
[  442.416060][ T7489]  ? queue_io+0x3d1/0x590
[  442.416078][ T7489]  ? __pfx_wb_writeback+0x10/0x10
[  442.416101][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.416123][ T7489]  wb_workfn+0x409/0xef0
[  442.416150][ T7489]  ? __pfx_wb_workfn+0x10/0x10
[  442.416168][ T7489]  ? __lock_acquire+0xab9/0xd20
[  442.416195][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.416213][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.416229][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.416239][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.416253][ T7489]  process_scheduled_works+0xae1/0x17b0
[  442.416292][ T7489]  ? __pfx_process_scheduled_works+0x10/0x10
[  442.416321][ T7489]  worker_thread+0x8a0/0xda0
[  442.416356][ T7489]  kthread+0x711/0x8a0
[  442.416375][ T7489]  ? __pfx_worker_thread+0x10/0x10
[  442.416387][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.416403][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.416419][ T7489]  ? lockdep_hardirqs_on+0x9c/0x150
[  442.416430][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.416445][ T7489]  ret_from_fork+0x3fc/0x770
[  442.416461][ T7489]  ? __pfx_ret_from_fork+0x10/0x10
[  442.416479][ T7489]  ? __switch_to_asm+0x39/0x70
[  442.416493][ T7489]  ? __switch_to_asm+0x33/0x70
[  442.416506][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.416522][ T7489]  ret_from_fork_asm+0x1a/0x30
[  442.416552][ T7489]  </TASK>
[  442.556579][ T7489] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  442.559642][ T7489] CPU: 0 UID: 0 PID: 7489 Comm: kworker/u9:12 Not tainted syzkaller #0 PREEMPT(full) 
[  442.559654][ T7489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  442.559660][ T7489] Workqueue: writeback wb_workfn (flush-7:8)
[  442.559674][ T7489] Call Trace:
[  442.559678][ T7489]  <TASK>
[  442.559683][ T7489]  dump_stack_lvl+0x189/0x250
[  442.559695][ T7489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.559704][ T7489]  ? __pfx_queue_work_on+0x10/0x10
[  442.559712][ T7489]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  442.559723][ T7489]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  442.559738][ T7489]  f2fs_handle_critical_error+0x37c/0x540
[  442.559753][ T7489]  f2fs_write_end_io+0x886/0xb60
[  442.559769][ T7489]  __submit_merged_bio+0x27a/0x6a0
[  442.559781][ T7489]  __submit_merged_write_cond+0x255/0x530
[  442.559795][ T7489]  f2fs_write_data_pages+0x261d/0x3000
[  442.559817][ T7489]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  442.559860][ T7489]  ? f2fs_write_meta_pages+0x357/0x450
[  442.559871][ T7489]  ? __lock_acquire+0xab9/0xd20
[  442.559883][ T7489]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  442.559891][ T7489]  do_writepages+0x32e/0x550
[  442.559903][ T7489]  ? reacquire_held_locks+0x127/0x1d0
[  442.559910][ T7489]  ? writeback_sb_inodes+0x384/0x1010
[  442.559922][ T7489]  __writeback_single_inode+0x145/0xff0
[  442.559931][ T7489]  ? do_raw_spin_unlock+0x4d/0x240
[  442.559941][ T7489]  writeback_sb_inodes+0x6c7/0x1010
[  442.559985][ T7489]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  442.560015][ T7489]  ? rcu_is_watching+0x15/0xb0
[  442.560028][ T7489]  wb_writeback+0x43b/0xaf0
[  442.560040][ T7489]  ? queue_io+0x3d1/0x590
[  442.560050][ T7489]  ? __pfx_wb_writeback+0x10/0x10
[  442.560062][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.560074][ T7489]  wb_workfn+0x409/0xef0
[  442.560089][ T7489]  ? __pfx_wb_workfn+0x10/0x10
[  442.560098][ T7489]  ? __lock_acquire+0xab9/0xd20
[  442.560113][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.560123][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.560132][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.560138][ T7489]  ? process_scheduled_works+0x9ef/0x17b0
[  442.560146][ T7489]  process_scheduled_works+0xae1/0x17b0
[  442.560166][ T7489]  ? __pfx_process_scheduled_works+0x10/0x10
[  442.560182][ T7489]  worker_thread+0x8a0/0xda0
[  442.560201][ T7489]  kthread+0x711/0x8a0
[  442.560211][ T7489]  ? __pfx_worker_thread+0x10/0x10
[  442.560218][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.560227][ T7489]  ? _raw_spin_unlock_irq+0x23/0x50
[  442.560237][ T7489]  ? lockdep_hardirqs_on+0x9c/0x150
[  442.560243][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.560252][ T7489]  ret_from_fork+0x3fc/0x770
[  442.560261][ T7489]  ? __pfx_ret_from_fork+0x10/0x10
[  442.560271][ T7489]  ? __switch_to_asm+0x39/0x70
[  442.560279][ T7489]  ? __switch_to_asm+0x33/0x70
[  442.560286][ T7489]  ? __pfx_kthread+0x10/0x10
[  442.560295][ T7489]  ret_from_fork_asm+0x1a/0x30
[  442.560311][ T7489]  </TASK>
[  442.560315][ T7489] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  442.587105][   T55] Bluetooth: hci2: hcon ffff8881085b4000 sent 1 < count 12
[  442.669798][T16056] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[  442.728265][T16063] loop0: detected capacity change from 0 to 1024
[  442.731405][T16063] EXT4-fs: Ignoring removed bh option
[  442.736404][T16063] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  442.779840][T16063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.942888][T16077] input: syz1 as /devices/virtual/input/input23
[  443.383821][   T55] Bluetooth: hci0: unexpected event for opcode 0x2060
[  443.705020][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.841402][T16103] loop0: detected capacity change from 0 to 256
[  443.859183][T16103] FAT-fs (loop0): Directory bread(block 64) failed
[  443.862164][T16103] FAT-fs (loop0): Directory bread(block 65) failed
[  443.865280][T16103] FAT-fs (loop0): Directory bread(block 66) failed
[  443.868336][T16103] FAT-fs (loop0): Directory bread(block 67) failed
[  443.880670][T16103] FAT-fs (loop0): Directory bread(block 68) failed
[  443.893373][T16103] FAT-fs (loop0): Directory bread(block 69) failed
[  443.896452][T16103] FAT-fs (loop0): Directory bread(block 70) failed
[  443.899360][T16103] FAT-fs (loop0): Directory bread(block 71) failed
[  443.912555][T16103] FAT-fs (loop0): Directory bread(block 72) failed
[  443.915503][T16103] FAT-fs (loop0): Directory bread(block 73) failed
[  446.099870][T16122] loop0: detected capacity change from 0 to 40427
[  446.105498][T16122] F2FS-fs (loop0): build fault injection rate: 771
[  446.109575][T16122] F2FS-fs (loop0): invalid crc value
[  446.147445][T16122] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  446.153574][T16122] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  446.168418][   T47] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  446.390732][   T47] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  446.394943][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.398132][   T47] usb 4-1: Product: syz
[  446.399816][   T47] usb 4-1: Manufacturer: syz
[  446.401651][   T47] usb 4-1: SerialNumber: syz
[  446.414679][   T47] usb 4-1: config 0 descriptor??
