last executing test programs:

6m2.784347852s ago: executing program 32 (id=186):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
ioctl$COMEDI_RANGEINFO(r0, 0x80106408, &(0x7f0000000200)={0x14, 0x0})

5m38.794624225s ago: executing program 3 (id=439):
setresgid(0x0, 0x0, 0xffffffffffffffff)

5m38.734932317s ago: executing program 3 (id=442):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
futex_waitv(&(0x7f0000004040)=[{0x0, &(0x7f0000000080), 0x2}, {0x3, &(0x7f0000003fc0)=0x1000000003, 0x82}], 0x2, 0x0, 0x0, 0x1)

5m38.645690281s ago: executing program 3 (id=445):
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "000000050000000026000400"}, {0x3, 0x18, "fe909393fe089393fe08f73eabc5fe8000000000000038f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e100908f61640000000200000000000000000000000000008879e66485201a0015ca83747357a02745000400"/55}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

5m38.643319573s ago: executing program 3 (id=447):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@bh}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x200000, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, 0x0, 0x1000)

5m38.514876871s ago: executing program 3 (id=448):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000000)=@newtaction={0x5c, 0x30, 0x216822a75a8bdd29, 0x70bd26, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x9, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x4020010)

5m37.963689342s ago: executing program 3 (id=449):
mount(&(0x7f0000000040)=@filename='./cgroup\x00', &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000000)='nilfs2\x00', 0x208000, 0x0)

5m37.836923817s ago: executing program 33 (id=449):
mount(&(0x7f0000000040)=@filename='./cgroup\x00', &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000000)='nilfs2\x00', 0x208000, 0x0)

4m50.29238473s ago: executing program 4 (id=1027):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r1, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})

4m50.231466886s ago: executing program 4 (id=1029):
timer_create(0x3, &(0x7f0000000140)={0x0, 0xa, 0x0, @thr={&(0x7f0000000000)="4c6d978c4804e2d6f000c6ede7bd7db2067f3d27f0723dd187cf657384ac7510455cd6bd9c58497095b975f6176e3f116c6d909f5f9511d2bc0a13e0fc9879c746e66a2fe6c3611f7cae2fa23cc61be2509fe6571d59dd6c941fa8", &(0x7f00000000c0)="dcf99bbc26176bae10c3a0977232c3a1c60d0b9588b6b80b8ed40b6dd00212df3c18669e25479c9d9749d8ab04f7435488162c8ad83b3368d7644071b5874cf0b2dd603484c6f7efd26eb8ff4228f225d6030a123d"}}, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000004000000040000000800000000000000", @ANYRES32, @ANYRES32], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
unlink(&(0x7f0000000280)='./file1\x00')
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_DELDEST(r6, 0x0, 0x488, &(0x7f0000000280)={{0x84, @private=0xa010100, 0x6e20, 0x3, 'lblcr\x00', 0x16, 0x0, 0x26}, {@loopback, 0x4e21, 0x3, 0xc25, 0x9, 0xfffffffb}}, 0x44)

4m49.313765438s ago: executing program 4 (id=1041):
syz_mount_image$bfs(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4, &(0x7f0000000600)=ANY=[], 0x8, 0xa9, &(0x7f00000004c0)="$eJzszrFtwlAUBdBrO3KSJgtkh+yQWVxmgkSRkipjZAMkJkFM4A0o3NJ8hDESdEgIAdI5xX/vP93iLtaz17wk5ScppZQ2yXPGvcrO59dHs53/ecjjdNtP7lydZN4c/1fv+fs9yPTDd9dX6fqhTK7RFAAAOFedt2mrTom347tM8nTJVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC3YxMAAP//Gvwe6A==")

4m49.24436428s ago: executing program 4 (id=1043):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
syz_mount_image$msdos(&(0x7f0000000340), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

4m49.092720908s ago: executing program 4 (id=1048):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0)

4m48.803674538s ago: executing program 4 (id=1055):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

4m48.702599108s ago: executing program 34 (id=1055):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

4m17.56218285s ago: executing program 1 (id=1513):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x2a, 0xc002)
sendfile(r0, r0, 0x0, 0x24002deb)

4m17.432578481s ago: executing program 1 (id=1517):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x2000400)
recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/243, 0xf3}], 0x10}, 0x142)

4m17.303377379s ago: executing program 1 (id=1522):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x101442, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
unlink(&(0x7f0000000100)='./bus\x00')
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x2046022, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

4m17.303188945s ago: executing program 1 (id=1523):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080), 0x3, 0x4cd, &(0x7f00000000c0)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0x58)

4m17.217261478s ago: executing program 1 (id=1526):
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

4m17.002428875s ago: executing program 1 (id=1532):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

4m16.885561667s ago: executing program 35 (id=1532):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

4m16.170152981s ago: executing program 0 (id=1541):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)

4m16.169864276s ago: executing program 0 (id=1542):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x2003, 0xc, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200000018010000202070250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000200), &(0x7f0000000280)='%-5lx  \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='hrtimer_start\x00', r1}, 0x18)

4m16.09091015s ago: executing program 0 (id=1543):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r1, &(0x7f00000021c0)=""/102384, 0x18ff0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r3, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000f80), &(0x7f0000000fc0)=0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

4m16.041413812s ago: executing program 0 (id=1544):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000000c0)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)

4m15.973992758s ago: executing program 0 (id=1545):
r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000880)='./file7\x00', 0x11c0, 0x0)

4m15.682295809s ago: executing program 0 (id=1546):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000001140)=[@in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e21, @multicast1}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)

4m15.483190149s ago: executing program 36 (id=1546):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000001140)=[@in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e21, @multicast1}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)

4m6.502293639s ago: executing program 7 (id=1597):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback, 0x3}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x3404c8d4)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000680)={0x0, 0x1, 0x4, [0x4, 0x3, 0x5, 0x1]}, 0x10)

4m6.412484837s ago: executing program 7 (id=1598):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, &(0x7f0000000140)={0x51, {{0x11, 0x0, 0x5000000, @dev={0xfe, 0x80, '\x00', 0x21}}}}, 0x88)

4m6.353722995s ago: executing program 7 (id=1600):
r0 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000231c0)=[{{0x0, 0x0, &(0x7f000001fec0)=[{&(0x7f000001fdc0)="cbea", 0x2}], 0x1}}], 0x1, 0x4004)

4m6.282167449s ago: executing program 7 (id=1601):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x2000002, &(0x7f0000001000)=ANY=[@ANYBLOB="766f6c756d653d3030303030303030303036332c696f636861727365743d6d6163677265656b2c696f636861727365743d6b6f69382d72752c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c6e6f7672732c6e6f7672732c66696c657365743d30303030303030303030303030303030303030342c646d6f64653d30303030303030303030303030303030303030303131362c007732be3442cd163f564b8a695afa1b16eefc0b9d590fbf9ab8391b97ea4c0cf06c797f1a493380ce6975738b912f61be3a342f9b9ee8b8bee4aa2b525fd11b2212573ec6e7f3235ad950c58d6bf8d5318071bd000000004c67990370b984f0b3bf4b8ee680536ebf6c9386b8e46872d639e0de679325aa384473cb1be572c7320000000000000000"], 0x1, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4m5.991470531s ago: executing program 7 (id=1606):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x3, 0x0, 0x3, 0x0, 0x0, 0x30}]}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0xdd, &(0x7f00000001c0)=""/221, 0x0, 0x20, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd23}, 0x94)