[  446.421773][   T47] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 024
[  446.645804][   T47]  (null): failure setting delay to 10us
[  446.648214][   T47] i2c-tiny-usb 4-1:0.0: probe with driver i2c-tiny-usb failed with error -5
[  446.662247][   T47] usb 4-1: USB disconnect, device number 24
[  448.420718][T16158] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  448.428253][T16158] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  448.433441][T16158] overlayfs: missing 'lowerdir'
[  448.634934][T16171] ip6gre1: entered promiscuous mode
[  448.648074][   T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  448.727839][T16178] netlink: 'syz.3.3812': attribute type 2 has an invalid length.
[  448.828113][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.846800][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  448.857332][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  448.875880][T16185] netlink: 'syz.8.3810': attribute type 2 has an invalid length.
[  448.904697][T16185] sctp: [Deprecated]: syz.8.3810 (pid 16185) Use of struct sctp_assoc_value in delayed_ack socket option.
[  448.904697][T16185] Use struct sctp_sack_info instead
[  448.923322][   T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  448.936438][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.984892][   T24] usb 1-1: config 0 descriptor??
[  449.138928][T16189] netlink: 'syz.3.3816': attribute type 4 has an invalid length.
[  449.453208][   T24] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  449.613108][T16197] loop8: detected capacity change from 0 to 8
[  449.615933][T16197] Major/Minor mismatch, older Squashfs 0.0 filesystems are unsupported
[  449.646492][T16199] netlink: 'syz.8.3821': attribute type 21 has an invalid length.
[  449.649726][T16199] netlink: 'syz.8.3821': attribute type 22 has an invalid length.
[  449.660677][T16199] netlink: 'syz.8.3821': attribute type 23 has an invalid length.
[  449.669742][T16199] netlink: 'syz.8.3821': attribute type 25 has an invalid length.
[  449.673042][T16199] netlink: 'syz.8.3821': attribute type 26 has an invalid length.
[  449.679671][T16199] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3821'.
[  449.718231][   T24] usb 1-1: USB disconnect, device number 24
[  449.913333][T16203] loop8: detected capacity change from 0 to 40427
[  449.916983][T16203] F2FS-fs: heap/no_heap options were deprecated
[  449.923657][T16203] F2FS-fs (loop8): invalid crc value
[  449.925854][T16203] F2FS-fs (loop8): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  449.961224][T16203] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  449.965523][T16203] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  449.981352][T16195] loop3: detected capacity change from 0 to 131072
[  450.060273][T16195] F2FS-fs (loop3): Bad quota inode 2:2048
[  450.062826][T16195] F2FS-fs (loop3): Failed to enable quota tracking (type=2, err=-2). Please run fsck to fix.
[  450.067110][T16195] F2FS-fs (loop3): Cannot turn on quotas: error -2
[  450.070401][T16195] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  450.075222][T16195] F2FS-fs (loop3): Mounted with checkpoint version = 1b41e955
[  450.833265][T16230] loop0: detected capacity change from 0 to 512
[  450.857882][T16230] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  450.865138][T16230] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.3832: attempt to clear invalid blocks 2 len 1
[  450.877592][T16230] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  450.897877][T16230] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.3832: invalid indirect mapped block 1819239214 (level 0)
[  450.911265][T16230] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.3832: invalid indirect mapped block 1819239214 (level 1)
[  450.923688][T16230] EXT4-fs (loop0): 1 truncate cleaned up
[  450.929115][T16230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.943741][T16230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.127335][T16232] loop3: detected capacity change from 0 to 32768
[  451.138885][T16232] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  451.228439][T12632] ocfs2: Unmounting device (7,3) on (node local)
[  451.486675][T16268] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3849'.
[  451.492336][T16268] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3849'.
[  451.604465][T16274] bridge0: entered allmulticast mode
[  451.617777][T16274] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3850'.
[  451.634408][T16274] bridge0: port 3(team0) entered disabled state
[  451.637706][T16276] loop8: detected capacity change from 0 to 8
[  451.645379][T16276] unable to read xattr id index table
[  451.646262][T16274] bridge_slave_1: left allmulticast mode
[  451.650085][T16274] bridge_slave_1: left promiscuous mode
[  451.654423][T16274] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.669721][T16274] bridge_slave_0: left allmulticast mode
[  451.674016][T16274] bridge_slave_0: left promiscuous mode
[  451.676638][T16274] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.730022][T16274] bridge0 (unregistering): left allmulticast mode
[  451.740613][   T24] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  451.918683][   T24] usb 4-1: Using ep0 maxpacket: 16
[  451.924660][   T24] usb 4-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55
[  451.927951][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.932759][   T24] usb 4-1: Product: syz
[  451.934549][   T24] usb 4-1: Manufacturer: syz
[  451.936534][   T24] usb 4-1: SerialNumber: syz
[  451.940759][   T24] usb 4-1: config 0 descriptor??
[  451.945904][   T24] gspca_main: gspca_sn9c20x-2.14.0 probing 0458:704a
[  452.636582][   T24] gspca_sn9c20x: Write register 1001 failed -71
[  452.639573][   T24] gspca_sn9c20x: Device initialization failed
[  452.641796][   T24] gspca_sn9c20x 4-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[  452.647161][   T24] usb 4-1: USB disconnect, device number 25
[  452.869154][T16294] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3860'.
[  453.212148][ T5897] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  453.377399][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.381998][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.386462][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  453.391838][ T5897] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  453.397400][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.406049][ T5897] usb 1-1: config 0 descriptor??
[  453.711386][T16324] loop3: detected capacity change from 0 to 256
[  453.848669][ T5897] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  454.019192][T16338] bridge: RTM_NEWNEIGH with invalid ether address
[  454.322014][T16348] loop3: detected capacity change from 0 to 4096
[  454.350072][   T33] audit: type=1800 audit(451.879:145): pid=16348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3887" name="file1" dev="loop3" ino=33 res=0 errno=0
[  454.729986][ T5315] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  454.890311][ T5315] usb 4-1: Using ep0 maxpacket: 32
[  454.897016][ T5315] usb 4-1: config 0 has no interfaces?
[  454.904077][ T5315] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  454.908694][ T5315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.913437][ T5315] usb 4-1: Product: syz
[  454.915649][ T5315] usb 4-1: Manufacturer: syz
[  454.917693][ T5315] usb 4-1: SerialNumber: syz
[  454.922151][ T5315] usb 4-1: config 0 descriptor??
[  455.147230][ T5315] usb 4-1: USB disconnect, device number 26
[  455.438716][T16358] loop8: detected capacity change from 0 to 32768
[  455.443247][T16358] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.3892 (16358)
[  455.453953][    C0] plantronics 0003:047F:FFFF.0018: usb_submit_urb(ctrl) failed: -1
[  455.470136][T16358] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  455.474378][T16358] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[  455.563716][T16358] BTRFS info (device loop8): enabling ssd optimizations
[  455.566733][T16358] BTRFS info (device loop8): enabling free space tree
[  456.177504][T11619] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  456.219829][    C0] vkms_vblank_simulate: vblank timer overrun
[  456.271248][    C0] vkms_vblank_simulate: vblank timer overrun
[  456.281742][ T5897] kernel write not supported for file /697/clear_refs (pid: 5897 comm: kworker/0:3)
[  456.492692][ T5315] usb 1-1: USB disconnect, device number 25
[  456.551427][T16396] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  456.583577][T16400] netlink: 'syz.8.3904': attribute type 1 has an invalid length.
[  456.608180][    C0] vkms_vblank_simulate: vblank timer overrun
[  456.621901][ T5897] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  456.780309][ T5897] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  456.784916][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.789177][ T5897] usb 4-1: Product: syz
[  456.791197][ T5897] usb 4-1: Manufacturer: syz
[  456.794525][ T5897] usb 4-1: SerialNumber: syz
[  456.905462][T16412] netlink: 'syz.8.3910': attribute type 10 has an invalid length.