4m5.462898894s ago: executing program 7 (id=1617):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000040)='./file1\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x1, 0x5ff4, &(0x7f0000006c40)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiUZ4Ii8QCy6PAJtsWORFwisgHgBLM6wiQShUM+fYNeUe9zi2u7rn/H7SuOrr09V9yv+pqe6uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzrdMPhiM/EIKIfsVzXx6KeuZjvP4yII7HdHM9FxGAxol5++59nIs5FxEeHIja31lfrm8/ssx/nT928/sn3v/OP3/3p9pGfvvmTD9rtP/rs2Q9/fyvi8A9f+/CTW49n3QEAAKAUVVVVvfQ2/2h6f9/vulMAwFTk/X+V5NvVarVa/VjrP/Znqz/qQuumarxbzSIiNprL1K8ZHI4HgDmzER933QU6JP+iDSPiqa47Acy0Xtcd4InY3Fpf7aV8e839wbGd9vw55a78N3p3r+/Y3Fq/+zjN6STtc0ym9ft1Owbx7B79WZ5SH2ZJzr/fzv/yTvso3e8B+Y+dTtLVOUZ75T/aufSpODn/QTv/ll35/zki5jb//tj8S5XzHz5M/huDOd7+5Q8AAAAAwMGXP/8//OmP/z6Wz/8XH31V9uVBx3+PTakPAAAAAAAAAPC4Per4f3cZ/w8AAABmVv1evfaXQ/du2+u72OrbL/Uinm7dHyhMulhmpet+AAAAAAAAAAAAAEBJhjvn8F7qRSxExNMrK1VV1T9N7fphPery86709YeSdf1HHgAAdnx0qHUtfy9iKSIupe/6W1hZWamqpeWVaqVaXsyvZ0eLS9Vy431tnta3LY728YJ4OKrqB1tqLNc06f3ypPb249XPNaoG++jYdHQYOABExM7eaNMe6YCpqmei61c5zAfb/8Fj+2c/uv49BQAAAJ68qqqqXvo676PpmH+/604BANOwlPf/7eMCarVarVarD17dVI13q1lExEZzmfo1g+H4AWDObMTHXXeBDsm/aMOIONJ1J4CZ1uu6AzwRm1vrq72Ub6+5P0jju+dzQXblv9HbXi4vP246Sfsck2n9ft2OQTy7R3+em1IfZknOv9/O//JO+yjd70nnPy175V+v5+EO+tO1nP+gnX/Lwcm/Pzb/UuX8hw+V/0D+AAAAAAAww/Ln/4cd/82rDAAAAAAAAABzZ3NrfTVf95qP/39+zP16zTnXfx4YOf/evvN3/e9BkvPvt/NvnZAzaMzfeeNe/v/eWl/94Oa/PpenM5//wmBUP/dCrz8YpnN+qoW34mpci7U4dd/9h7vaT9/XvrCr/cyE9rP3tY/q9uXcfiJW4xdxLd6827444cSopQnt1YT2nP/A9l+knP+w8VPnv5Lae61p7c77/fu2++Z03PNc/Nt/X7x/65q+2zG4u25N9fod76A/2/8nT43iVzfWrp/4zZWbN6+fjjTZdeuZSJPHLOe/kH5y/i+9sNOe/+43t9c7748eOv9ZcTuGe+b/QmO+Xt+Xp9y3LuT8R+kn55/3QOO3/3nOf+/t/5UO+gMAAAAAAAAAAAAAAAAPUlXV9iWiFyPiQrr+p6trMwGAqfrDD9JMlYRarVar1eoDWzdV473eLGJp9zIXIuK34x4MAJhl/4uIf3bdCToj/4Ll7/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z+3zwNqjRu9a/zXN+LY3I7/2R8Ntsc6Tyv0fDx4/O/j8eDxv4cTnm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2rdr5l/9dd5zr+/K/+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp3b+7bDHT1bOP4997TzQsuT8c+byL0vO/4upln9Zcv4vplr+Zcn559d78i9Lzj+/95F/WXL+L6da/mXJ+X851fIvS87/lVTLvyw5/6+kWv5lyfm/mmr5lyXnfyLV8i9Lzv9kquVflpx/PsIl/7Lk/POZDfIvS87/TKrlX5ac/9lUy78sOf9zqZZ/WXL+51Mt/7Lk/C+kWv5lyfl/NdXyL0vO/2upln9Zcv6vpVr+Zcn5fz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/F9PtfzLcu/7/81MeeY/f4+YgW6YMTNupuu/TAAAAAAAAAAAAABA2zROJ+56HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+zw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHd3MXKV9xnAz37Za0OCGwghxAnrD4gDi3fXX+AQg0lCSkmbUhLSpiU1jr02TvxV7zoBhMpSaEsUpCK1F/SiaRKlUaS2AkWRmko0Qmqk9q5cJeImaiUuLBUqByWVUgW2OjPv++7M7OzMer2Dz5zz+yH89+6cmXnnzJnZedZ6ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGm362PSfD2RZlv9f+2NDll2e/31dtj//cm7PpV4hAAAAcLHerP35D1ekb+xfxpkatvm3D/zH9+fn5+ezL7xx7q2/nJ9PJ4xl2dDaLKudFv37L38x37hN8GQ2OjDY8PVgl6sf6nL6cJfTR7qcvqbL6Wu7nD7a5fRFO2CRdfXfx9QubGvtrxvquzS7Khupnba1zbmeHFg7OBh/l1MzUDvP/MiR7Fh2PJvOJhedZ6D2X5a9uCm/rruzeF2DDde1Mcuy8z977FBcw0DYx1uzpiurabzvXr8zG3vjZ48d+s7sa+9tN7vuhkUrzbJtm/N1PpVlC7+uygaytWmfxHUONqxzY5t1DjWtc6B2vvzvres8v8x1xts9Gtb5cod1bgzfe3hLlmVz2ZLbtHoyG8zWt1xr2t+j9SMiv4z8rnxXNnxBx8mmZRwn+Xle3dJ8nLQek3H/bwr7ZHiJNTTeHa8/sWbRfl/pcZLf6iIcq/ll35tf6eho469Wm47VfJvHrl/6GGh737U5BtKx3HAMbO52DAyuGaodA4MLa97cdAxMLTrPYDZQu65z13c+BiZmT5yemHnk0ZuPnTh4dPro9MmpyT27du7etXP37okjx45PT9b/vLBd2kfWZ4PpGNwcnmviMfjBlm0bD8n5b67e42C0II+D/LZ/5oZ8QZcPZksc4/k2T227+MdB+rnf8DgYbngctH1ObfM4GF7G4yDf5vy25f3MHG74v90aevVcuKHhGFjxz8N8u4v8eZhf5wMfWvq5cGNY19M3XujPw6FFx0C8WQPhsZd/J73eG7017JfFx8W1+QmXrcnOzkyf2f7wwdnZM1NZGG+LKxvuq9bjZX3DbcoWHS+DF3y87P/7X91wbZvvbwj7avSmzvdVvs2u8c73Ve3ZvXl/rsnq+7PpuzuyMFbZ270/2/00y/dnyhId9me+zVM3X/xrwZRLGp7/Rro9/w2NDNef/4bS3hhpev5bfNcM1VaWZedvXt7z30j4/+1+/rtqNZ7/ViEP5Pvqge2dj4F8m6cnLvQYGO74/LclzIGwng+FxDDakPvfqp0+Vz9MG+7LrsfN8PBIOG6G4zU2Hzc7F50nv7T8urdNruy42bal+b5qet1SwuMm31d/Ndn5uMm3eWnq4p871sW/Njx3rOl2DIwMrcnXO5IOgvrz3fy6eAxszw5lp7Lj2eF0nvxezq9rfMfyjoE14f+3+7njmoIcA/m+em5H52Mg3+ZHO1f3tdO28J20TcNrp9bfLyyV+a8dXri81t222pk/X+fHf/yp9L12GSLf5rVdF5ozOu+nm8J3Lmuzn1ofP0sd04ezt2c/XRPWeXx3599N5dtctWeZx9P+LMtemXql9vuu8Pvd75398febfu/b7nfKr0y9cs/EfT+5kPUDALByb9X+nFtTf63Z8C/Wy/n3fwAAAKAvxNw/GGYi/wMAAEBpxNw/FGYi/wMAAEBpxNw/HGZSkfz/0K17n3/z8Sy9G+B8EE+Pu+He2+vbxY73XPh6bH5B/v2Pfnvk+a8+vrzrHsyy7Ff3vK/t9g/dHtdVdzqu88PN31/kmuuWdf0P3r+wXeP7J5zfW7/8eHuWexjErvKLEztqlzv2yFRtvnRPVpv3zT39ZP3y61/H7c/trG//N+FNS/YfGWg6/7awnq1hjoX3lLl3/8J+yGc83/MbP/CvV3524fri+QY2v7N2M5/74/rlxveIevbK+vbxdi+1/n/52nefz7d/+Pr26398sP36z4XLfTXMX+6rb9+4z7/asP4/DeuP1xfPt/1bP2y7/hfeU9/+hXBcfCPM1vXf+Rfvf7Pd/RWvZ/9t9fPF65/8312188XLi5ffuv7Rx6ea9kfr5b/0Rv1y9n3550ON28fvx+uJHryt+fgeCPdvU488y7Lv/lnWtJ+zj9TP988t64+Xd/q29uu/qWWdpweuq51/4fZsaLpdX/+7HW1vb1zP/n/c0HR7nr0r7L83Jn6UX+65+8LxGE7/v5frl9f6XqYv3NX8fBO3/8aG+uM2Xt5Ey/qfbVn/3HX5vuu+/rvfqK//hTvWNq1//yfC8XR3fXZb/9G/vaLp/N/8Tv3+OPOV8ZOnZs4eO9ywVxsfx2tH162/7PJ3vPOK8Fza+vWBU7MPTZ8ZmxybzLKxPnzLwF6v/1th/k99zK3+NdT95Of14+6ZT9Z/bn3wF/Wvnw3ffzDcn/Hn49f/eqTpeG293+fuqM+LXf+NYR3L9Z6v/dd1y9rw3OdfPPtPf/Ja6+uCeHtOv3u0dvue23R17bSBl+qntz5fdfOf725+XP90eLI2fxD263x4Z+bNV9evr/Xy43uTPPPp+uM3vpKL589a3k9kw1Dz7bjY9f80vI754TXNz3/x+PjB4y3v5rwhG8iXMBeeH7K5+ulxq7i/nzl/ddvri+/Dk82990KWuaSZR2Ymjh87efbhidnpmdmJmUcePXDi1NmTswdq71164Ivdzr/w+F5fe3wfnt6zK6s92k/VR49d6vWfvv/Q4Vsmbzg8feTg2SOz95+ePnP00MzMoenDMzccPHJk+ivdzn/s8L6pHXt33rJj/Oixw/tu3bt3597xYydP5cuoL6qLPZNfGj955kDtLDP7du2d2r171+T4iVOHp/fdMjk5frbb+Ws/m8bzc395/Mz08YOzx05Mj88ce3R639TePXt2dH33xxOnj8yMTZw5e3Li7Mz0mYn6bRmbrX07/9nX7fxUw8yp8HzXYiC8Ov/cTXvS++Pmvv3EkhdV36T55Wn2engvqPjzrdvXMfePhJlUJP8DAABAFcTcH974f+EE+R8AAABKI+b+tWEm8j8AAACURsz99eQ/mj7+vSr5f7X6/0/o/9fo/+v/Z/r/if6//n9Wsv5/PvX/9f8b6f/r/+v/6//TWdH6/yH3Z+uyzL//AwAAQEnF3L8+zET+BwAAgNKIuf+yMBP5HwAAAEoj5v7Lw0wqkv99/r/+v/5/p/5/3Fb/P9P/L0L/f+t/6/8v4vP/9f8z/f8Vu9T9+X5ffwH7/+v0/ymaovX/Y+5/R5hJRfI/AAAAVEHM/e8MM5H/AQAAoDRi7r8izET+BwAAgNKIuX9DmElF8r/+v/6//r/P/9f/75v+v8//b0P/X/8/0/9fsUvdn+/39fei/x9P8/n/lEXR+v8x9/9amElF8j8AAABUQcz97wozkf8BAACgNGLuvzLMRP4HAACA0oi5/6owk4rk/1Xu/+cX0gf9/1ezLNP/z/T/9f9b1qn/r//fC/r/+v+d6P8Xt/8/lOn/d1PAz//X/6dwitb/j7n/3WEmFcn/AAAAUAUx918dZiL/AwAAQGnE3P+eMBP5HwAAAEoj5v5rwkwqkv99/r/+v/6//r/+v/5/L+n/6/93ov9f3P6/z//X/+92fv1/lqNo/f+Y+98bZlKR/A8AAABVEHP/tWEm8j8AAACURsz97wszkf8BAACgNGLu3xhmUpH8r/+v/6//r/+v/6//30v91f8fXPIU/f86/f9mq9f/n1tYgP5/36xf/1//n+6K1v+Puf/9YSYVyf8AAABQBTH3fyDMRP4HAACA0oi5/7owE/kfAAAASiPm/rEwk4rkf/1//X/9f/1//X/9/17qr/7/0vT/6/T/m/n8f/1//X/9fzorWv8/5v5NYSYVyf8AAABQBTH3bw4zkf8BAACgNGLu3xJmIv8DAABAacTcvzXMpCL5X/9f/1//X/9f/1//v5f0//X/O9H/1//v5/Xr/+v/013R+v8x918fZlKR/A8AAABVEHP/DWEm8j8AAACURsz9Hwwzkf8BAACgNGLu3xZmUpH8r/+v/6//38f9/yH9/0z/v/D0//X/O9H/1//v5/Xr/+v/013R+v8x938ozKQi+R8AAACqIOb+G8NM5H8AAAAojZj7bwozkf8BAACgNGLuHw8zqUj+1//X/y9J/z/swaxa/X+f/9+0fv3/YtL/1//vRP9f/7+f16//r/9Pd0Xr/8fcf3OYSUXyPwAAAFRBzP3bw0zkfwAAACiNmPsnwkzkfwAAACiNmPsnw0wqkv/1//X/S9L/r+bn/+v/N61f/7+Y9P/1/zvR/9f/7+f16//r/9Nd0fr/MfdPhZlUJP8DAABAFcTcvyPMRP4HAACA0oi5f2eYifwPAAAApRFz/64wk4rk/z7p/29PBSj9f/1//X/9f/3/vqL/r//fif6//n8/r1//X/+fZoNtvle0/n/M/bvDTCqS/wEAAKAKYu7fE2Yi/wMAAEBpxNx/S5iJ/A8AAAClEXP/rWEmFcn/fdL/9/n/+v/6/w30//X/+4n+v/5/J/r/+v/9vH79f/1/uita/z/m/r1hJhXJ/wAAAFAFMfd/OMxE/gcAAIDSiLn/tjAT+R8AAAD6SrvPIYxi7v9ImElF8r/+f9n7//Nr9f/1//X/O69f/7+39P/1/zvR/9f/L+b6x/T/9f9ZJUXr/8fcvy/MpCL5HwAAAKog5v7bw0zkfwAAACiNmPvvCDOR/wEAAKA0Yu7fH2ZSkfyv/1/2/r/P/9f/1//vtn79/97S/9f/70T/vz/7/+FlS4n7//33+f/5MaT/TxEVrf8fc/+dYSYVyf8AAABQBTH3fzTMRP4HAACA0oi5/2NhJvI/AAAAlEbM/R8PM6lI/tf/1//X/9f/1//X/+8l/f+e9f9rT4X6/3X6/ytzqfvz/b7+IvX/ff4/RVW0/n/M/XeFmVxQ/m999QoAAAAUScz9nwgzqci//wMAAEAVxNz/62Em8j8AAACURsz9d4eZVCT/6//r/+v/6//r/+v/95L+v8//70T/X/+/p+tf09v16//r/9Nd0fr/Mff/RphJRfI/AAAAVEHM/feEmcj/AAAAUBox938yzET+BwAAgD6zdPkn5v7fDDOpSP7vv/7/WF/2/wfT5ev/6//r/+v/6/+vJv1//f9M/3/FSt//7/H69f/1/+muaP3/mPt/K8ykIvkfAAAAqiDm/k+Fmcj/AAAAUBox9/92mIn8DwAAAKURc/+9YSYVyf+r3f9vPX8nPv9f/z/T/9f/1//X/79I+v/6/5n+/4pd6v58v69/Rf3/hkNC/58qKFr/P+b+3wkzqUj+BwAAgCqIuf++MBP5HwAAAArqoQs+R8z9nw4zkf8BAACgNGLu/0yYSUXyf/99/r/+v/6//r/+v/5/P9H/1//vRP9f/7+f1+/z//X/6a5o/f+Y++8PM6lI/gcAAIAqiLn/s2Em8j8AAACURsz9vxtmIv8DAABAacTc/3thJhXJ//r/+v/6//r/+v/6/72k/7+4/58/h+n/1+n/6//38/r1//X/6a5o/f+Y+z8XZlKR/A8AAABVEHP/74eZyP8AAABQGjH3/0GYifwPAAAApRFz/wNhJhXJ//r/+v/6//r/+v/6/72k/+/z/zvR/9f/7+f16//r/9Nd0fr/Mfd/PsykIvkfAAAAqiDm/j8MM5H/AQAAoDRi7j8QZiL/AwAAQGnE3P9gmElF8r/+v/6//r/+v/6//n8v6f/r/3ei/6//38/r1//X/6e7ovX/Y+4/GGayv/lqAAAAgP4Vc/8Xwkwq8u//AAAAUAUx9x8KM5H/AQAAoDRi7j8cZlKR/K//r/+v/6//r/+v/99L+v/6/53o/w/WVqj/35/r1//X/6e7ovX/Y+6fDjOpSP4HAACAKoi5/0iYifwPAAAApRFz/9EwE/kfAAAASiPm/ofCTCqS//X/9f/1/yvb/3/5ey3r1P/X/+8F/X/9/070/33+fz+vX/9f/5/uitb/j7n/WJhJRfI/AAAAVEHM/V8MM5H/AQAAoDRi7v9SmIn8DwAAAKURc//xMJOK5H/9f/1//f/K9v+X9/n/6xauV/9f/38l9P/1/zvR/9f/7+f16//r/9Nd0fr/MfefCDOpSP4HAACAKoi5/2SYifwPAAAApRFz/6kwE/kfAAAASiPm/tNhJhXJ//r/F9b/H1iiG6j/3379+v8l6P830P/X/18J/X/9/070/0vR/08voPX/9f/1/2lVtP5/zP1/FGZSkfwPAAAAVRBz/5kwE/kfAAAASiPm/pkwE/kfAAAASiPm/tkwk4rkf/1/n/+v/6//r/+v/99L+v/F6/9vWc6G/8/efS7ndVZ9HH7ixI497+QccgrvCcAhcAzMcAr0ltBDh9B7C72FDqH33nsvoRMIvc7AxFprBQvp2bKtx7r3va7rQxZRHLQ1Uj78x/7N1v8fif6/y/v/rzvw3x+t/z+r/2dAo/X/ufvvG7c02f8AAADQQe7++8Ut9j8AAABMI3f//eMW+x8AAACmkbv/AXFLk/2v/9f/6//1//p//f8u6f/H6/+P9Av1/0ei/+/S/x9stP7f+/8Z0Wj9f+7+B8YtTfY/AAAAdJC7/0Fxi/0PAAAA08jd/+C4xf4HAACAaeTuf0jc0mT/6//1//p//b/+X/+/S/p//f82+n/9/5qfX/+v/2fZaP1/7v6Hxi1N9j8AAAB0kLv/YXGL/Q8AAADTyN3/8LjF/gcAAIBp5O6/IW5psv/1//p//f8K+/9r9P/6//XQ/+v/t9H/6//X/Pz6f/0/y0br/3P33xi3NNn/AAAA0EHu/kfELfY/AAAATCN3/yPjFvsfAAAAppG7/1FxS5P9r//X/+v/V9j/e/+//n9F9P/6/230//r/NT+//l//z7LR+v/c/Y+OW5rsfwAAAOggd/9j4hb7HwAAAKaRu/+xcYv9DwAAANPI3f+4uKXJ/tf/6//1//p//b/+f5f0//r/bfT/+v81P7/+X//Psp33//e66fw9av+fu/+muKXJ/gcAAIAOcvc/Pm6x/wEAAGAaufufELfY/wAAADCN3P1PjFua7H/9v/7/7v7/31fp//X/+v+7P67/Px76f/3/Nvp//f+an1//r/9n2c77/4Xef//f5+5/UtzSZP8DAABAB7n7nxy32P8AAAAwjdz9T4lb7H8AAACYRu7+p8YtTfa//l//7/3/+v+x+/8z9XH9v/7/IPr/S+7/9/+ndyH9/5Ho//X/h/X/9zzC8+v/6WC0/j93/9Pilib7HwAAADrI3f/0uMX+BwAAgGnk7r85brH/AQAAYBq5+58RtzTZ//p//b/+X/9/Yf9/arD+/8q8//+uj+n/d0P/P2z/v90x9P/3OMKn0f/r/9f8/N7/r/9n2Wj9f+7+Z8YtTfY/AAAAdJC7/1lxi/0PAAAA08jd/+y4xf4HAACAaeTuf07c0mT/z93/nz30l+n/9+j/9f+by33//9Vz9P/e/787+v++/f9R6P/1/2t+fv2//p9lo/X/ufufG7c02f8AAAAwvVOb2v3Pi1vsfwAAAJhG7v7nxy32PwAAAEwjd/8L4pYm+3/u/v9w+v89+n/9/+Zy+/9J3v+v/98d/b/+f5uj9v8b/X99Lfr/cZ5f/6//Z9lo/X/u/hfGLU32PwAAAHSQu/9FcYv9DwAAANPI3f/iuMX+BwAAgGnk7n9J3NJk/+v/9f/6/xPv/8/kv6f/j++r/l//fxH0/z36f+//v/tr0f+P8/z6f/0/y0br/3P3vzRuabL/AQAAoIPc/S+LW+x/AAAAmEbu/pfHLfY/AAAATCN3/yvilv37/9SVfKorR/+v/9f/n3j/X/T/8X3V/+v/L4L+X/+/mbD/P3vI59P/j/X8+n/9P8tG6/9z998Stxw6/K49wlcJAAAAjCR3/yvjFn/+HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j+s/7/z//b+uf7/aPT/Bz+//l//r//X/+v/9f/b6P+9/3/Nz6//1/+zbLT+P3f/a+KWJvsfAAAAOsjd/9q4xf4HAACAaeTuf13cYv8DAADANHL3vz5uabL/j//9/9fr//X/+v+4+n/9v/5f/6//307/r/9f8/Pr//X/LBut/8/d/4a4pcn+BwAAgA5y978xbrH/AQAAYBq5+98Ut9j/AAAAMI3c/W+OW5rs/0vt/895//8F9P8HP/+R+v9T+v+k/4/vq/5f/38R9P/6/43+/5KddD+/9ufX/+v/WTZa/5+7/9bzU6/f/gcAAIAObj3/17Obt8Qt9j8AAABMI3f/W+MW+x8AAACmkbv/bXFLk/1//O//1//r/73/X/8fP1/6f/2//l//v0D/r/9f8/Pr//X/LBut/8/d//a4pcn+BwAAgA5y978jbrH/AQAAYBqx+/f+8Lv9DwAAAFN65/m/nt28K25psv8b9//XX27/f+6//rf+/+Dn1/8fS/9/6/6fPf2//n9N9P/6/230//r/NT//OP1/fOAG/T/jGa3/z93/7rilyf4HAACADnL3vydusf8BAABgGrn7b4tb7H8AAACYRu7+98YtTfZ/4/5/kvf/3/uOeAL9/7z9v/f/x9X/6/8Pov/X/2/0/5fspPv5tT//OP2/9/8zrtH6/9z974tbmux/AAAA6CB3//vjFvsfAAAAppG7/wNxi/0PAAAA08jd/8G4pcn+n7v/P3foL5un//f+f/2//l//Pzb9v/5/G/2//n/Nz6//1/+zbLT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/5+7/D6f/37PL/v+uT9K9/78qvr7p+/8b9f8b/f+h9P/6/230//r/NT+//l//z7LR+v/c/R+LW5rsfwAAAOggd//H4xb7HwAAAKaRu/8TcYv9DwAAANPI3f/JuOH/rzu5Rzpepw/5ePTm+v9Z+//4P9x4/7/3/3v//9Lz6/93S//fuv+//ZqFT6P/1/+v+fn1//p/lo3W/+fu/1Tc4vf/AQAAYBq5+z8dt9j/AAAAMI3c/Z+JW+x/AAAAmEbu/s/GLU32v/5/1v7/5N//r//fef9/Tv9/4fPr/8ek/2/d/y/S/+v/1/z8+n/9P8tG6/9z938ubmmy/wEAAKCD3P2fj1vsfwAAAJhG7v4vxC32PwAAAEwjd/8X45Ym+1//r/+fqf8/06v/9/7/fc+v/x+T/l//v43+X/+/5ufX/+v/WTZa/5+7/0txS5P9DwAAAB3k7v9y3GL/AwAAwDRy938lbrH/AQAAYBq5+78atzTZ//p//f9M/X+z9//r//c9v/5/TPp//f82+n/9/5qfX/+v/2fZaP1/7v6vxS1N9j8AAAB0kLv/63GL/Q8AAADTyN3/jbjF/gcAAIBp5O7/ZtzSZP/P3P9v+2X6/z36f/3/Rv+v/98x/b/+fxv9v/5/zc+v/9f/s2y0/j93/7filib7HwAAADrI3f/tuMX+BwAAgGnk7v9O3GL/AwAAwDRy9383bmmy/2fu/7fR/+/R/+v/N/p//f+O6f/1/9vo//X/a35+/b/+n2Un1P+f3hzS/+fu/17c0mT/AwAAQAe5+78ft9j/AAAAMI3c/T+IW+x/AAAAmEbu/h/GLfPs//vctuUf6v+Pvf8//0Ok/9f/b/T/+n/9/3n6f/3/Nvp//f+an1//r/9n2a77/9MX+f7/3P0/ilvm2f8AAADQXu7+H8ct9j8AAABMI3f/T+IW+x8AAACmkbv/9rilyf7X/3v/v/6/Vf9/9Ub/r/+/wvT/+v9t9P/6/zU/v/5f/8+yXff/S73//r/P3f/TuKXJ/gcAAIAOcvf/LG6x/wEAAGAauft/HrfY/wAAADCN3P2/iFua7H/9v/5f/9+q//f+f/3/Faf/1/9vo//X/6/5+bP/z587/b/+n/81Wv+fu/+XcUuT/Q8AAAAd5O7/Vdxi/wMAAMA0cvf/Om6x/wEAAGAauft/E7c02f/6/wH6/43+X/+/R/8f31f9v/7/Iuj/9f8b/f8lO+l+fu3P7/3/+n+Wjdb/5+6/I25psv8BAACgg9z9v41b7H8AAACYRu7+38Ut9j8AAABMI3f/nXFLk/2v/x+g//f+/+Pv/6/V/+v/9f+j0P/r/7fR/+v/1/z8+n/9P8tG6/9z9/8+bmmy/wEAAKCD3P1/iFvsfwAAAJhG7v4/xi32PwAAAEwjd/+f4pYm+1//r/+/+P7/dH3dw/b/3v+v/9f/D2Pe/v+M/l//f9n9/8237H1Y/7/O59f/6/9ZNlr/n7v/z3FLk/0PAAAAHeTu/0vcYv8DAADANHL3/zVusf8BAABgGrn7/xa3NNn/+n/9/5Tv/9f/6//1/8OYt//3/n/9v/f/6//1//p/lozW/+fu/3vc0mT/AwAAQAe5+/8Rt+zb//t/fwoAAABYj9z9/4xb/P4/AAAATCN3/7/ilib7X/+v/9f/6//1//r/XdL/6/+30f/r/9f8/Pp//T/LRuv/c/f/JwAA//8adyGc")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0xbb)

4m5.337016829s ago: executing program 37 (id=1617):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000040)='./file1\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x1, 0x5ff4, &(0x7f0000006c40)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiUZ4Ii8QCy6PAJtsWORFwisgHgBLM6wiQShUM+fYNeUe9zi2u7rn/H7SuOrr09V9yv+pqe6uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzrdMPhiM/EIKIfsVzXx6KeuZjvP4yII7HdHM9FxGAxol5++59nIs5FxEeHIja31lfrm8/ssx/nT928/sn3v/OP3/3p9pGfvvmTD9rtP/rs2Q9/fyvi8A9f+/CTW49n3QEAAKAUVVVVvfQ2/2h6f9/vulMAwFTk/X+V5NvVarVa/VjrP/Znqz/qQuumarxbzSIiNprL1K8ZHI4HgDmzER933QU6JP+iDSPiqa47Acy0Xtcd4InY3Fpf7aV8e839wbGd9vw55a78N3p3r+/Y3Fq/+zjN6STtc0ym9ft1Owbx7B79WZ5SH2ZJzr/fzv/yTvso3e8B+Y+dTtLVOUZ75T/aufSpODn/QTv/ll35/zki5jb//tj8S5XzHz5M/huDOd7+5Q8AAAAAwMGXP/8//OmP/z6Wz/8XH31V9uVBx3+PTakPAAAAAAAAAPC4Per4f3cZ/w8AAABmVv1evfaXQ/du2+u72OrbL/Uinm7dHyhMulhmpet+AAAAAAAAAAAAAEBJhjvn8F7qRSxExNMrK1VV1T9N7fphPery86709YeSdf1HHgAAdnx0qHUtfy9iKSIupe/6W1hZWamqpeWVaqVaXsyvZ0eLS9Vy431tnta3LY728YJ4OKrqB1tqLNc06f3ypPb249XPNaoG++jYdHQYOABExM7eaNMe6YCpqmei61c5zAfb/8Fj+2c/uv49BQAAAJ68qqqqXvo676PpmH+/604BANOwlPf/7eMCarVarVarD17dVI13q1lExEZzmfo1g+H4AWDObMTHXXeBDsm/aMOIONJ1J4CZ1uu6AzwRm1vrq72Ub6+5P0jju+dzQXblv9HbXi4vP246Sfsck2n9ft2OQTy7R3+em1IfZknOv9/O//JO+yjd70nnPy175V+v5+EO+tO1nP+gnX/Lwcm/Pzb/UuX8hw+V/0D+AAAAAAAww/Ln/4cd/82rDAAAAAAAAABzZ3NrfTVf95qP/39+zP16zTnXfx4YOf/evvN3/e9BkvPvt/NvnZAzaMzfeeNe/v/eWl/94Oa/PpenM5//wmBUP/dCrz8YpnN+qoW34mpci7U4dd/9h7vaT9/XvrCr/cyE9rP3tY/q9uXcfiJW4xdxLd6827444cSopQnt1YT2nP/A9l+knP+w8VPnv5Lae61p7c77/fu2++Z03PNc/Nt/X7x/65q+2zG4u25N9fod76A/2/8nT43iVzfWrp/4zZWbN6+fjjTZdeuZSJPHLOe/kH5y/i+9sNOe/+43t9c7748eOv9ZcTuGe+b/QmO+Xt+Xp9y3LuT8R+kn55/3QOO3/3nOf+/t/5UO+gMAAAAAAAAAAAAAAAAPUlXV9iWiFyPiQrr+p6trMwGAqfrDD9JMlYRarVar1eoDWzdV473eLGJp9zIXIuK34x4MAJhl/4uIf3bdCToj/4Ll7/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z+3zwNqjRu9a/zXN+LY3I7/2R8Ntsc6Tyv0fDx4/O/j8eDxv4cTnm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2rdr5l/9dd5zr+/K/+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp3b+7bDHT1bOP4997TzQsuT8c+byL0vO/4upln9Zcv4vplr+Zcn559d78i9Lzj+/95F/WXL+L6da/mXJ+X851fIvS87/lVTLvyw5/6+kWv5lyfm/mmr5lyXnfyLV8i9Lzv9kquVflpx/PsIl/7Lk/POZDfIvS87/TKrlX5ac/9lUy78sOf9zqZZ/WXL+51Mt/7Lk/C+kWv5lyfl/NdXyL0vO/2upln9Zcv6vpVr+Zcn5fz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/F9PtfzLcu/7/81MeeY/f4+YgW6YMTNupuu/TAAAAAAAAAAAAABA2zROJ+56HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+zw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHd3MXKV9xnAz37Za0OCGwghxAnrD4gDi3fXX+AQg0lCSkmbUhLSpiU1jr02TvxV7zoBhMpSaEsUpCK1F/SiaRKlUaS2AkWRmko0Qmqk9q5cJeImaiUuLBUqByWVUgW2OjPv++7M7OzMer2Dz5zz+yH89+6cmXnnzJnZedZ6ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGm362PSfD2RZlv9f+2NDll2e/31dtj//cm7PpV4hAAAAcLHerP35D1ekb+xfxpkatvm3D/zH9+fn5+ezL7xx7q2/nJ9PJ4xl2dDaLKudFv37L38x37hN8GQ2OjDY8PVgl6sf6nL6cJfTR7qcvqbL6Wu7nD7a5fRFO2CRdfXfx9QubGvtrxvquzS7Khupnba1zbmeHFg7OBh/l1MzUDvP/MiR7Fh2PJvOJhedZ6D2X5a9uCm/rruzeF2DDde1Mcuy8z977FBcw0DYx1uzpiurabzvXr8zG3vjZ48d+s7sa+9tN7vuhkUrzbJtm/N1PpVlC7+uygaytWmfxHUONqxzY5t1DjWtc6B2vvzvres8v8x1xts9Gtb5cod1bgzfe3hLlmVz2ZLbtHoyG8zWt1xr2t+j9SMiv4z8rnxXNnxBx8mmZRwn+Xle3dJ8nLQek3H/bwr7ZHiJNTTeHa8/sWbRfl/pcZLf6iIcq/ll35tf6eho469Wm47VfJvHrl/6GGh737U5BtKx3HAMbO52DAyuGaodA4MLa97cdAxMLTrPYDZQu65z13c+BiZmT5yemHnk0ZuPnTh4dPro9MmpyT27du7etXP37okjx45PT9b/vLBd2kfWZ4PpGNwcnmviMfjBlm0bD8n5b67e42C0II+D/LZ/5oZ8QZcPZksc4/k2T227+MdB+rnf8DgYbngctH1ObfM4GF7G4yDf5vy25f3MHG74v90aevVcuKHhGFjxz8N8u4v8eZhf5wMfWvq5cGNY19M3XujPw6FFx0C8WQPhsZd/J73eG7017JfFx8W1+QmXrcnOzkyf2f7wwdnZM1NZGG+LKxvuq9bjZX3DbcoWHS+DF3y87P/7X91wbZvvbwj7avSmzvdVvs2u8c73Ve3ZvXl/rsnq+7PpuzuyMFbZ270/2/00y/dnyhId9me+zVM3X/xrwZRLGp7/Rro9/w2NDNef/4bS3hhpev5bfNcM1VaWZedvXt7z30j4/+1+/rtqNZ7/ViEP5Pvqge2dj4F8m6cnLvQYGO74/LclzIGwng+FxDDakPvfqp0+Vz9MG+7LrsfN8PBIOG6G4zU2Hzc7F50nv7T8urdNruy42bal+b5qet1SwuMm31d/Ndn5uMm3eWnq4p871sW/Njx3rOl2DIwMrcnXO5IOgvrz3fy6eAxszw5lp7Lj2eF0nvxezq9rfMfyjoE14f+3+7njmoIcA/m+em5H52Mg3+ZHO1f3tdO28J20TcNrp9bfLyyV+a8dXri81t222pk/X+fHf/yp9L12GSLf5rVdF5ozOu+nm8J3Lmuzn1ofP0sd04ezt2c/XRPWeXx3599N5dtctWeZx9P+LMtemXql9vuu8Pvd75398febfu/b7nfKr0y9cs/EfT+5kPUDALByb9X+nFtTf63Z8C/Wy/n3fwAAAKAvxNw/GGYi/wMAAEBpxNw/FGYi/wMAAEBpxNw/HGZSkfz/0K17n3/z8Sy9G+B8EE+Pu+He2+vbxY73XPh6bH5B/v2Pfnvk+a8+vrzrHsyy7Ff3vK/t9g/dHtdVdzqu88PN31/kmuuWdf0P3r+wXeP7J5zfW7/8eHuWexjErvKLEztqlzv2yFRtvnRPVpv3zT39ZP3y61/H7c/trG//N+FNS/YfGWg6/7awnq1hjoX3lLl3/8J+yGc83/MbP/CvV3524fri+QY2v7N2M5/74/rlxveIevbK+vbxdi+1/n/52nefz7d/+Pr26398sP36z4XLfTXMX+6rb9+4z7/asP4/DeuP1xfPt/1bP2y7/hfeU9/+hXBcfCPM1vXf+Rfvf7Pd/RWvZ/9t9fPF65/8312188XLi5ffuv7Rx6ea9kfr5b/0Rv1y9n3550ON28fvx+uJHryt+fgeCPdvU488y7Lv/lnWtJ+zj9TP988t64+Xd/q29uu/qWWdpweuq51/4fZsaLpdX/+7HW1vb1zP/n/c0HR7nr0r7L83Jn6UX+65+8LxGE7/v5frl9f6XqYv3NX8fBO3/8aG+uM2Xt5Ey/qfbVn/3HX5vuu+/rvfqK//hTvWNq1//yfC8XR3fXZb/9G/vaLp/N/8Tv3+OPOV8ZOnZs4eO9ywVxsfx2tH162/7PJ3vPOK8Fza+vWBU7MPTZ8ZmxybzLKxPnzLwF6v/1th/k99zK3+NdT95Of14+6ZT9Z/bn3wF/Wvnw3ffzDcn/Hn49f/eqTpeG293+fuqM+LXf+NYR3L9Z6v/dd1y9rw3OdfPPtPf/Ja6+uCeHtOv3u0dvue23R17bSBl+qntz5fdfOf725+XP90eLI2fxD263x4Z+bNV9evr/Xy43uTPPPp+uM3vpKL589a3k9kw1Dz7bjY9f80vI754TXNz3/x+PjB4y3v5rwhG8iXMBeeH7K5+ulxq7i/nzl/ddvri+/Dk82990KWuaSZR2Ymjh87efbhidnpmdmJmUcePXDi1NmTswdq71164Ivdzr/w+F5fe3wfnt6zK6s92k/VR49d6vWfvv/Q4Vsmbzg8feTg2SOz95+ePnP00MzMoenDMzccPHJk+ivdzn/s8L6pHXt33rJj/Oixw/tu3bt3597xYydP5cuoL6qLPZNfGj955kDtLDP7du2d2r171+T4iVOHp/fdMjk5frbb+Ws/m8bzc395/Mz08YOzx05Mj88ce3R639TePXt2dH33xxOnj8yMTZw5e3Li7Mz0mYn6bRmbrX07/9nX7fxUw8yp8HzXYiC8Ov/cTXvS++Pmvv3EkhdV36T55Wn2engvqPjzrdvXMfePhJlUJP8DAABAFcTcH974f+EE+R8AAABKI+b+tWEm8j8AAACURsz99eQ/mj7+vSr5f7X6/0/o/9fo/+v/Z/r/if6//n9Wsv5/PvX/9f8b6f/r/+v/6//TWdH6/yH3Z+uyzL//AwAAQEnF3L8+zET+BwAAgNKIuf+yMBP5HwAAAEoj5v7Lw0wqkv99/r/+v/5/p/5/3Fb/P9P/L0L/f+t/6/8v4vP/9f8z/f8Vu9T9+X5ffwH7/+v0/ymaovX/Y+5/R5hJRfI/AAAAVEHM/e8MM5H/AQAAoDRi7r8izET+BwAAgNKIuX9DmElF8r/+v/6//r/P/9f/75v+v8//b0P/X/8/0/9fsUvdn+/39fei/x9P8/n/lEXR+v8x9/9amElF8j8AAABUQcz97wozkf8BAACgNGLuvzLMRP4HAACA0oi5/6owk4rk/1Xu/+cX0gf9/1ezLNP/z/T/9f9b1qn/r//fC/r/+v+d6P8Xt/8/lOn/d1PAz//X/6dwitb/j7n/3WEmFcn/AAAAUAUx918dZiL/AwAAQGnE3P+eMBP5HwAAAEoj5v5rwkwqkv99/r/+v/6//r/+v/5/L+n/6/93ov9f3P6/z//X/+92fv1/lqNo/f+Y+98bZlKR/A8AAABVEHP/tWEm8j8AAACURsz97wszkf8BAACgNGLu3xhmUpH8r/+v/6//r/+v/6//30v91f8fXPIU/f86/f9mq9f/n1tYgP5/36xf/1//n+6K1v+Puf/9YSYVyf8AAABQBTH3fyDMRP4HAACA0oi5/7owE/kfAAAASiPm/rEwk4rkf/1//X/9f/1//X/9/17qr/7/0vT/6/T/m/n8f/1//X/9fzorWv8/5v5NYSYVyf8AAABQBTH3bw4zkf8BAACgNGLu3xJmIv8DAABAacTcvzXMpCL5X/9f/1//X/9f/1//v5f0//X/O9H/1//v5/Xr/+v/013R+v8x918fZlKR/A8AAABVEHP/DWEm8j8AAACURsz9Hwwzkf8BAACgNGLu3xZmUpH8r/+v