[  457.038920][ T5315] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  457.150832][T16424] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3916'.
[  457.203177][ T5315] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  457.207797][ T5315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.223727][ T5315] usb 1-1: config 0 descriptor??
[  457.667216][ T5315] lenovo 0003:17EF:6067.0019: hidraw0: USB HID v1.01 Device [HID 17ef:6067] on usb-dummy_hcd.0-1/input0
[  457.888067][   T47] usb 1-1: USB disconnect, device number 26
[  458.127266][T16456] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3932'.
[  458.316343][ T5897] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  458.321108][ T5897] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPIPE
[  458.541573][ T5897] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000118. ret = -EPROTO
[  458.547510][ T5897] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  458.551567][ T5897] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  458.582370][ T5897] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  458.600481][ T5897] usb 4-1: USB disconnect, device number 27
[  458.635609][T16482] loop0: detected capacity change from 0 to 2048
[  458.639368][T16482] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  458.641986][T16482] UDF-fs: Scanning with blocksize 512 failed
[  458.647216][T16482] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  458.935488][T16487] loop0: detected capacity change from 0 to 256
[  458.938834][T16487] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  458.943179][T16487] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  458.949556][T16487] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  459.470889][T16499] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[  459.602558][T16503] loop3: detected capacity change from 0 to 2048
[  459.631329][T16503] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.666028][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.728428][T16508] loop3: detected capacity change from 0 to 2048
[  459.748534][T16508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  459.790389][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.855225][ T5315] Process accounting resumed
[  460.057869][T16524] loop0: detected capacity change from 0 to 16
[  460.064341][T16524] erofs: Unknown parameter '0'
[  460.189249][T16532] loop3: detected capacity change from 0 to 512
[  460.196672][T16532] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.3962: corrupted in-inode xattr: invalid ea_ino
[  460.201810][T16532] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3962: couldn't read orphan inode 15 (err -117)
[  460.207072][T16532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  460.293294][T16539] netlink: 'syz.0.3967': attribute type 4 has an invalid length.
[  460.303684][T16539] netlink: 'syz.0.3967': attribute type 4 has an invalid length.
[  460.587654][ T5897] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  460.614070][T16551] team0: Cannot enslave team device to itself
[  460.616779][T16551] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  460.764392][ T5897] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[  460.767680][ T5897] usb 1-1: config 0 has no interface number 0
[  460.770781][ T5897] usb 1-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  460.779184][ T5897] usb 1-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64
[  460.787800][ T5897] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  460.792685][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.797061][ T5897] usb 1-1: Product: syz
[  460.799000][ T5897] usb 1-1: Manufacturer: syz
[  460.801116][ T5897] usb 1-1: SerialNumber: syz
[  460.806452][ T5897] usb 1-1: config 0 descriptor??
[  460.809427][T16541] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  460.817937][ T5897] yurex 1-1:0.50: USB YUREX device now attached to Yurex #0
[  461.011903][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.053330][ T5315] usb 1-1: USB disconnect, device number 27
[  461.065300][ T5315] yurex 1-1:0.50: USB YUREX #0 now disconnected
[  461.196133][T16585] loop3: detected capacity change from 0 to 512
[  461.206758][T16585] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3990: iget: bad i_size value: 38620345925642
[  461.213709][T16585] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3990: couldn't read orphan inode 15 (err -117)
[  461.251095][T16585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  461.286047][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.738589][T16596] loop0: detected capacity change from 0 to 128
[  461.859718][ T5315] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  462.071903][ T5315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  462.078437][ T5315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  462.082502][ T5315] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  462.095011][ T5315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.100955][ T5315] usb 4-1: config 0 descriptor??
[  462.136821][T16609] loop0: detected capacity change from 0 to 8192
[  462.206834][T16609]  loop0: AHDI p1 p2
[  462.208647][T16609] loop0: p1 size 65535 extends beyond EOD, truncated
[  462.293536][T16615] vxcan1: tx address claim with dest, not broadcast
[  462.421047][T16621] loop0: detected capacity change from 0 to 512
[  462.425548][T16621] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  462.431830][T16621] EXT4-fs (loop0): warning: maximal mount count reached, running e2fsck is recommended
[  462.439422][T16621] EXT4-fs error (device loop0): ext4_orphan_get:1392: comm syz.0.4006: inode #15: comm syz.0.4006: iget: illegal inode #
[  462.445470][T16621] EXT4-fs (loop0): Remounting filesystem read-only
[  462.449667][T16621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  462.492232][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.540308][T16624] program syz.0.4007 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  462.545692][ T5315] hid-steam 0003:28DE:1142.001A: reserved main item tag 0xe
[  462.555499][ T5315] hid-steam 0003:28DE:1142.001A: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  462.601824][T16628] loop0: detected capacity change from 0 to 8
[  462.607126][T16628] SQUASHFS error: Unable to read inode 0x11f
[  462.767750][    T9] usb 4-1: USB disconnect, device number 28
[  462.810642][T16640] xt_l2tp: missing protocol rule (udp|l2tpip)
[  462.888085][T16642] comedi comedi0: dt2801: I/O port conflict (0x2,2)
[  463.096619][T16644] loop0: detected capacity change from 0 to 32768
[  463.102114][T16644] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4017 (16644)
[  463.112217][T16644] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  463.115861][T16644] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  463.163467][T16644] BTRFS info (device loop0): rebuilding free space tree
[  463.172368][T16644] BTRFS info (device loop0): enabling ssd optimizations
[  463.175936][T16644] BTRFS info (device loop0): enabling free space tree
[  463.178320][T16644] BTRFS info (device loop0): force clearing of disk cache
[  463.180669][T16644] BTRFS info (device loop0): use lzo compression, level 0
[  463.253218][T14136] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  465.212562][T16715] loop3: detected capacity change from 0 to 32768
[  465.218113][T16715] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #70: OCFS2_VALID_FL not set
[  465.224343][T16715] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  465.227937][T16715] OCFS2: File system is now read-only.
[  465.229847][T16715] (syz.3.4034,16715,1):ocfs2_read_locked_inode:597 ERROR: status = -30
[  465.233341][T16715] (syz.3.4034,16715,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  465.237212][T16715] (syz.3.4034,16715,1):ocfs2_init_global_system_inodes:465 ERROR: status = -30
[  465.241067][T16715] (syz.3.4034,16715,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  465.241097][T16715] (syz.3.4034,16715,1):ocfs2_init_global_system_inodes:476 ERROR: status = -30
[  465.250044][T16715] (syz.3.4034,16715,1):ocfs2_initialize_super:2198 ERROR: status = -30
[  465.253535][T16715] (syz.3.4034,16715,1):ocfs2_fill_super:1177 ERROR: status = -30
[  465.603732][T16720] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4043'.
[  465.611543][T16720] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4043'.
[  465.710566][T16730] netlink: 'syz.3.4048': attribute type 15 has an invalid length.
[  465.764206][T16732] 8021q: VLANs not supported on gre0
[  465.805090][T16734] syzkaller1: entered promiscuous mode
[  465.807505][T16734] syzkaller1: entered allmulticast mode
[  465.850989][    C0] vkms_vblank_simulate: vblank timer overrun
[  465.857933][T16740] loop0: detected capacity change from 0 to 128
[  465.880356][T16740] qnx6: unable to set blocksize
[  465.965799][T16748] loop0: detected capacity change from 0 to 16
[  465.969253][T16748] erofs (device loop0): mounted with root inode @ nid 36.