/6//38f9/yH9/0z/v/D0//X/O9H/1//v5/Xr/+v/013R+v8x938ozKQi+R8AAACqIOb+G8NM5H8AAAAojZj7bwozkf8BAACgNGLuHw8zqUj+1//X/y9J/z/swaxa/X+f/9+0fv3/YtL/1//vRP9f/7+f16//r/9Pd0Xr/8fcf3OYSUXyPwAAAFRBzP3bw0zkfwAAACiNmPsnwkzkfwAAACiNmPsnw0wqkv/1//X/S9L/r+bn/+v/N61f/7+Y9P/1/zvR/9f/7+f16//r/9Nd0fr/MfdPhZlUJP8DAABAFcTcvyPMRP4HAACA0oi5f2eYifwPAAAApRFz/64wk4rk/z7p/29PBSj9f/1//X/9f/3/vqL/r//fif6//n8/r1//X/+fZoNtvle0/n/M/bvDTCqS/wEAAKAKYu7fE2Yi/wMAAEBpxNx/S5iJ/A8AAAClEXP/rWEmFcn/fdL/9/n/+v/6/w30//X/+4n+v/5/J/r/+v/9vH79f/1/uita/z/m/r1hJhXJ/wAAAFAFMfd/OMxE/gcAAIDSiLn/tjAT+R8AAAD6SrvPIYxi7v9ImElF8r/+f9n7//Nr9f/1//X/O69f/7+39P/1/zvR/9f/L+b6x/T/9f9ZJUXr/8fcvy/MpCL5HwAAAKog5v7bw0zkfwAAACiNmPvvCDOR/wEAAKA0Yu7fH2ZSkfyv/1/2/r/P/9f/1//vtn79/97S/9f/70T/vz/7/+FlS4n7//33+f/5MaT/TxEVrf8fc/+dYSYVyf8AAABQBTH3fzTMRP4HAACA0oi5/2NhJvI/AAAAlEbM/R8PM6lI/tf/1//X/9f/1//X/+8l/f+e9f9rT4X6/3X6/ytzqfvz/b7+IvX/ff4/RVW0/n/M/XeFmVxQ/m999QoAAAAUScz9nwgzqci//wMAAEAVxNz/62Em8j8AAACURsz9d4eZVCT/6//r/+v/6//r/+v/95L+v8//70T/X/+/p+tf09v16//r/9Nd0fr/Mff/RphJRfI/AAAAVEHM/feEmcj/AAAAUBox938yzET+BwAAgD6zdPkn5v7fDDOpSP7vv/7/WF/2/wfT5ev/6//r/+v/6/+vJv1//f9M/3/FSt//7/H69f/1/+muaP3/mPt/K8ykIvkfAAAAqiDm/k+Fmcj/AAAAUBox9/92mIn8DwAAAKURc/+9YSYVyf+r3f9vPX8nPv9f/z/T/9f/1//X/79I+v/6/5n+/4pd6v58v69/Rf3/hkNC/58qKFr/P+b+3wkzqUj+BwAAgCqIuf++MBP5HwAAAArqoQs+R8z9nw4zkf8BAACgNGLu/0yYSUXyf/99/r/+v/6//r/+v/5/P9H/1//vRP9f/7+f1+/z//X/6a5o/f+Y++8PM6lI/gcAAIAqiLn/s2Em8j8AAACURsz9vxtmIv8DAABAacTc/3thJhXJ//r/+v/6//r/+v/6/72k/7+4/58/h+n/1+n/6//38/r1//X/6a5o/f+Y+z8XZlKR/A8AAABVEHP/74eZyP8AAABQGjH3/0GYifwPAAAApRFz/wNhJhXJ//r/+v/6//r/+v/6/72k/+/z/zvR/9f/7+f16//r/9Nd0fr/Mfd/PsykIvkfAAAAqiDm/j8MM5H/AQAAoDRi7j8QZiL/AwAAQGnE3P9gmElF8r/+v/6//r/+v/6//n8v6f/r/3ei/6//38/r1//X/6e7ovX/Y+4/GGayv/lqAAAAgP4Vc/8Xwkwq8u//AAAAUAUx9x8KM5H/AQAAoDRi7j8cZlKR/K//r/+v/6//r/+v/99L+v/6/53o/w/WVqj/35/r1//X/6e7ovX/Y+6fDjOpSP4HAACAKoi5/0iYifwPAAAApRFz/9EwE/kfAAAASiPm/ofCTCqS//X/9f/1/yvb/3/5ey3r1P/X/+8F/X/9/070/33+fz+vX/9f/5/uitb/j7n/WJhJRfI/AAAAVEHM/V8MM5H/AQAAoDRi7v9SmIn8DwAAAKURc//xMJOK5H/9f/1//f/K9v+X9/n/6xauV/9f/38l9P/1/zvR/9f/7+f16//r/9Nd0fr/MfefCDOpSP4HAACAKoi5/2SYifwPAAAApRFz/6kwE/kfAAAASiPm/tNhJhXJ//r/F9b/H1iiG6j/3379+v8l6P830P/X/18J/X/9/070/0vR/08voPX/9f/1/2lVtP5/zP1/FGZSkfwPAAAAVRBz/5kwE/kfAAAASiPm/pkwE/kfAAAASiPm/tkwk4rkf/1/n/+v/6//r/+v/99L+v/F6/9vWc6G/8/efS7ndVZ9HH7ixI497+QccgrvCcAhcAzMcAr0ltBDh9B7C72FDqH33nsvoRMIvc7AxFprBQvp2bKtx7r3va7rQxZRHLQ1Uj78x/7N1v8fif6/y/v/rzvw3x+t/z+r/2dAo/X/ufvvG7c02f8AAADQQe7++8Ut9j8AAABMI3f//eMW+x8AAACmkbv/AXFLk/2v/9f/6//1//p//f8u6f/H6/+P9Av1/0ei/+/S/x9stP7f+/8Z0Wj9f+7+B8YtTfY/AAAAdJC7/0Fxi/0PAAAA08jd/+C4xf4HAACAaeTuf0jc0mT/6//1//p//b/+X/+/S/p//f82+n/9/5qfX/+v/2fZaP1/7v6Hxi1N9j8AAAB0kLv/YXGL/Q8AAADTyN3/8LjF/gcAAIBp5O6/IW5psv/1//p//f8K+/9r9P/6//XQ/+v/t9H/6//X/Pz6f/0/y0br/3P33xi3NNn/AAAA0EHu/kfELfY/AAAATCN3/yPjFvsfAAAAppG7/1FxS5P9r//X/+v/V9j/e/+//n9F9P/6/230//r/NT+//l//z7LR+v/c/Y+OW5rsfwAAAOggd/9j4hb7HwAAAKaRu/+xcYv9DwAAANPI3f+4uKXJ/tf/6//1//p//b/+f5f0//r/bfT/+v81P7/+X//Psp33//e66fw9av+fu/+muKXJ/gcAAIAOcvc/Pm6x/wEAAGAaufufELfY/wAAADCN3P1PjFua7H/9v/7/7v7/31fp//X/+v+7P67/Px76f/3/Nvp//f+an1//r/9n2c77/4Xef//f5+5/UtzSZP8DAABAB7n7nxy32P8AAAAwjdz9T4lb7H8AAACYRu7+p8YtTfa//l//7/3/+v+x+/8z9XH9v/7/IPr/S+7/9/+ndyH9/5Ho//X/h/X/9zzC8+v/6WC0/j93/9Pilib7HwAAADrI3f/0uMX+BwAAgGnk7r85brH/AQAAYBq5+58RtzTZ//p//b/+X/9/Yf9/arD+/8q8//+uj+n/d0P/P2z/v90x9P/3OMKn0f/r/9f8/N7/r/9n2Wj9f+7+Z8YtTfY/AAAAdJC7/1lxi/0PAAAA08jd/+y4xf4HAACAaeTuf07c0mT/z93/nz30l+n/9+j/9f+by33//9Vz9P/e/787+v++/f9R6P/1/2t+fv2//p9lo/X/ufufG7c02f8AAAAwvVOb2v3Pi1vsfwAAAJhG7v7nxy32PwAAAEwjd/8L4pYm+3/u/v9w+v89+n/9/+Zy+/9J3v+v/98d/b/+f5uj9v8b/X99Lfr/cZ5f/6//Z9lo/X/u/hfGLU32PwAAAHSQu/9FcYv9DwAAANPI3f/iuMX+BwAAgGnk7n9J3NJk/+v/9f/6/xPv/8/kv6f/j++r/l//fxH0/z36f+//v/tr0f+P8/z6f/0/y0br/3P3vzRuabL/AQAAoIPc/S+LW+x/AAAAmEbu/pfHLfY/AAAATCN3/yvilv37/9SVfKorR/+v/9f/n3j/X/T/8X3V/+v/L4L+X/+/mbD/P3vI59P/j/X8+n/9P8tG6/9z998Stxw6/K49wlcJAAAAjCR3/yvjFn/+HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j+s/7/z//b+uf7/aPT/Bz+//l//r//X/+v/9f/b6P+9/3/Nz6//1/+zbLT+P3f/a+KWJvsfAAAAOsjd/9q4xf4HAACAaeTuf13cYv8DAADANHL3vz5uabL/j//9/9fr//X/+v+4+n/9v/5f/6//307/r/9f8/Pr//X/LBut/8/d/4a4pcn+BwAAgA5y978xbrH/AQAAYBq5+98Ut9j/AAAAMI3c/W+OW5rs/0vt/895//8F9P8HP/+R+v9T+v+k/4/vq/5f/38R9P/6/43+/5KddD+/9ufX/+v/WTZa/5+7/9bzU6/f/gcAAIAObj3/17Obt8Qt9j8AAABMI3f/W+MW+x8AAACmkbv/bXFLk/1//O//1//r/73/X/8fP1/6f/2//l//v0D/r/9f8/Pr//X/LBut/8/d//a4pcn+BwAAgA5y978jbrH/AQAAYBqx+/f+8Lv9DwAAAFN65/m/nt28K25psv8b9//XX27/f+6//rf+/+Dn1/8fS/9/6/6fPf2//n9N9P/6/230//r/NT//OP1/fOAG/T/jGa3/z93/7rilyf4HAACADnL3vydusf8BAABgGrn7b4tb7H8AAACYRu7+98YtTfZ/4/5/kvf/3/uOeAL9/7z9v/f/x9X/6/8Pov/X/2/0/5fspPv5tT//OP2/9/8zrtH6/9z974tbmux/AAAA6CB3//vjFvsfAAAAppG7/wNxi/0PAAAA08jd/8G4pcn+n7v/P3foL5un//f+f/2//l//Pzb9v/5/G/2//n/Nz6//1/+zbLT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/5+7/D6f/37PL/v+uT9K9/78qvr7p+/8b9f8b/f+h9P/6/230//r/NT+//l//z7LR+v/c/R+LW5rsfwAAAOggd//H4xb7HwAAAKaRu/8TcYv9DwAAANPI3f/JuOH/rzu5Rzpepw/5ePTm+v9Z+//4P9x4/7/3/3v//9Lz6/93S//fuv+//ZqFT6P/1/+v+fn1//p/lo3W/+fu/1Tc4vf/AQAAYBq5+z8dt9j/AAAAMI3c/Z+JW+x/AAAAmEbu/s/GLU32v/5/1v7/5N//r//fef9/Tv9/4fPr/8ek/2/d/y/S/+v/1/z8+n/9P8tG6/9z938ubmmy/wEAAKCD3P2fj1vsfwAAAJhG7v4vxC32PwAAAEwjd/8X45Ym+1//r/+fqf8/06v/9/7/fc+v/x+T/l//v43+X/+/5ufX/+v/WTZa/5+7/0txS5P9DwAAAB3k7v9y3GL/AwAAwDRy938lbrH/AQAAYBq5+78atzTZ//p//f9M/X+z9//r//c9v/5/TPp//f82+n/9/5qfX/+v/2fZaP1/7v6vxS1N9j8AAAB0kLv/63GL/Q8AAADTyN3/jbjF/gcAAIBp5O7/ZtzSZP/P3P9v+2X6/z36f/3/Rv+v/98x/b/+fxv9v/5/zc+v/9f/s2y0/j93/7filib7HwAAADrI3f/tuMX+BwAAgGnk7v9O3GL/AwAAwDRy9383bmmy/2fu/7fR/+/R/+v/N/p//f+O6f/1/9vo//X/a35+/b/+n2Un1P+f3hzS/+fu/17c0mT/AwAAQAe5+78ft9j/AAAAMI3c/T+IW+x/AAAAmEbu/h/GLfPs//vctuUf6v+Pvf8//0Ok/9f/b/T/+n/9/3n6f/3/Nvp//f+an1//r/9n2a77/9MX+f7/3P0/ilvm2f8AAADQXu7+H8ct9j8AAABMI3f/T+IW+x8AAACmkbv/9rilyf7X/3v/v/6/Vf9/9Ub/r/+/wvT/+v9t9P/6/zU/v/5f/8+yXff/S73//r/P3f/TuKXJ/gcAAIAOcvf/LG6x/wEAAGAauft/HrfY/wAAADCN3P2/iFua7H/9v/5f/9+q//f+f/3/Faf/1/9vo//X/6/5+bP/z587/b/+n/81Wv+fu/+XcUuT/Q8AAAAd5O7/Vdxi/wMAAMA0cvf/Om6x/wEAAGAauft/E7c02f/6/wH6/43+X/+/R/8f31f9v/7/Iuj/9f8b/f8lO+l+fu3P7/3/+n+Wjdb/5+6/I25psv8BAACgg9z9v41b7H8AAACYRu7+38Ut9j8AAABMI3f/nXFLk/2v/x+g//f+/+Pv/6/V/+v/9f+j0P/r/7fR/+v/1/z8+n/9P8tG6/9z9/8+bmmy/wEAAKCD3P1/iFvsfwAAAJhG7v4/xi32PwAAAEwjd/+f4pYm+1//r/+/+P7/dH3dw/b/3v+v/9f/D2Pe/v+M/l//f9n9/8237H1Y/7/O59f/6/9ZNlr/n7v/z3FLk/0PAAAAHeTu/0vcYv8DAADANHL3/zVusf8BAABgGrn7/xa3NNn/+n/9/5Tv/9f/6//1/8OYt//3/n/9v/f/6//1//p/lozW/+fu/3vc0mT/AwAAQAe5+/8Rt+zb//t/fwoAAABYj9z9/4xb/P4/AAAATCN3/7/ilib7X/+v/9f/6//1//r/XdL/6/+30f/r/9f8/Pp//T/LRuv/c/f/JwAA//8adyGc")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0xbb)

3m31.718331322s ago: executing program 8 (id=1953):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
creat(&(0x7f0000000000)='./file2\x00', 0x149)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0)

3m31.638159739s ago: executing program 8 (id=1959):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

3m31.538619151s ago: executing program 8 (id=1960):
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r0, 0x1e, 0x0, 0x1)

3m31.538435411s ago: executing program 8 (id=1961):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x20108c0, &(0x7f0000006980)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703837342c6572726f72733d72656d6f756e742d726f2c75737271756f74612c696f636861727365743d63703836312c696f636861727365743d6370313235302c696e7465677269747900696f636861727365743d69736f383835392d342c646973636172643d30783030303030303030303030303030396943b95b49aca56faf1cc22189cc312c796f636861727365743d6d6163677265656b2c71756f74612c726573697a653d3078303030303030303030303030376666662c646973636172643d3078303030303030303066666666666666662c756d61736b3d3078303030303030303030303032303034352c6673636f6e746578743d046e636f6e66696e65645f752c66736d616769633d3078303030303030303030303230303030392c324216873b95edfe8ceab2bb0b11835a5cf531ac6273c29a4d4f9d056f1bcb8cd0a969ed12cf99802b5b3201518ecfc59a4fd94dd5349dc55633bd2bde1128ad071807ef13a9f10c0fbf3ad861c2009067c5c6c84cdba2806fa74eddff8373799d0b8c1e6f7e2b205235161b610ae5c66d1d9cfc2bc0cb617ae49331ade71595c2a5438139933aada47236dafdffffff088a552445f95768ccecb0c35797e832beced2077fa197623cd3de51d69d7a4f77a80eb5f783f091e5ec6047a0f67676819f4bf66744c1cb0975b96baf730000000000000001004e257bbabf33e3fa8d0cca2fbb4dabe1c5634b06881b049910b34a55f5a213438b2cdf889b764ce26ae4e539fdffa2ea82c34b16308e26ce945d101d5f2e2577d8e2a21d9401194a97a6c281b603da7c66934f0c"], 0xfe, 0x61f6, &(0x7f000000cdc0)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDTe54lnN7tdp7Z31p7PR3JmfvPMep/Jd189L08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPH97/1grRURN36eFqxEfCY6Ee2IpbJejYil1ZW8fjcinou95ng2InoLEeXt9/55OuLViPjobMTO7uZ6ufjyAfvx3T/+/Xc/PPPW3/7Qu/jfP93rvDZpvfv3f/WfPz843DYDAABA0xRFUbTS1/xz6ft9u+5OAQAzkd//iyQvP/X1r//51l/mqT/qRtcRl/YWzkt/1Gr16a2rivEeVIuI2KrepvzMYHc8AJwwW/Fx3V2gRvJvtG5EnKm7E8Bca9XdAY7Fzu7meivl26q+H6wO2vOxIEP5b7Uend8xaTrN6DEms3p8bUcnnpnQn6UZ9WGe5Pzbo/nfGLT303rHnf+sTMq/Pzj1qXFy/p3R/Eccaf4LdebfHpt/U+X8u0+Uf+cEP//lDwAAAADA6Zf//r9S8/7fhcNvyoF80v7f1Rn1AQAAAAAAAACO2mHH/3vE+H8AAAAwt8rv6qXfnN1fNulabOXy662Ip0bWBxomnSyzXHc/AAAAAAAAAAAAAKBJuoNjeK+3InoR8dTyclEU5U/VaP2kDnv7k67p2w9NVveLPAAADHx0duRc/lbEYkRcT9f66y0vLxfF4tJysVwsLeTPs/2FxWKp8r02T8tlC/0DfCDu9ovyly1Wblc17fvytPbR31feV7/oHKBjR6SX/jcnNNcUNgAkg3ejHe9Ip0xRPD3pwwcM8fw/hVZipe7HFfOv7ocpAAAAcPyKoiha6XLe59I+/3bdnQIAZiK//4/uFzhU3Z7QHnE0v1+tVqvVavWnqquK8R5Ui4jYqt6m/MxgOH4AOGG24uO6u0CN5N9o3Yh4ru5OAHOtVXcHOBY7u5vrrZRvq/p+kMZ3z8eCDOW/1dq7Xb79uOk0o8eYzOrxtR2deGZCf56dUR/mSc6/PZr/jUF7P6133PnPyqT8+3unzDVPzr8zmv+I05N/e2z+TZXz7z5R/h35AwAAAADAHMt//1+x/zdvMgAAAAAAAACcODu7m+v5vNe8//9zY9Zz/ufplPNvPWn+S2le/idazr89kv+XR9brVOYfvrn//P/37ub67+/967N5etD8F/JMKz2yWukR0Ur31Oqm6WG27nHbvU6/vKdeq93ppmN+it47cStux0ZcGlq3nf4/9tvXhtrLnvaG2i8PtXcfa78y1N5L1x0olnL7hViPn8TteHuvvWxbmLL9i1PaiyntOf+O1/9Gyvl3Kz9l/supvTUyLT38sP3Y8746HXc/b9z6/C8vHf/mTDHpyseD7Ts/6+5EDF5xzvTjZ3c37ly4f/PevTtrkSZDSy9HmhyxnH9v72dh//X/hUF7ft2vPl8ffth/4vznxXZ0Hz22q8r8X6jMl9v70oz7Voecfz/95PzfTu3jn/8nOf/OxPxfrqE/AAAAAAAAAAAAAAAA8EmKotg7RfSNiLiazv+p69xMAGC28vt/keTlarVarVarT19dVYz3erWIiL9Wb1N+ZvjFuF8GAMyz/0XEP+ruBLWRf4Pl6/2V0xfr7gwwU3ff/+BHN2/f3rhzt+6eAAAAAAAAAACfVh7/c7Uy/vOLEbEyst7Q+K9vxuphx//s5plHA4we8UDfE2y3+512Zbjx52NvfO4Lk8b/Ph+Pj/+dx8TtVLdjgt6U9v6U9oUp7Ytjl+6nNfZEj4qc//OV8c7L/M+NDL/ehPFfR8e8b4Kc//nK47nM/0sj61XzL347d/lvHXTF7WgP5X/x3ns/vXj3/Q9eufXezXc33t348ZW1tUtXrl69du3axXdu3d64NPj3eHo9B3L+eexrx4E2S84/Zy7/Zsn5fyHV8m+WnP8XUy3/Zsn558978m+WnH/+7iP/Zsn5v5Rq+TdLzv8rqZZ/s+zsbi6U+b+cavk3S37+fzXV8m+WnP8rqZZ/s+T8L6Ra/s2S87+Y6gPk7/Lwp0jOP+/h8vxvlpz/Wqrl3yw5/8upln+z5PyvpFr+zZLzfzXV8m+WnP/XUi3/Zsn5X021/Jsl5//1VMu/WXL+11It/2bJ+X8j1fJvlpz/N1Mt/2bJ+b+Wavk3S87/W6mWf7Pk/L+davk3S87/O6mWf7Pk/F9PtfybZf/6/2bMmDGTZ+p+ZQIAAAAAAAAAAAAARs3icOK6txEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+zw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHdvMXLd9R3Az+zF3nUIMRCCkxrYJCaEZMmu7cQX2jQmXBugFEgo9ILtetdmwTe8dgkUyaaBEgmjooqq6UNbQKiNVFVYFQ+0ojQPVS9PpX2gLxVVJaRGVUABFamtKFvNnP//vzOzszOz3vF69vw/Hyn57c6cmXPmzJnZ/e76uwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrd/ob5z9SKoqj/1/jf9qJ4Qf3jyantjcted723EAAAAFiv/2v8//mb0gWH+rhR0zJ/94p//NrS0tJS8b7R3x3/wtJSumKqKMa3FkXjuujKv7+/1rxM8EQxURtp+nykx+pHe1w/1uP68R7Xb+lx/dYe10/0uH7FDlhhsvx5TOPOdjU+3F7u0uLmYrxx3a4Ot3qitnVkJP4sp6HWuM3S+PFioThZzBezLcuXy9Yay3/j9vq63lrEdY00rWtn/Qj5wSeOxW2ohX28q2Vdy/cZfe/1xdQPf/CJY398/rlbO82eu6Hl/srtvPuO+nZ+KlxSbmut2Jr2SdzOkabt3NnhORlt2c5a43b1j9u38/k+t3N0eTM3VPtzPlGMND7+VmM/jTX/WC/tp53hsv++syiKS8ub3b7MinUVI8W2lktGlp+fifKIrN9H/VB6cTG2puP09j6O0/qc29V6nLa/JuLzf3u43dgq29D8NH3vk1tWPO9rPU6j+qNe7bXSfgwO+rUyLMdgPC6+1XjQT3Y8BneFx/+Ju1Y/BjseOx2OwfS4m47BO3odgyNbRhvbnJ6EWuM2y8fg7pblRxtrqjXms3d1PwZnzp86O7P4sY+/duHU0RPzJ+ZP7929e3bvvn0HDhyYOb5wcn62/P9V7u3ht60YSa+BO8K+i6+BV7ct23yoLn1pcK/DiS6vw+1tyw76dTjW/uBqG/OCXHlMl6+NR+s7feLySLHKa6zx/Nyz/tdhetxNr8Oxptdhx68pHV6HY328DuvLnL2nv+9Zxpr+67QN1+prwfamY7D9+5H2Y3DQ348MyzE4EY6Lf71n9a8FO8P2Pjm91u9HRlccg+nhhvee+iXp+/2JA43R6bi8rX7FDVuKC4vz5+57/Oj58+d2F2FsiJc0HSvtx+u2psdUrDheR9Z8vB5aeMWTt3W4fHvYVxOvrf9vYtXnqr7M/fd1f64aX90678+WS/cUYQzYRu/PTl/N6/szZcku+7O+zKdm1v+9eMqlTe+/46u8/8bc/5NyfemunhgdHytfv6Np74y3vB+3PlVjjfeuWmPdz8/09348Hv7b6Pfjm7u8H+9oW3bQ78fj7Q8uvh/Xev20Y33an8+JcJycnO3+flxfZseetR6TY13fj+8Msxb2/2tCUki5qOnYWe24TesaGxsPj2ssrqH1ON3bsvx4yGb1dT295+qO07vvLO9rND26ZRt1nE61LTvo4zS9X612nNZ6/fTt6rQ/nxPhuLh5b/fjtL7MM/ev/71zMn7Y9N65pdcxOD66pb7N4+kgLN/vlybjMXhfcaw4U5ws5hrXbmkcT7XGuqYf6O8Y3BL+2+j3yh1djsG725Yd9DGYvo6tduzVxpbfSAao/fmcCMfFUw90Pwbry7xx/2C/d707XJKWafretf3na6v9zOu2seX7K67xz7zq2/k3+7v/bLa+zMkDa82Z3ffTveGSGzrsp/bX72qvqbliY/bTjrCdzx1YfT/Vt6e+zBcO9nk8HSqK4uJHHm78vDf8fuXPL3z7ay2/d+n0O52LH3n4+zce/9u1bD8Am99PyrGt/FrX9Jupfn7/DwAAAGwKMfePhJnI/wAAAFAZMffHfxWeyP8AAABQGTH3j4WZZJL/d7zxuYWfXCxSM38piNen3fBIuVzsuM6Gz6eWltUvf/gr8z/6y4v9rXukKIofP/IbHZff8UjcrtJU2M4rb2q9fOUNL/a1/iOPLS/X3F//Yrj/+Hj6PQw6VXBni6L4xk2fa6xn6v2XG/OZR4405rsvPflEfZnnD5afx9s/+5Jy+T8I5d9Dx4+23P7ZsB++G+bs2zrvj3i7r15+zc79711eX7xd7Y4XNh72Ux8o7zf+nZzPP1EuH/fzatv/V599+qv15R9/VeftvzjSefufDvf7lTD/5+Xl8s3PQf3zeLtPh+2P64u3u+/L3+y4/Vc+Uy5/9s3lckfCjOu/O3y+683PLTTvr8drR1seV/GWcrm4/tlv/3bj+nh/8f7bt3/i8OWW/dF+fDzzz+X9zLQtHy+P64n+om399ftpPj7j+p/+rSMt+7nX+q+8+9mX1++3ff33ti032nb79r/Y9Ief/lzH9cXtOfRnZ1sez6F3hddxWP9THwjHY7j+f698rmW90ZF3tb7/xOW/uP1iy+OJ3vrDcv1XHjrRmP8x9aPfv+EFN77w0ivr+64ovvWe8v56rf/EH51p2f4v3XJP4/mI18eOfvv6VxPXf+6j06fPLF5YmGvaq42/nfP2cnu2Tkxuq2/vTeG9tf3zw2fOf3D+3NTs1GxRTFX3T+hdtS+H+f1yXFrr7e95LDyft/3eN7bd9U+fjZf/y6Pl5ZffVn7denVY7vPh8u3l87dUW+f6n7r9lsbru/ZM+XlLj30Adu76zwN9LRgef/v3BfF4P/vSDzb2Q/26xteN+Lpe5/Z/Z668n6+H/boU/jLzHbcsr695+fi3ES6/p3y9r3v/hbe5+Lz+SXi+3/Hd8v7jdsXH+53wfcw3d7S+38Xj4+sXR9rvv/FXPC6F95PiUnl9XCru78vP39Jx8+LfISku3dr4/HfS/dy6poe5msWPLc6cXDh94fGZ8/OL52cWP/bxw6fOXDh9/nDjb3ke/lCv2y+/P21rvD/Nze+7v5idLIriTDG7AW9Y12b76x/1t/1nHzs2t3/2rrn540cvHD//2Nn5cyeOLS4em59bvOvo8ePzH+11+4W5B3fvObh3/57pEwtzDx44eHDvwemF02fqm1FuVA/7Zj88ffrc4cZNFh+8/+DuBx64f3b61Jm5+Qf3z85OX+h1+8bXpun6rX99+tz8yaPnF07NTy8ufHz+wd0H9+3b0/OvAZ46e3xxaubchdMzFxbnz82Uj2XqfOPi+te+Xrenmhb/rfx+tl2t/EN8xTvv3Zf+PmvdVz656l2Vi7T9AdHnwt+i+YcXnT3Qz+cx94+HmWSS/wEAACAHMfdvCTOR/wEAAKAyYu7fGmYi/wMAAEBlxNw/EWaSSf7X/9f/76//X16v/59X///sR8pe6Wbv/8f+vP5/Hq5z/3/d69f/1/+vXv+///78Zt9+/X/9f1Yatv5/zP2TRZFl/gcAAIAcxNy/LcxE/gcAAIDKiLn/hjAT+R8AAAAqI+b+F4SZZJL/9f/76v/v6VW4qn7/3/n/9f+Lzdn/j0+O/n821ty/f++jLZ/q/wf6//r/+v/6//r/rNv4qtdcr/5/zP03hplkkv8BAAAgBzH3vzDMRP4HAACAyoi5/6YwE/kfAAAAKiPm/u1hJpnkf/1