[  465.974793][   T33] audit: type=1800 audit(462.740:146): pid=16748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4057" name="file1" dev="loop0" ino=86 res=0 errno=0
[  466.088219][T16757] loop0: detected capacity change from 0 to 1024
[  466.105423][T16757] hfsplus: bad catalog entry type
[  466.128267][   T27] hfsplus: b-tree write err: -5, ino 4
[  466.368190][T16770] loop3: detected capacity change from 0 to 1024
[  466.378865][T16770] EXT4-fs: Ignoring removed nobh option
[  466.385026][T16770] EXT4-fs: Ignoring removed bh option
[  466.408211][T16770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  466.872491][T16787] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.4067: Allocating blocks 497-513 which overlap fs metadata
[  467.246198][T16769] EXT4-fs (loop3): pa ffff888108eaf488: logic 16, phys. 241, len 17
[  467.249866][T16769] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  467.764375][T12632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.115994][ T5897] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  468.383933][ T5897] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  468.391755][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  468.396528][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  468.400622][ T5897] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  468.406198][ T5897] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  468.410772][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.416044][ T5897] usb 4-1: config 0 descriptor??
[  468.888677][ T5897] plantronics 0003:047F:FFFF.001B: ignoring exceeding usage max
[  468.901635][ T5897] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  469.041345][T16825] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4088'.
[  469.267619][    C0] vkms_vblank_simulate: vblank timer overrun
[  469.305824][    C0] vkms_vblank_simulate: vblank timer overrun
[  469.356677][T16831] dlm: non-version read from control device 29
[  470.916716][T16896] netlink: 'syz.3.4105': attribute type 4 has an invalid length.
[  471.171196][T16907] netlink: 'syz.3.4110': attribute type 10 has an invalid length.
[  471.186133][ T5924] usb 4-1: USB disconnect, device number 29
[  471.189176][T16907] syz_tun: entered promiscuous mode
[  471.285816][T16907] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  472.320824][T16935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4122'.
[  472.480640][T16939] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4125'.
[  472.587289][T16948] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  472.657328][T16953] vcan0: tx drop: invalid da for name 0xfffffffffffffffe
[  472.864126][T16951] loop3: detected capacity change from 0 to 32768
[  472.887727][T16951] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  472.971290][T12632] (syz-executor,12632,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  472.978023][T12632] ocfs2: Unmounting device (7,3) on (node local)
[  473.235685][T16973] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  473.419671][T16977] loop0: detected capacity change from 0 to 32768
[  473.430807][T16977] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  473.445874][T16977] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  473.466802][   T33] audit: type=1800 audit(469.757:147): pid=16977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4142" name="bus" dev="loop0" ino=17058 res=0 errno=0
[  473.498420][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  473.577823][T16995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4151'.
[  473.613542][T16999] loop3: detected capacity change from 0 to 1024
[  473.616530][T16999] EXT4-fs: Ignoring removed bh option
[  473.620946][T16999] EXT4-fs (loop3): unable to read superblock
[  473.730084][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4158'.
[  473.886685][T17027] xt_socket: unknown flags 0x50
[  474.184417][   T24] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  474.368307][   T24] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[  474.372140][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  474.375446][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[  474.380403][   T24] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  474.383697][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.388712][   T24] usb 4-1: config 0 descriptor??
[  474.856304][   T24] holtek_kbd 0003:04D9:A055.001C: bogus close delimiter
[  474.867206][   T24] holtek_kbd 0003:04D9:A055.001C: item 0 4 2 10 parsing failed
[  474.875331][   T24] holtek_kbd 0003:04D9:A055.001C: probe with driver holtek_kbd failed with error -22
[  474.945813][T17055] loop0: detected capacity change from 0 to 32768
[  474.997900][T17055] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  475.071175][   T24] usb 4-1: USB disconnect, device number 30
[  475.229090][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  475.597776][T17087] dummy0: entered allmulticast mode
[  475.600817][T17086] dummy0: left allmulticast mode
[  475.677344][T17089] 8021q: adding VLAN 0 to HW filter on device bond1
[  475.719680][T17089] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  475.732613][T17089] bond1: (slave macvlan2): making interface the new active one
[  475.775739][T17089] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  476.117197][   T55] Bluetooth: hci0: unexpected event for opcode 0x1005
[  476.317756][T17134] loop3: detected capacity change from 0 to 1024
[  476.327410][T17134] hfsplus: bad catalog entry type
[  476.347499][   T36] hfsplus: b-tree write err: -5, ino 4
[  476.437993][T17141] loop3: detected capacity change from 0 to 128
[  477.098216][T17151] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4220'.
[  477.503331][T17168] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4228'.
[  477.749408][T17187] tipc: Started in network mode
[  477.751089][T17187] tipc: Node identity 917f, cluster identity 4
[  477.753441][T17187] tipc: Node number set to 37247
[  477.756854][T17187] tipc: Cannot configure node identity twice
[  477.789316][T17189] tipc: Invalid UDP bearer configuration
[  477.789346][T17189] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  477.893853][   T24] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  477.955059][T17199] netlink: 'syz.3.4242': attribute type 1 has an invalid length.
[  477.982036][T17199] 8021q: adding VLAN 0 to HW filter on device bond1
[  478.002275][T17199] bond1: (slave geneve2): making interface the new active one
[  478.007353][T17199] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  478.054050][   T24] usb 1-1: Using ep0 maxpacket: 8
[  478.059566][   T24] usb 1-1: config 0 has no interfaces?
[  478.062502][   T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  478.067884][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.072627][   T24] usb 1-1: config 0 descriptor??
[  478.299370][   T24] usb 1-1: USB disconnect, device number 28
[  478.866332][    T9] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  478.900471][T17230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4256'.
[  479.026617][    T9] usb 4-1: Using ep0 maxpacket: 32
[  479.031731][    T9] usb 4-1: config 0 has an invalid interface number: 89 but max is 0
[  479.035181][    T9] usb 4-1: config 0 has no interface number 0
[  479.040104][    T9] usb 4-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  479.044497][    T9] usb 4-1: config 0 interface 89 has no altsetting 0
[  479.057292][    T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  479.063867][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.069298][    T9] usb 4-1: Product: syz
[  479.078354][    T9] usb 4-1: Manufacturer: syz
[  479.081448][    T9] usb 4-1: SerialNumber: syz
[  479.095326][    T9] usb 4-1: config 0 descriptor??
[  479.102476][    T9] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  479.109350][    T9] em28xx 4-1:0.89: Video interface 89 found:
[  479.191220][T17236] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  479.754114][T17260] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4271'.
[  479.758749][    T9] em28xx 4-1:0.89: unknown em28xx chip ID (0)
[  479.781741][T17262] loop0: detected capacity change from 0 to 2048
[  479.791129][T17262] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  480.343905][T17292] syz.0.4286 (17292): /proc/17291/oom_adj is deprecated, please use /proc/17291/oom_score_adj instead.
[  480.417084][    T9] em28xx 4-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  480.420330][    T9] em28xx 4-1:0.89: board has no eeprom
[  480.430400][T17296] loop0: detected capacity change from 0 to 1024
[  480.464177][ T1090] hfsplus: b-tree write err: -5, ino 4
[  480.483929][    T9] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67)
[  480.486788][    T9] em28xx 4-1:0.89: analog set to bulk mode.