/5//X/9f/r3T/f73n/2/aGP3/zcH5/7vT/+/hqvv/E/r/m7H/Pz7Y7R/u/n/Pzdf/55oYtvP/x9z/ojCTTPI/AAAA5CDm/heHmcj/AAAAUBkx978kzET+BwAAgMqIuf/mMJNM8r/+v/6//r/+v/5/5/X3Pv9/+ZH+/3DR/+9O/78H5//Pq/8/4O0f7v7/oM//P/6m9tvr/9PJsPX/Y+5/aZhJJvkfAAAAchBz/y1hJvI/AAAAVEbM/S8LM5H/AQAAoDJi7t8RZpJJ/tf/1//X/9f/1//vvP7e/f+S/v9w0f/vTv+/B/1//X/9//76/x2++dX/p5Nh6//H3H9rmEkm+R8AAAByEHP/bWEm8j8AAABURsz9PxVmIv8DAABAZcTcvzPMJJP8r/+v/6//n1f//94t+v/6/9Wm/9+d/n8P+v/6//r/fZ7/f6W19P+39rozKmPY+v8x9788zCST/A8AAAA5iLn/FWEm8j8AAABURsz9rwwzkf8BAACgMmLunwozyST/6/9Xq///p3/91CsL/X/9/x7rH0T/vxYuHaL+fzwMhr7//5D+/zWl/9+d/n8P+v/6//r/G9L/Jx/D1v+Puf/2MJNM8j8AAADkIOb+O8JM5H8AAACojJj77wwzkf8BAACgMmLu3xVmkkn+1/+vVv8/0v/X/++2/o06//9YeD7Tcen8/87/vwH0/ztoepHq//eg/6//n33/P373q//PYAxb/z/m/leFmWSS/wEAACAHMfffVbT9Elf+BwAAgMpo5P5ionh1mIn8DwAAAJURc//dYSaZ5H/9/6vv/483faz/37r9+v+tcu3/b/D5/xP9/7zp/3e31v7/Fv1//X/9/8z6/+s7//9k+Fj/n2jY+v8x978mzCST/A8AAAA5iLn/njAT+R8AAAAqI/77zfLfvcr/AAAAUEUx90+HmWSS//X/nf8/p/5/Tf9/QP3/+Ij1/wv9/6Gj/9+d8//3oP+v/6//v67+v/P/027Y+v8x9782zCST/A8AAAA5iLn/vjAT+R8AAAAqI+b+mTAT+R8AAAAqI+b+2TCTTPK//r/+f079f+f/d/5//f/q0//vTv+/B/1//f+q9f+LQv+f62rY+v8x9+8OM8kk/wMAAEAOYu7fE2Yi/wMAAEBlxNy/N8xE/gcAAIDKiLn//jCTTPK//r/+v/6//r/+f+f16/9vTvr/3en/96D/r/9ftf6/8/9znQ1b/z/m/gfCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/Tv+sGAAAANpeY+w+EmWTy+3/9/4r0/3/z71vWrf+v/99t/YPp/0/q/4ep/z9cKtr/b39ZXDX9/x70//X/9f/1/xmoYev/x9x/MMwkk/wPAAAAOYi5/3VhJvI/AAAAVEbM/T8dZiL/AwAAQGXE3P8zYSaZ5P/B9v8n9f+bZHX+/8nW7df/73x8VKv/7/z/+v/DqaL9/4GpVP9/RP9f/3+4tl//X/+fla59/z9+1F//P+b+B8NMMsn/AAAAkIOY+382zET+BwAAgMqIuf+hMBP5HwAAACoj5v5DYSaZ5H/n/9f/d/5//f9r0/9/qGg3jP3/+sGj/18t+v/dVar/7/z/+v9Dtv36//r/rDRs5/+Puf/1YSaZ5H8AAADIQcz9D4eZyP8AAABQGTH3vyHMRP4HAACAyoi5/41hJpnkf/1//X/9f/1/5//vvH79/81J/787/f8e9P/1//X/9f8ZqGHr/8fc/6Ywk0zyPwAAAOQg5v43h5nI/wAAAFAZMfe/JcxE/gcAAIDKiLn/rWEmmeR//X/9f/1//X/9/87r1//fnPT/u9P/70H/X/9f/1//n4Eatv5/zP0/F2aSSf4HAACAHMTc/0iYifwPAAAAlRFz/9vCTOR/AAAAqIyY+98eZpJJ/tf/38T9/zH9f/1//X/9/97rzY3+f3f6/z3o/+v/6//r/zNQw9b/j7n/HWEmmeR/AAAAyEHM/T8fZiL/AwAAQGXE3P/OMBP5HwAAACoj5v5fCDPJJP/r/2/i/n8lz/+/dLH5dhXr/9cX0/+/Xv3/+o30/7Og/9+d/n8PHfr/W/X/8+r/L4V3ef1//X8GYtj6/zH3vyvMJJP8DwAAADmIuf/dYSbyPwAAAFRGzP3vCTOR/wEAAKAyYu5/NMwkk/yv/59l/z895OHr/692/v/JxnWbvP/v/P/O/6//vwGq2/9f8111pP/fg/P/6/87/7/+PwM1bP3/mPsfCzPJJP8DAABADmLuf2+YifwPAAAAlRFz/y+Gmcj/AAAAUBkx978vzCST/K//n2X/f4jP/79a/3+znv9/rCgml9eTU/9/oun5TMel/r/+/waobv9/MPT/e9D/1/8f5v5/OJonV7m9/j/DaNj6/zH3vz/MJJP8DwAAADmIuf+XwkzkfwAAAKiMmPt/OcxE/gcAAIDKiLn/V8JMMsn/+v/6//r/zv/v/P+d16//vznp/3en/9+D/r/+/zD3/3vQ/2cYDVv/P+b+Xw0zWTX4ff+/+niYAAAAwBCJuf8DYSaZ/P4fAAAAchBz/+EwE/kfAAAAKiPm/iNhJpnkf/3/9v5/PKOq/r/+v/6//r/+/2Y0uP7/y24sCv3/yvT/J/rcAP1//X/9f/1/BmrY+v8x9x8NM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+Y2Em8j8AAABURsz9c2EmmeT/69j/Hx/O/r/z/19t///H+v/6/4H+f2f6/xvD+f+7y7b/3y/9f/1//X/9fwZq2Pr/MffPh5lkkv8BAACgwtKPg2PuPx5mIv8DAABAZcTcfyLMRP4HAACAyoi5/4NhJpnkf+f/1/93/v/r0f8fa1le/7+k/6//Pwj6/93p//eg/6//r/+v/89ADVv/P+b+hTCTTPI/AAAA5CDm/g+Fmcj/AAAAUBkx9384zET+BwAAgMqIuf9kmEkm+V//X/8/9/5/rSguOf+//n+n9ev/b076/93p//eg/6//r/+v/89ADVv/P+b+U//P3n002XVWexw+9pUVbtWty0fwmBFDGJmPwJQZVYzJJgdZ5Awm52CyyTmDyTnnbHKOJhqqRLm11pK6z+m9JfXuPnu/7/NM1m2V+p7TVlvwp+tXO27pZP8DAABAD3L33zNusf8BAACgGbn77xW32P8AAADQjNz9945bOtn/+n/9f+/9/2orz//f/fv1/+fo//X/U1jr749t/n37ReH79v93uOO1d9P/6//1/4P0//p//T97za3/z91/n7ilk/0PAAAAPcjdf9+4xf4HAACAZuTuv1/cYv8DAABAM3L3Xxu3dLL/9f/6f/2//n9X/3+T/l//v2ye/z9M/z9C/6//1//r/5nU3Pr/3P33j1s62f8AAADQg9z9D4hb7H8AAABoRu7+B8Yt9j8AAAA0I3f/g+KWTva//l//r/9fSv9/3PP/93w9+n/9/yb6/2H6/xH6f/2//l//z6Tm1v/n7n9w3NLJ/gcAAIAe5O5/SNxi/wMAAEAzcvc/NG6x/wEAAKAZufsfFrd0sv/1//p//f9S+v8jev6//l//v3A3rM7/naD/X6f/HzHS/69W+v8hF93Pb/7ylvP+96H/1/+zbm79f+7+h8ctd16tjl/uFwkAAADMSu7+R8Qtnfz8HwAAAHqQu/903GL/AwAAQDNy918Xt3Sy//X/+n/9v/5f/7/59fX/y+T5/8MO3v/f/nb3uHu//X8zz/8/u+m/uWy/nz+obb//6fv/274z9P8s29z6/9z9Z+KWTvY/AAAA9CB3/yPjFvsfAAAAmpG7/1Fxi/0PAAAAzcjd/+i4pZP9r/9vrf//n12fd0H/v1O76P/1//p//X/r9P/DPP9/xM5fc6fqw2b7/31su59f+vv3/H/9P+vm1v/n7n9M3NLJ/gcAAIAe5O5/bNxi/wMAAEAzcvc/Lm6x/wEAAKAZufsfH7d0sv/1/631/7s/z/P/9f+bXl//r/9vmf5/mP5/RCvP/7/M75pt9/MHte33r//X/7Nubv1/7v4nxC2d7H8AAADoQe7+J8Yt9j8AAAA0I3f/k+IW+x8AAACakbv/yXFLJ/tf/6//X0b/n6+g/9f/H37/n/T/y/O/+v9R+v8RrfT/l2nb/fzS37/+X//Purn1/7n7nxK3dLL/AQAAoAe5+58at9j/AAAA0Izc/U+LW+x/AAAAaEbu/qfHLZ3sf/2//n8Z/b/n/+v/Pf9f/39x9P/D9P8j9P/6f/2//p9Jza3/z91/fdzSyf4HAACAHuTuf0bcYv8DAABAM3L3PzNusf8BAACgGbn7nxW3dLL/9f/6f/2//l//v/n19f/LpP8fpv8fof/X/+v/9f9Makb9/wWfdXL17Lilk/0PAAAAPcjd/5y4xf4HAACAZuTuf27cYv8DAABAM3L3Py9u6WT/6/9n0//v5Hxt9f+nVquV/n/Vaf9/6oI/z/q+1P/r/4+A/n+Y/n+E/l//r//X/zOpGfX/Ox/n7n9+3NLJ/gcAAIAe5O5/Qdxi/wMAAEAzcve/MG6x/wEAAKAZuftfFLd0sv/1/7Pp/3e01f97/v/e74+e+n/P/1+n/z8a+v9h+v8R+n/9v/5f/8+k5tb/5+5/cdx0/KrL/hIBAACAmcnd/5K4pZOf/wMAAEAPcve/NG6x/wEAAGChrl/7ldz9L4tbOtn/+v9p+//jF/ya/l//v/f7Q/+v/9f/Hz79/zD9/wj9v/5f/6//Z1Jz6/9z9788bulk/wMAAEAPcvffELfY/wAAANCM3P2viFvsfwAAAGhG7v5Xxi2d7H/9v+f/6//1//r/za+v/18m/f8w/f8I/b/+f7v9/4nz/6f+nzZcQv9/9uzZ04fe/+fuf1Xc0sn+BwAAgCbt+Vlp7v5Xxy32PwAAADQjd/9r4hb7HwAAAJqRu/+1cUsn+1//32n/n9/qy+r/r1ut9P/6f/2//n+Y/n+Y/n+E/l//7/n/+n8mNbfn/+fuf13c0sn+BwAAgB7k7r8xbrH/AQAAoBm5+18ft9j/AAAA0Izc/W+IWzrZ//r/Tvt/z//X/+v/j7r/v3Wl/z8Si+j/T+3/+nPv/8/o//X/A7rr/+9yp10f6v/1/6ybW/+fu/+NcUsn+x8AAAB6kLv/TXGL/Q8AAADNyN3/5rjF/gcAAIBm5O5/S9x0rJP9r//X/+v/9f/6/82vf8TP/z++Wq30/xNYRP8/YO79/zTP/9/7b/l5+n/9/5Lfv/5f/8+6ufX/ufvfGrd0sv8BAACgB7n73xa32P8AAADQjNz9b49b7H8AAABoRu7+d8Qtnex//b/+X/+v/59V/3/FIfT/ZxbR/3v+/0T0/8Pm0f/vT/+v/1/y+9f/6/+5eNvq/3P3vzNu6WT/AwAAQA9y978rbrH/AQAAoBm5+98dt9j/AAAA0Izc/e+JWzrZ//p//f+l9P/5Pnvr/0/F72u1/z8xp/5/5++Zk7v+/3Xy/H/9/0T0/8P0/yP0//p//f/1+n+mNLfn/+fuf2/c0sn+BwAAgB7k7n9f3Pqfbu1/AAAAaEbu/vfHLfY/AAAANCN3/wfilk72v/5f/+/5/57/P6vn/58+hOf/6/+7ov8fpv8fof/X/+v/Pf+fSc2t/8/d/8G4pZP9DwAAAD3I3f+huMX+BwAAgGbk7v9w3GL/AwAAQDNy998Ut3Sy//X/+n/9v/5f/3/uz1D/3wb9/7Cj6f9P6f/1/9XPXxH/Fuj/9f9jn0+b5tb/5+7/SNzSyf4HAACAHuTu/2jcYv8DAABAM3L3fyxusf8BAABgkY5t+LXc/R+PWzrZ//p//b/+f8L+/8qV/n+h/f+m19f/L9NW+v/8ptD/e/5/6Kf/v3rXR9t+/v+xS3z/e//zaxv9/wXrQ/9Pk+bW/+fu/0Tc0sn+BwAAgB7k7v9k3GL/AwAAQDNy938qbrH/AQAAoBm5+z8dt/Sw//9P/7/S/x+k/z+j//f8f/2//n9uPP9/mP5/hP5/q8/PX/r79/x//T/r5tb/5+7/TNzSw/4HAACATuTu/2zcYv8DAABAM3L3fy5usf8BAACgGTu7P+OyDve//l//7/n/+n/9/+bX1/8vk/5/mP5/hP5f/6//1/8zqbn1/5/f+ayTqy/ELZ3sfwAAAOhB7v4vxi32PwAAADQjd/+X4hb7HwAAAJqRu//LcUsn+1//r/9fRv9/9uzZ0/p//f/ur+d8/3+z/p+i/x+m/x+h/9f/6//1/0xqbv1/7v6vxC2d7H8AAADoQe7+r8Yt9j8AAAA0I3f/1+IW+x8AAACakbv/63FLJ/tf/z+D/v+k/t/z//X/K8//1/9PRP8/TP8/osX+/+TFf/nb7ucPatvvX/+v/2fd3Pr/3P3fiFs62f8AAADQg9z934xb7H8AAABoRu7+b8Ut9j8AAAA0I3f/t+OWTva//v/o+v/b/tn18vz/U6vN71//r//X/+v/D5v+f5j+f0SL/f8l2HY/v/T3r//X/7Nubv1/7v7vxC27h99Vl/ZVAgAAAHOSu/+7cUsnP/8HAACAHuTu/17cYv8DAABAM3L3fz9u6WT/6/9n8Pz/Bvt/z//f/P2h/591/3+l/r8N+v9h+v8R+n/9v/5/ov4/v5v1/72bW/+fu/8HcUsn+x8AAAB6kLv/h3GL/Q8AAADNyN3/o7jF/gcAAIBm5O6/OW65YP9vartbof/X/+v/9f/6/82vr/9fJv3/sIvt/0+sDtb/J/2//l//32v/7/n/nDO3/j93/4/jFj//BwAAgMW5ap9fz93/k7jF/gcAAIBm5O7/adxi/wMAAEAzcvf/LG655cptvaUjpf/X/+v/9f/6/82vr/9fJv3/MM//H6H/n6Kfv0b/30b/v1rp/zm4ufX/uft/Hrf4+T8AAAA0I3f/L+IW+x8AAACakbv/l3GL/Q8AAADNyN3/q7ilk/2v/9f/H7D/30kz9f/n6P/P0f9vpv8/Gvr/Yfr/Efp/z//X/3v+P5OaW/+fu//XcUsn+x8AAAB6kLv/N3GL/Q8AAADNyN3/27jF/gcAAIBm5O7/XdzSyf6ftP+/MSrsi+n/4x+1/n/x/b/n/+v/9f/6/1nR/w/T/4/Q/+v/9f/6fyY1t/4/d//v45ZO9j8AAAD0IHf/H+IW+x8AAACakbv/j3GL/Q8AAADNyN3/p7ilk/3v+f/6f/2//l//v/n19f/LpP8fpv/frP6g9P/6f/2//p9Jza3/z93/57ilk/0PAAAAPcjd/5e4xf4HAACAZuTuvyVusf8BAACgGbn7/xq3dLL/9f/6f/2//l//v/n19f/LNKv+/5j+/8LPvev/j7+s5/9vvf/Pt6D/1//r/5nE3Pr/3P1/i1s62f8AAADQg9z9f49b7H8AAABoRu7+f8Qt9j8AAAA0I3f/P+OWTvb/SP9/on6j/n+Q/n/3+9f/b/7+0P/r//X/h29W/b/n/y/m+f9F/+/5//p//T+Tmlv/n7v/X3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/3fcYv8DAABAM3L3/ydu6WT/e/7/kvr/a/T/+n/9v/5f/z9C/z9M/z9C/6//v4T3f/Wej/X/+n/Wza3/z93/3wAAAP//tmNCRw==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