[  480.489362][ T5897] em28xx 4-1:0.89: Registering V4L2 extension
[  480.499461][    T9] usb 4-1: USB disconnect, device number 31
[  480.504933][ T5897] em28xx 4-1:0.89: reading from i2c device at 0x4a failed (error=-19)
[  480.514274][    T9] em28xx 4-1:0.89: Disconnecting em28xx
[  480.518736][ T5897] em28xx 4-1:0.89: Config register raw data: 0xffffffed
[  480.521571][ T5897] em28xx 4-1:0.89: AC97 chip type couldn't be determined
[  480.526567][ T5897] em28xx 4-1:0.89: No AC97 audio processor
[  480.530097][ T5897] usb 4-1: Decoder not found
[  480.531951][ T5897] em28xx 4-1:0.89: failed to create media graph
[  480.534872][ T5897] em28xx 4-1:0.89: V4L2 device video103 deregistered
[  480.538392][ T5897] em28xx 4-1:0.89: Registering snapshot button...
[  480.542000][ T5897] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input24
[  480.549115][ T5897] em28xx 4-1:0.89: Remote control support is not available for this card.
[  480.553179][    T9] em28xx 4-1:0.89: Closing input extension
[  480.557096][    T9] em28xx 4-1:0.89: Deregistering snapshot button
[  480.570180][    T9] em28xx 4-1:0.89: Freeing device
[  480.743417][T17303] loop0: detected capacity change from 0 to 32768
[  480.754952][T17303] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  480.781257][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  480.923046][T17311] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4294'.
[  480.927251][T17311] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4294'.
[  480.931661][T17311] netlink: 720 bytes leftover after parsing attributes in process `syz.8.4294'.
[  480.935814][T17311] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4294'.
[  481.735873][T17338] : entered promiscuous mode
[  481.905282][   T55] Bluetooth: hci0: command 0x0405 tx timeout
[  482.010489][T17356] program syz.0.4313 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  482.117726][T17368] overlayfs: unescaped trailing colons in lowerdir mount option.
[  482.493749][T17396] loop0: detected capacity change from 0 to 4096
[  482.499750][T17396] ntfs3(loop0): Primary boot: invalid bytes per MFT record 12288 (3).
[  482.507589][T17396] ntfs3(loop0): try to read out of volume at offset 0x1ffe00
[  482.896352][ T5897] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  482.963293][T17420] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4344'.
[  483.069072][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.073272][ T5897] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  483.084740][ T5897] usb 1-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  483.101046][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.106707][ T5897] usb 1-1: config 0 descriptor??
[  483.187386][T17434] ref_ctr increment failed for inode: 0xca2 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff8881067e60c0
[  483.314482][T17442] netlink: 56 bytes leftover after parsing attributes in process `syz.8.4354'.
[  483.551690][ T5897] hid (null): invalid report_count -160948754
[  483.558210][ T5897] megaworld 0003:07B5:0312.001D: invalid report_count -160948754
[  483.562577][ T5897] megaworld 0003:07B5:0312.001D: item 0 4 1 9 parsing failed
[  483.566518][ T5897] megaworld 0003:07B5:0312.001D: parse failed
[  483.569234][ T5897] megaworld 0003:07B5:0312.001D: probe with driver megaworld failed with error -22
[  483.774004][ T5897] usb 1-1: USB disconnect, device number 29
[  483.884322][T17465] kAFS: unable to lookup cell '.,'
[  484.014209][T17473] netlink: 280 bytes leftover after parsing attributes in process `syz.8.4369'.
[  484.370111][T17490] loop0: detected capacity change from 0 to 1024
[  484.455371][ T2982] hfsplus: b-tree write err: -5, ino 4
[  484.472480][T17488] loop3: detected capacity change from 0 to 32768
[  484.526650][T17501] loop0: detected capacity change from 0 to 512
[  484.530094][T17501] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  484.548610][T17501] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  484.551875][T17501] System zones: 0-2, 18-18, 34-34
[  484.559559][T17501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.577888][T17488] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  484.577915][T17488]   allowing incompatible features above 0.0: (unknown version)
[  484.577924][T17488]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  484.596589][T17488] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  484.599943][T17488] bcachefs (loop3): initializing new filesystem
[  484.616133][T17488] bcachefs (loop3): going read-write
[  484.621765][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.625767][T17488] bcachefs (loop3): marking superblocks
[  484.633592][T17488] bcachefs (loop3): initializing freespace
[  484.639451][T17488] bcachefs (loop3): done initializing freespace
[  484.643880][T17488] bcachefs (loop3): reading snapshots table
[  484.646385][T17488] bcachefs (loop3): reading snapshots done
[  484.718274][T17488] bcachefs (loop3): done starting filesystem
[  484.849118][T17515] netlink: 'syz.0.4381': attribute type 11 has an invalid length.
[  484.858861][T17515] netlink: 'syz.0.4381': attribute type 4 has an invalid length.
[  484.862054][T17515] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4381'.
[  484.978787][T12632] bcachefs (loop3): shutting down
[  484.985649][T12632] bcachefs (loop3): going read-only
[  484.988005][T12632] bcachefs (loop3): finished waiting for writes to stop
[  485.012593][T12632] bcachefs (loop3): flushing journal and stopping allocators, journal seq 4
[  485.118675][T12632] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  485.125589][T12632] bcachefs (loop3): clean shutdown complete, journal seq 5
[  485.129395][T12632] bcachefs (loop3): marking filesystem clean
[  485.177728][T17523] loop0: detected capacity change from 0 to 32768
[  485.190017][T12632] bcachefs (loop3): shutdown complete
[  485.197297][T17523] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  485.237905][T17523] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  485.334405][T17534] fuse: Unknown parameter ''
[  485.342199][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  485.742383][T17544] loop0: detected capacity change from 0 to 32768
[  485.745119][T17544] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value
[  486.753372][T17548] loop0: detected capacity change from 0 to 131072
[  486.757331][T17548] F2FS-fs (loop0): Invalid log sectorsize (67108873)
[  486.759879][T17548] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  486.769245][T17548] F2FS-fs (loop0): invalid crc value
[  486.798790][T17548] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  486.803112][T17548] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  486.805384][T17548] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  486.828479][T17548] F2FS-fs (loop0): inconsistent node block, node_type:2, nid:8, node_footer[nid:8,ino:8,ofs:0,cpver:5013063228981249506,blkaddr:100678662]
[  486.847226][T17548] F2FS-fs (loop0): inconsistent node block, node_type:2, nid:8, node_footer[nid:8,ino:8,ofs:0,cpver:5013063228981249506,blkaddr:100678662]
[  487.245239][T17568] bridge_slave_1: left allmulticast mode
[  487.253270][T17568] bridge_slave_1: left promiscuous mode
[  487.260645][T17568] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.276472][T17568] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.510078][T17576] loop3: detected capacity change from 0 to 16
[  487.515006][T17576] erofs (device loop3): mounted with root inode @ nid 36.
[  487.521641][T17576] syz.3.4382: attempt to access beyond end of device
[  487.521641][T17576] loop3: rw=524288, sector=34359738360, nr_sectors = 32 limit=16
[  487.532290][T17576] syz.3.4382: attempt to access beyond end of device
[  487.532290][T17576] loop3: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  487.553683][   T33] audit: type=1800 audit(482.929:148): pid=17576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4382" name="file1" dev="loop3" ino=86 res=0 errno=0
[  487.613745][T17580] block nbd3: Attempted send on invalid socket
[  487.616281][T17580] blk_print_req_error: 10 callbacks suppressed
[  487.616306][T17580] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  487.629143][T17580] block nbd3: Attempted send on invalid socket
[  487.634950][T17580] I/O error, dev nbd3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  487.654628][T17578] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4409'.