3m31.235394324s ago: executing program 8 (id=1962):
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x110000, 0x0)
getdents64(0xffffffffffffffff, &(0x7f0000000240)=""/50, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

3m31.038040265s ago: executing program 8 (id=1963):
syz_open_dev$dri(0x0, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
personality(0x4000009)

3m30.930494887s ago: executing program 38 (id=1963):
syz_open_dev$dri(0x0, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
personality(0x4000009)

3m10.898203782s ago: executing program 9 (id=2183):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

3m10.037640647s ago: executing program 9 (id=2196):
openat$drirender128(0xffffff9c, &(0x7f0000000080), 0x2002, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x1}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3m9.927893371s ago: executing program 9 (id=2199):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000000), 0x14)

3m9.828146156s ago: executing program 9 (id=2200):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

3m9.766311569s ago: executing program 9 (id=2203):
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000007c0), 0x8000, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x6)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001a00), 0x2000, 0x0)
fcntl$setstatus(r1, 0x4, 0x0)

3m9.598781556s ago: executing program 9 (id=2210):
unshare(0x22020400)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000240), 0x381000, 0x0)
mq_timedreceive(r0, 0x0, 0x0, 0xa, 0x0)

3m9.436189104s ago: executing program 39 (id=2210):
unshare(0x22020400)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000240), 0x381000, 0x0)
mq_timedreceive(r0, 0x0, 0x0, 0xa, 0x0)