[  487.897900][T17596] loop3: detected capacity change from 0 to 8
[  487.912768][T17596] SQUASHFS error: zlib decompression failed, data probably corrupt
[  487.916295][T17596] SQUASHFS error: Failed to read block 0x9b: -5
[  487.919007][T17596] SQUASHFS error: Unable to read metadata cache entry [99]
[  487.928673][T17596] SQUASHFS error: Unable to read inode 0x127
[  488.923467][T17636] loop3: detected capacity change from 0 to 4096
[  488.942058][T17636] ntfs3(loop3): ino=1a, mi_enum_attr
[  488.956778][T17636] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  490.605771][T17697] netlink: 18316 bytes leftover after parsing attributes in process `syz.3.4461'.
[  491.225860][   T55] Bluetooth: hci2: command 0x0401 tx timeout
[  492.516468][T17760] loop0: detected capacity change from 0 to 512
[  492.836137][T17766] loop0: detected capacity change from 0 to 4096
[  492.843567][T17766] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  492.899071][T17766] ntfs3(loop0): ino=1e, "file1" ntfs_sync_inode failed, -22.
[  492.912616][T17766] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  493.403363][T17781] loop0: detected capacity change from 0 to 32768
[  493.429195][T17781] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  493.480241][T14136] ocfs2: Unmounting device (7,0) on (node local)
[  493.639097][T17791] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  494.534860][T17820] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4507'.
[  494.549616][T17820] bond0: invalid ARP target 0.0.0.0 specified for addition
[  494.558281][T17820] bond0: option arp_ip_target: invalid value (0)
[  495.876171][T17862] loop0: detected capacity change from 0 to 32768
[  495.903265][   T33] audit: type=1800 audit(490.750:149): pid=17862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4525" name="file1" dev="loop0" ino=4 res=0 errno=0
[  496.238686][T17877] netlink: 'syz.0.4533': attribute type 29 has an invalid length.
[  496.242046][T17877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4533'.
[  496.434201][T17887] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4536'.
[  496.516105][T17893] netlink: 'syz.3.4540': attribute type 10 has an invalid length.
[  496.613212][T17898] loop0: detected capacity change from 0 to 512
[  496.616744][T17898] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  496.720948][T17898] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  496.723821][T17898] System zones: 0-2, 18-18, 34-34
[  496.729103][T17898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.598052][T14136] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.911389][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.092282][T17939] netlink: 182 bytes leftover after parsing attributes in process `syz.3.4557'.
[  498.145069][T17944] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  498.157674][T17944] CIFS mount error: No usable UNC path provided in device string!
[  498.157674][T17944] 
[  498.166615][T17946] netlink: 'syz.0.4561': attribute type 15 has an invalid length.
[  498.168226][T17944] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  498.257951][T17952] overlayfs: failed to clone upperpath
[  498.679154][T17974] tmpfs: Unknown parameter 'm'
[  499.838821][T18008] tipc: Started in network mode
[  499.841030][T18008] tipc: Node identity ac141441, cluster identity 4711
[  499.844553][T18008] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  500.072657][   T33] audit: type=1326 audit(494.641:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18024 comm="syz.8.4598" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f4198eba9 code=0x0
[  500.180508][    T9] usb 1-1: new low-speed USB device number 30 using dummy_hcd
[  500.345529][    T9] usb 1-1: config 0 has an invalid interface number: 3 but max is 0
[  500.348630][    T9] usb 1-1: config 0 has no interface number 0
[  500.351280][    T9] usb 1-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59
[  500.355120][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.362663][    T9] usb 1-1: config 0 descriptor??
[  500.366588][    T9] hub 1-1:0.3: bad descriptor, ignoring hub
[  500.368563][    T9] hub 1-1:0.3: probe with driver hub failed with error -5
[  500.371587][    T9] sierra 1-1:0.3: Sierra USB modem converter detected
[  500.529786][T18036] netlink: 'syz.3.4603': attribute type 1 has an invalid length.
[  500.532802][T18036] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4603'.
[  500.584308][    T9] usb 1-1: Sierra USB modem converter now attached to ttyUSB0
[  500.608747][    T9] usb 1-1: USB disconnect, device number 30
[  500.612870][    T9] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  500.616747][    T9] sierra 1-1:0.3: device disconnected
[  500.649724][T18040] xt_time: unknown flags 0xf4
[  501.257356][T18068] ==================================================================
[  501.260742][T18068] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  501.264006][T18068] Read of size 4 at addr ffff88804168dbc4 by task syz.0.4618/18068
[  501.268456][T18068] 
[  501.269523][T18068] CPU: 1 UID: 0 PID: 18068 Comm: syz.0.4618 Not tainted syzkaller #0 PREEMPT(full) 
[  501.269543][T18068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  501.269553][T18068] Call Trace:
[  501.269563][T18068]  <TASK>
[  501.269571][T18068]  dump_stack_lvl+0x189/0x250
[  501.269595][T18068]  ? __kasan_check_byte+0x12/0x40
[  501.269618][T18068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.269632][T18068]  ? lock_release+0x4b/0x3e0
[  501.269651][T18068]  ? __virt_addr_valid+0x4a5/0x5c0
[  501.269667][T18068]  print_report+0xca/0x240
[  501.269678][T18068]  ? xfrm_alloc_spi+0x570/0xf30
[  501.269692][T18068]  kasan_report+0x118/0x150
[  501.269708][T18068]  ? xfrm_alloc_spi+0x570/0xf30
[  501.269724][T18068]  xfrm_alloc_spi+0x570/0xf30
[  501.269738][T18068]  ? xfrm_alloc_spi+0x2a0/0xf30
[  501.269755][T18068]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  501.269768][T18068]  ? xfrm_find_acq+0x87/0xa0
[  501.269793][T18068]  xfrm_alloc_userspi+0x70b/0xc90
[  501.269813][T18068]  ? apparmor_capable+0x137/0x1b0
[  501.269827][T18068]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  501.269841][T18068]  ? __nla_parse+0x40/0x60
[  501.269856][T18068]  xfrm_user_rcv_msg+0x7a3/0xab0
[  501.269872][T18068]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  501.269892][T18068]  ? __pfx___mutex_trylock_common+0x10/0x10
[  501.269906][T18068]  ? rcu_is_watching+0x15/0xb0
[  501.269917][T18068]  ? trace_contention_end+0x39/0x120
[  501.269928][T18068]  ? __mutex_lock+0x335/0x1350
[  501.269942][T18068]  netlink_rcv_skb+0x208/0x470
[  501.269956][T18068]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  501.269971][T18068]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  501.270018][T18068]  ? netlink_deliver_tap+0x2e/0x1b0
[  501.270031][T18068]  ? netlink_deliver_tap+0x2e/0x1b0
[  501.270044][T18068]  xfrm_netlink_rcv+0x79/0x90
[  501.270061][T18068]  netlink_unicast+0x82f/0x9e0
[  501.270082][T18068]  ? __pfx_netlink_unicast+0x10/0x10
[  501.270098][T18068]  ? netlink_sendmsg+0x642/0xb30
[  501.270109][T18068]  ? skb_put+0x11b/0x210
[  501.270124][T18068]  netlink_sendmsg+0x805/0xb30
[  501.270139][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.270152][T18068]  ? aa_sock_msg_perm+0xf1/0x1d0
[  501.270164][T18068]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.270178][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.270190][T18068]  __sock_sendmsg+0x21c/0x270
[  501.270208][T18068]  ____sys_sendmsg+0x505/0x830
[  501.270225][T18068]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.270241][T18068]  ? import_iovec+0x74/0xa0
[  501.270257][T18068]  ___sys_sendmsg+0x21f/0x2a0
[  501.270272][T18068]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.270296][T18068]  ? __fget_files+0x2a/0x420
[  501.270307][T18068]  ? __fget_files+0x3a0/0x420
[  501.270320][T18068]  __x64_sys_sendmsg+0x19b/0x260
[  501.270334][T18068]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  501.270351][T18068]  ? rcu_is_watching+0x15/0xb0
[  501.270364][T18068]  ? do_syscall_64+0xbe/0x3b0
[  501.270378][T18068]  do_syscall_64+0xfa/0x3b0
[  501.270389][T18068]  ? lockdep_hardirqs_on+0x9c/0x150
[  501.270400][T18068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.270412][T18068]  ? exc_page_fault+0x9f/0xf0
[  501.270423][T18068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.270435][T18068] RIP: 0033:0x7fa14b78eba9
[  501.270449][T18068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.270461][T18068] RSP: 002b:00007fa14c681038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.270475][T18068] RAX: ffffffffffffffda RBX: 00007fa14b9d5fa0 RCX: 00007fa14b78eba9
[  501.270483][T18068] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  501.270491][T18068] RBP: 00007fa14b811e19 R08: 0000000000000000 R09: 0000000000000000
[  501.270498][T18068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  501.270506][T18068] R13: 00007fa14b9d6038 R14: 00007fa14b9d5fa0 R15: 00007fffe6143138
[  501.270519][T18068]  </TASK>
[  501.270524][T18068] 
[  501.429935][T18068] Allocated by task 15955:
[  501.431868][T18068]  kasan_save_track+0x3e/0x80
[  501.433869][T18068]  __kasan_slab_alloc+0x6c/0x80
[  501.435903][T18068]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  501.438218][T18068]  xfrm_state_alloc+0x24/0x2f0
[  501.440177][T18068]  __find_acq_core+0x8a7/0x1c00
[  501.442223][T18068]  xfrm_find_acq+0x78/0xa0
[  501.444135][T18068]  xfrm_alloc_userspi+0x6b3/0xc90
[  501.446286][T18068]  xfrm_user_rcv_msg+0x7a3/0xab0
[  501.448452][T18068]  netlink_rcv_skb+0x208/0x470
[  501.450533][T18068]  xfrm_netlink_rcv+0x79/0x90
[  501.452547][T18068]  netlink_unicast+0x82f/0x9e0
[  501.454582][T18068]  netlink_sendmsg+0x805/0xb30
[  501.456618][T18068]  __sock_sendmsg+0x21c/0x270
[  501.458574][T18068]  ____sys_sendmsg+0x505/0x830
[  501.460608][T18068]  ___sys_sendmsg+0x21f/0x2a0
[  501.462634][T18068]  __x64_sys_sendmsg+0x19b/0x260
[  501.464815][T18068]  do_syscall_64+0xfa/0x3b0
[  501.466837][T18068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.469428][T18068] 
[  501.470439][T18068] Freed by task 5897:
[  501.472151][T18068]  kasan_save_track+0x3e/0x80
[  501.474219][T18068]  kasan_save_free_info+0x46/0x50
[  501.476428][T18068]  __kasan_slab_free+0x5b/0x80
[  501.478482][T18068]  kmem_cache_free+0x18f/0x400
[  501.480487][T18068]  xfrm_state_gc_task+0x52d/0x6b0
[  501.482636][T18068]  process_scheduled_works+0xae1/0x17b0
[  501.485104][T18068]  worker_thread+0x8a0/0xda0
[  501.487158][T18068]  kthread+0x711/0x8a0
[  501.488873][T18068]  ret_from_fork+0x3fc/0x770
[  501.490768][T18068]  ret_from_fork_asm+0x1a/0x30
[  501.492752][T18068] 
[  501.493750][T18068] The buggy address belongs to the object at ffff88804168db00
[  501.493750][T18068]  which belongs to the cache xfrm_state of size 928
[  501.499371][T18068] The buggy address is located 196 bytes inside of
[  501.499371][T18068]  freed 928-byte region [ffff88804168db00, ffff88804168dea0)
[  501.505138][T18068] 
[  501.506194][T18068] The buggy address belongs to the physical page:
[  501.508864][T18068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804168df80 pfn:0x4168c
[  501.513033][T18068] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  501.516707][T18068] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  501.519938][T18068] page_type: f5(slab)
[  501.521691][T18068] raw: 00fff00000000040 ffff88801cf943c0 dead000000000122 0000000000000000
[  501.525294][T18068] raw: ffff88804168df80 00000000800e0008 00000000f5000000 0000000000000000
[  501.528933][T18068] head: 00fff00000000040 ffff88801cf943c0 dead000000000122 0000000000000000
[  501.532729][T18068] head: ffff88804168df80 00000000800e0008 00000000f5000000 0000000000000000
[  501.536404][T18068] head: 00fff00000000002 ffffea000105a301 00000000ffffffff 00000000ffffffff
[  501.540093][T18068] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  501.543708][T18068] page dumped because: kasan: bad access detected
[  501.546417][T18068] page_owner tracks the page as allocated
[  501.548813][T18068] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8879, tgid 8878 (syz.6.1016), ts 173855085200, free_ts 172838583561
[  501.556711][T18068]  post_alloc_hook+0x240/0x2a0
[  501.558741][T18068]  get_page_from_freelist+0x21e4/0x22c0
[  501.561166][T18068]  __alloc_frozen_pages_noprof+0x181/0x370
[  501.563631][T18068]  alloc_pages_mpol+0x232/0x4a0
[  501.565770][T18068]  allocate_slab+0x8a/0x370
[  501.567770][T18068]  ___slab_alloc+0xbeb/0x1420
[  501.569757][T18068]  kmem_cache_alloc_noprof+0x283/0x3c0
[  501.572115][T18068]  xfrm_state_alloc+0x24/0x2f0
[  501.574127][T18068]  __find_acq_core+0x8a7/0x1c00
[  501.576171][T18068]  xfrm_find_acq+0x78/0xa0
[  501.578055][T18068]  xfrm_alloc_userspi+0x6b3/0xc90
[  501.580163][T18068]  xfrm_user_rcv_msg+0x7a3/0xab0
[  501.582260][T18068]  netlink_rcv_skb+0x208/0x470
[  501.584298][T18068]  xfrm_netlink_rcv+0x79/0x90
[  501.586414][T18068]  netlink_unicast+0x82f/0x9e0
[  501.588527][T18068]  netlink_sendmsg+0x805/0xb30
[  501.590664][T18068] page last free pid 8766 tgid 8766 stack trace:
[  501.593425][T18068]  __free_frozen_pages+0xbc4/0xd30
[  501.595698][T18068]  __put_partials+0x156/0x1a0
[  501.597769][T18068]  put_cpu_partial+0x17c/0x250
[  501.599826][T18068]  __slab_free+0x2d5/0x3c0
[  501.601764][T18068]  qlist_free_all+0x97/0x140
[  501.603775][T18068]  kasan_quarantine_reduce+0x148/0x160
[  501.606091][T18068]  __kasan_slab_alloc+0x22/0x80
[  501.608161][T18068]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  501.610610][T18068]  __alloc_skb+0x112/0x2d0
[  501.612536][T18068]  netlink_ack+0x146/0xa50
[  501.614452][T18068]  netlink_rcv_skb+0x28c/0x470
[  501.616486][T18068]  netlink_unicast+0x82f/0x9e0
[  501.618515][T18068]  netlink_sendmsg+0x805/0xb30
[  501.620572][T18068]  __sock_sendmsg+0x21c/0x270
[  501.622604][T18068]  __sys_sendto+0x3bd/0x520
[  501.624578][T18068]  __x64_sys_sendto+0xde/0x100
[  501.626582][T18068] 
[  501.627641][T18068] Memory state around the buggy address:
[  501.629952][T18068]  ffff88804168da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  501.633379][T18068]  ffff88804168db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  501.636822][T18068] >ffff88804168db80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  501.640252][T18068]                                            ^
[  501.642906][T18068]  ffff88804168dc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  501.646456][T18068]  ffff88804168dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  501.649917][T18068] ==================================================================
[  501.653750][T18068] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  501.656827][T18068] CPU: 1 UID: 0 PID: 18068 Comm: syz.0.4618 Not tainted syzkaller #0 PREEMPT(full) 
[  501.660709][T18068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  501.664951][T18068] Call Trace:
[  501.666399][T18068]  <TASK>
[  501.667670][T18068]  dump_stack_lvl+0x99/0x250
[  501.669609][T18068]  ? __asan_memcpy+0x40/0x70
[  501.671791][T18068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.674006][T18068]  ? __pfx__printk+0x10/0x10
[  501.675959][T18068]  vpanic+0x281/0x750
[  501.677711][T18068]  ? __pfx_vpanic+0x10/0x10
[  501.679626][T18068]  ? irqentry_exit+0x74/0x90
[  501.681570][T18068]  panic+0xb9/0xc0
[  501.683197][T18068]  ? __pfx_panic+0x10/0x10
[  501.685085][T18068]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  501.687554][T18068]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  501.690092][T18068]  ? xfrm_alloc_spi+0x570/0xf30
[  501.692152][T18068]  check_panic_on_warn+0x89/0xb0
[  501.694312][T18068]  ? xfrm_alloc_spi+0x570/0xf30
[  501.696430][T18068]  end_report+0x78/0x160
[  501.698266][T18068]  kasan_report+0x129/0x150
[  501.700236][T18068]  ? xfrm_alloc_spi+0x570/0xf30
[  501.702322][T18068]  xfrm_alloc_spi+0x570/0xf30
[  501.704397][T18068]  ? xfrm_alloc_spi+0x2a0/0xf30
[  501.706579][T18068]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  501.708855][T18068]  ? xfrm_find_acq+0x87/0xa0
[  501.710906][T18068]  xfrm_alloc_userspi+0x70b/0xc90
[  501.713134][T18068]  ? apparmor_capable+0x137/0x1b0
[  501.715297][T18068]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  501.717669][T18068]  ? __nla_parse+0x40/0x60
[  501.719637][T18068]  xfrm_user_rcv_msg+0x7a3/0xab0
[  501.721794][T18068]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  501.724128][T18068]  ? __pfx___mutex_trylock_common+0x10/0x10
[  501.726604][T18068]  ? rcu_is_watching+0x15/0xb0
[  501.728659][T18068]  ? trace_contention_end+0x39/0x120
[  501.730902][T18068]  ? __mutex_lock+0x335/0x1350
[  501.732970][T18068]  netlink_rcv_skb+0x208/0x470
[  501.735058][T18068]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  501.737331][T18068]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  501.739533][T18068]  ? netlink_deliver_tap+0x2e/0x1b0
[  501.741744][T18068]  ? netlink_deliver_tap+0x2e/0x1b0
[  501.743932][T18068]  xfrm_netlink_rcv+0x79/0x90
[  501.745878][T18068]  netlink_unicast+0x82f/0x9e0
[  501.747945][T18068]  ? __pfx_netlink_unicast+0x10/0x10
[  501.750165][T18068]  ? netlink_sendmsg+0x642/0xb30
[  501.752279][T18068]  ? skb_put+0x11b/0x210
[  501.754129][T18068]  netlink_sendmsg+0x805/0xb30
[  501.756247][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.758479][T18068]  ? aa_sock_msg_perm+0xf1/0x1d0
[  501.760544][T18068]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.762768][T18068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.765008][T18068]  __sock_sendmsg+0x21c/0x270
[  501.767035][T18068]  ____sys_sendmsg+0x505/0x830
[  501.769048][T18068]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.771293][T18068]  ? import_iovec+0x74/0xa0
[  501.773216][T18068]  ___sys_sendmsg+0x21f/0x2a0
[  501.775289][T18068]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.777566][T18068]  ? __fget_files+0x2a/0x420
[  501.779515][T18068]  ? __fget_files+0x3a0/0x420
[  501.781499][T18068]  __x64_sys_sendmsg+0x19b/0x260
[  501.783604][T18068]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  501.785844][T18068]  ? rcu_is_watching+0x15/0xb0
[  501.787826][T18068]  ? do_syscall_64+0xbe/0x3b0
[  501.789779][T18068]  do_syscall_64+0xfa/0x3b0
[  501.791744][T18068]  ? lockdep_hardirqs_on+0x9c/0x150
[  501.794015][T18068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.796575][T18068]  ? exc_page_fault+0x9f/0xf0
[  501.798607][T18068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.801126][T18068] RIP: 0033:0x7fa14b78eba9
[  501.803039][T18068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.811103][T18068] RSP: 002b:00007fa14c681038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.814626][T18068] RAX: ffffffffffffffda RBX: 00007fa14b9d5fa0 RCX: 00007fa14b78eba9
[  501.818008][T18068] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  501.821350][T18068] RBP: 00007fa14b811e19 R08: 0000000000000000 R09: 0000000000000000
[  501.824722][T18068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  501.828206][T18068] R13: 00007fa14b9d6038 R14: 00007fa14b9d5fa0 R15: 00007fffe6143138
[  501.831586][T18068]  </TASK>
[  501.833790][T18068] Kernel Offset: disabled
[  501.835674][T18068] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:30:58  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff81b44ffb RBX=1ffff11026cc7f61 RCX=ffff888026bc8000 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc9000301f6c0 RSP=ffffc9000301f540
R8 =ffffffff8fa3a037 R9 =1ffffffff1f47406 R10=dffffc0000000000 R11=fffffbfff1f47407
R12=ffff88813663fb08 R13=dffffc0000000000 R14=ffff88804b03b1c0 R15=0000000000000001
RIP=ffffffff81b44fe3 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555593e0b500 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f88d75056c0 CR3=00000001090f4000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f88d6812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000000a RBX=000000000000000a RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001329 RDI=000000000000132a RBP=00000000000003f8 RSP=ffffc9000290e9f0
R8 =ffff8881079b8237 R9 =1ffff11020f37046 R10=dffffc0000000000 R11=ffffffff854f6e80
R12=dffffc0000000000 R13=ffffffff99b00918 R14=ffffffff99df5420 R15=0000000000000000
RIP=ffffffff854f6efc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa14c6816c0 ffffffff 00c00000
GS =0000 ffff8881a3c15000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000280 CR3=000000003aebe000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fa14b9a7498 00007fa14b9a7470 XMM03=00007fa14b9a74a8 00007fa14b9a74a0
XMM04=00007fa14c50d100 00007fa14b9a7460 XMM05=00007fa14b9a7478 00007fa14b9a74c0
XMM06=00007fa14b9a74b8 00007fa14b9a74b0 XMM07=00007fa14b9a74a8 00007fa14b9a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fa14b812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