2.674760338s ago: executing program 2 (id=4691):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002420702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000022850000009400000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x2f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.589524202s ago: executing program 2 (id=4693):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x2008000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bc, &(0x7f0000000440)="$eJzs3EFrE08Yx/Hn37RNmtImfxBBQX3Qi16WNr4ADdKCGFBqU9SDsLUbDVmTshsiEbG5iFdfR/HoTVDfQC/ixbu3IgheehBXupttk5rWbU2a2H4/UGa2M7/OLN2WZwud9TuvHpcKrlEwqzKUUBkSaciGSHqz1/Rfsx3y+6PSqiGXxr9/PnP77r0b2VxuZk51Njt/OaOqk+fePXn2+vyH6vjCm8m3cVlL31//lvmydnLt1PrP+UdFV4uulitVNXWxUqmai7alS0W3ZKjesi3TtbRYdi2nbbxgV5aX62qWlyaSy47lumqW61qy6lqtaNWpq/nQLJbVMAydSMrxNhxhTn51bs7M7jrsxbq6I3RfvP1yrNMcx8k2Og/mV3u1LwAAMLj2rv+DWn/3+j+3ELRdrv9FqP97pNF29Yf6H0eC42TNZPPntx31PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t5npcK2/AjLiIJEQmv+71P9MYBv/9X+rRddFnLP+4lROyXtXwtH7TBeLYgRbHFkilJyQ//eWgK+rPXczNT6htpfsnN/EotH/PPJvDzoXSn/Nn/p4O8yvvNXK2ZH5Fk6/oZScmJzutntvPhcQgrtfyoXLzQkjckJR8fSEVsWfKf6+3882nVazdzO9Yf8+ftJsrpGgAAAAAADApDt6Tb33+Dsx8Nf0JCfh8P8vv4+8CO9+thOc1LNAAAAAAAh8KtPy2Ztm05B+jEReQv4ke1E5OB2MaOzlUROfRFRaTRn1tOiEjwGT1I/OtWPFLKizBnWEQG4kmI2On3byYAAAAA3bZd9O8j9OlFD3cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxE/U8sHB+yVuRtvPtwoE94i3LxQ79BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAB8isAAP//0KwZYw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
open_tree(0xffffffffffffff9c, 0x0, 0x98901)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x1810714, &(0x7f0000000200)={[{@journal_dev={'journal_dev', 0x3d, 0xcd29}}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x1002}}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@oldalloc}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time}, {@nodiscard}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL7zSioiCoFU0Nn60tKCycKPRxIUmJrrAZW0LqQzU0JoIabQag0tD4t64NPEvcOXKqCsTt7o3JEQbE9CNY+7MvW1nmCn9mDKV+f2SgXPmnrnnPD333DlzzkwAPWsw+yeJ+H9E/BIR/fVsY4HB+n83Fucn/lqcn0iiWn3j96RW7vri/ERRtHjdnjwzlEaknyR5JY1mL146O16pTF3I8yNz594dmb146enpc+Nnps5MnR87efLE8dHnnh17piNxZvFdP/TBzOGDr7x15bWJU1fe/uHrrL0HjtSPr4yjUwazwP+o1jQfe6zTlXXZP9XlOJNyt1vDWpUiIuuuvtr4749SLHdef7z8cVcbB2yp7J69s/3hhSpwB0ui2y0AuqN4o88+/xaP2zT12BauvVD/AJTFfSN/1I+UI83L9G1h/YMRcWrh7y+yRzStQ1RbrBsAAGzWt9n856lW8780DqwotzffGxqIiLsjYl9E3BMR+yPi3oha2fsi4v511t+8NXTz/DO9uqHA1iib/z2f7201zv+K2V8MlPLcXbX4+5LT05WpY/nfZCj6dmb50VYnL07x0s+ftat/5fwve2T1F3PB/CRXy00LdJPjc+OdmpRe+yjiULlV/MnSTkASEQcj4tD6Tr23SEw/8dXhdoVuHf8qOrDPVP0y4vF6/y9EU/yFZPX9yZFdUZk6NlJcFTf78afLr7erf1Pxd0DW/7sbr/+mEv1/Jiv3a2fXX8flXz9t+5myvMHrf0fyZm1Pd0f+3Pvjc3MXRiN2JK/W8g3Pjy2/tsgX5bP4h462Hv/78tdk8T8QEdlFfCQiHoyIh/K+ezgiHomIo6vE//2Lj77T7th26P/Jlve/pet/oLH/158onf3um3b1r+3+d6KWGsqfqd3/bqF9c3blJTZ6NQMAAMB/T1r7bnySDi+l03R4uP4d/v2xO63MzM49eXrmvfOT9e/QD0RfWqx09a9YDx1NFvIz1vNj+Vpxcfx4vm78eel/tfzwxExlssuxQ6/b02b8Z34rdbt1wJbzey3oXc3jP+1SO4Dbz/s/9C7jH3qX8Q+9q9X4/7Apby8A7kze/6F3Gf/Qu4x/6F3GP/Skzfyuf6sS5VV+vS+xXRKRbotmSLRIlDswurt8YwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQfwMAAP//EgHx+Q==")
r3 = inotify_init()
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe, 0x80201469}, 0xc)
r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/netlink\x00')
read$msr(r5, &(0x7f0000000040)=""/59, 0xffb5)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r6, 0xc0884123, &(0x7f00000002c0)={0x1, "f5aa58fe47809b57701b4a6e77745cf37bfba3ee5d69ea3b1909f6d17b75ed78b6a70b1972eee68c13ccdabf3ea228cb4a12b0c68e16287c85e74e7de7327742", {0x9, 0x80bc}})
inotify_add_watch(r3, 0x0, 0x4000423)
openat$dir(0xffffffffffffff9c, 0x0, 0x448042, 0x108)
getsockopt(0xffffffffffffffff, 0x28, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)
write$FUSE_CREATE_OPEN(r6, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x0, 0x1, 0x5, 0xa, 0x3, 0x1, {0x5, 0x17d, 0x8, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x20000000, 0xee00, 0x0, 0x3ff, 0x4}}, {0x0, 0x11}}}, 0xa0)
r8 = syz_open_dev$usbmon(&(0x7f0000000080), 0x4, 0x40000)
ioctl$MON_IOCG_STATS(r8, 0x80089203, &(0x7f00000000c0))

1.590172345s ago: executing program 2 (id=4705):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2100, 0x0)
fstat(r0, &(0x7f0000000040))

1.545353247s ago: executing program 2 (id=4707):
remap_file_pages(&(0x7f0000083000/0x3000)=nil, 0x3000, 0x2000008, 0xa5, 0x4000)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
recvmmsg(r0, &(0x7f0000001d80)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x10002, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000040)=0x4, 0x4)
sendmsg(r1, &(0x7f0000002c40)={&(0x7f0000000140)=@in={0x2, 0x4e24, @empty}, 0x80, &(0x7f0000001780)=[{&(0x7f00000001c0)='k', 0x1}], 0x1}, 0x0)

630.475549ms ago: executing program 2 (id=4729):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x6, 0x0, 0x6, 0x691}, 0x10)
sendmmsg$alg(r1, &(0x7f0000000b00)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)='V', 0x1}], 0x1}], 0x1, 0x0)
sendto$inet6(r1, &(0x7f0000000040)='{', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)

630.192723ms ago: executing program 5 (id=4730):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000840)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="cb", 0x1}], 0x1}}], 0x1, 0x44004)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)='$', 0x1}], 0x1, &(0x7f0000000780)=ANY=[@ANYBLOB="1000"], 0x10}}], 0x1, 0x4004804)

549.724341ms ago: executing program 2 (id=4731):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4242, 0x5c)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0)

549.521793ms ago: executing program 5 (id=4732):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xc0}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)

468.239549ms ago: executing program 6 (id=4733):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="2400000001040101b1d6898f00000000020000060600064000050000050001"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

468.0768ms ago: executing program 5 (id=4734):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0x4008af04, &(0x7f0000000000)={{0x0, 0x0, 0xc1, 0x5, 0x9, 0x7ff, 0x7, 0x7ff, 0x8, 0x7, 0x3b, 0xfff, 0xffff, 0x8a8, 0x6}})

467.891527ms ago: executing program 6 (id=4735):
syz_emit_ethernet(0x82, &(0x7f0000000740)={@broadcast, @random='\x00\x00B\f\x00', @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "fec000", 0x48, 0x3a, 0x0, @private0, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "18b088", 0x0, 0x0, 0x0, @empty, @mcast2, [@hopopts={0x11}, @dstopts={0x32, 0x0, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}]}}}}}}}, 0x0)

390.958693ms ago: executing program 5 (id=4736):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000000000000000000001701000002000000000000007005baa38d33e2e1650de8f13f421b2d4b60252e76171216e42961c3b08d4d3dacb0a7089ff7cbfd613d46fa95d6e2f6e76ac3266c9b1a531c4bcf0e7071f117cca4e883b4a6eb5dee7a9ab4d05d7ee311ab1c55b817285e0c3714ee6137e3b8553de667701a7c93437583b5f0b285a188098c1ac4ebac40b315ff8db6f736992497879a42b95248fed4d4888970573d0e88ceead26d97e172588a3ad30fbd01b7bbeeaa668e835f7ae3113fe2d949bb47bc0b2c62541714cc0538601ae4bab19d69a5addee134dd447034da6dd89704603d31a3d25b9d5f46cfd43d9e29aac7422920d98e1463256bd4cc929373ad9000000000faf6a95a04ad3b9db9b230f8224a3d6db187a94e5dadfe181d20d3a4bd08e8b0e6eeb79fdee230dd852a36dfc9046d03b8f316b2d460ca5d08c515d914db8ce430ea0237911c440ee750fe787aaffa83b809651c529e4cf68c8219a827ea003c59e3e51b00cd7f9464f37be2eb3e1475819ad37edcc238b85ab205a2b394916815d9cf7bf3f8e3d19a4697756299e21f2afd3ae31e0f09b8153965635216de47156f4e5fc97cb04f9c5e13256be1d9e0a94f9c6387940de1bcd7b532d16ebba216601cf23be6a7c259550bd059a5a7aee85eb558de8201c1d9c7b29e27313f61cf0b07dd790071bdbceabdd32ce2bcc279b1575a1431b03e5dc37307d15a2782175c87dad1a3aadf48b382bea4ae0b423edee0e12ada4c1dacc40bf387630792ab5c7ed6e2ef7e8a77268b0ff8978ccddfa8da4521d24b3fddc70d181c20caa9a584df9b2e"], 0x18}], 0x4924924924924fd, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000600)=""/77, 0x4d}, {&(0x7f0000000200)=""/62, 0x3e}], 0x2}, 0x0)

390.796764ms ago: executing program 6 (id=4737):
socket$nl_route(0x10, 0x3, 0x0)
setregid(0xee00, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x4000, &(0x7f0000002300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0x20}, 0x20)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

306.486838ms ago: executing program 6 (id=4738):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73f72cc9f0ba1f848350000005e120602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x4000850)

306.341504ms ago: executing program 5 (id=4739):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x5, 0x3, 0x0, {}, {0x0, 0x2710}, {}, 0x2, @can={{}, 0x1, 0x0, 0x0, 0x0, "eb090b08ece8dca0"}}, 0x48}, 0x300}, 0x0)

221.071492ms ago: executing program 5 (id=4740):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f00000001c0)=ANY=[], 0x1, 0xb22, &(0x7f00000017c0)="$eJzs3V2MXFUBAOAzszvbLhSZYpG1IFBRwB+2dLvWn8a0pI2JDSXEFxLiS1MKNtaaiIlKSGz75JsQUhOf/AlPPEiqMZEX0/BEYkikCTHyhD74QFOUxAeptmN29py7M2dn9s5sZ3dmd74vOXvm3nPuPefevXPn/p4TgLFVbf6dn5+phHD+tZcOv3f/P6YXxhwoctSbfydbhmohhEocnszm9+7EYnztg+ePd4orYa75Nw2Hx64U094cQjgT7g0XQz3sPH/pxTfnHj169si5XW+9sv/y2iw9AACMl8cv7p+//W9/vnP71VfvPhi2FOPT8Xk9Dm+Lx/0H44F/Ov6vhvbhSktoNZXlm4yhOt2eb6JDvtZyalm+yS7lT2Xl17rk2xJWLn+iZVyn5YaNLG3H9VCpzrYNV6uzs4vn5KF5Xj9VmT198tTTzw6posDA/fueEMK9LeHQufbhFcJUj/kGGg4MocwBhcYI1GHNwj/XcN4H1285rjYWDX19rlNo3DrsPRBAaDsbL+4P5s7kVxZuTDG3yfZyu5V/5ZFq5+lhAMq2v0Fv/32VP7XO5U90yDDM5R+B8l8+a4/D4GzWrSktV/oebYvD+X2E/Pml7t+//E5H+9j8fkStx3p2u4+wUe4vdKtnp133KOpW/3y72Ky+GuOF9fDXN5ant35/8v/pRvkfA539J7/+L6wcHh+BOox4GMp9oXEKoW24diPzagx5/wOMrvy5uUa6Pxrlz/Xl6VtK0reWpE+XpN9Ukn5zSTqMs999/6fhhcrSeX5+Tt/v9fB0ne2WGH+kz/rk1yP7LT9/7ne5lZ94uNHy8+eJYZT94dgTJ7701JOXFp//rxTb//W4vafTjXr8bl2MGdJ10/y6evHsf729nGqXfLdl9bmlQ/7m5x3t+So7luYTWvYzy+ox0z7drd3y3dWer57lm45ha1bf/Pjkpmy6dPyR9qtpfU1my1vLlmMqq0far2yPcV4PWI20PXZ7/j9tnzOhVnn65KkTD8fhtJ2+MVHbsjB+T8e5b5S7WDCelr7vf5pa6f2fmdD+/s+2YnytWuwXWg5+0/5iT7gQ59c+fq4op3383jicfue+NTHdHD97/Lunnhr84sNYe/ZHz3372KlTJ763kT+k/c5gZpgO1Xue6msjsRL6+jA90DXmwyb8MKQdErBudv948SDgoZPfOfbMiWdOnN67b9/eubl9X947v7t5XL+79ay/1Zkh1BYYpKUf/Z6yv7/mFQIAAAAAAAAAAABK/eDI4Utvv/7Fdxbf/196/y+9/5+e/E3v//8ke/8/f08+vQef3rPf3iG9mSdrYHUqy1eL4aNZfXdk5dyeTfexGBf9+MX3/1NxebuuqT53ZONrXQaz5gSWtZcylbVBkvcX+MkYn4vxrwMMUWW68+gYl7Vvnbb19ApeS7sUDe0Dbxzp/5a2htSOSXr/u2O7Ti3/7O3rUEcGr+2lvwtxZL+vClZXzjPkRQS6eH+s2v/+19KCD70uQvcwub7l/TzbJm5w+/hw6Ouv99DoepTeaw82AIOx3v3v5f1/puueKT79x69vXQgp25VH2veXeful0I+/vN3eVu6o9z+51uXn/fatd/nDXv717v+zaKF1Yf/3m23F+O77v6xN13q3OXe+rpx8+IvL74SW68k7e93/5suf2oHesWJxy1yN5aeleSD0Vn7jV1n5+Q2hHv03K/+mHstftvx3rar4+v9i+Wm1PXhfSfkTqfzFGldebq9Hft043f/Lrxsn17LlT217rrD833iu0/KvsqPG67F8GGebtYXu7DiiOGhfff+/0ZnB9v9bVDbbreXPYXwhDqcfgvScQ97fSb/1T89XpN+B27P5V0p+31bV/+8IdV4w7v3/fiXGZd+H1P9v2h7r8Se/Zbi5LtNwrcO63az7Gtio3h2r+3+DD1sHP8+tw14moa/QmFjFdEVXGUOuf6PRWNsLWiWahb83zBqMt6H+88vOE8ag/GGv/zJ5/7/5MXze/2+envf/m6fn/f/m59PT8VO36fP+f/P1mff/m6ffkc037x94pkjf1jH94yXT7+ycXpy231ky/V0l6Z8oSd9VpB9oy5HS7y6Z/p6S9NtK0u8rSf9USfqnS9LvL0l/sCW9tQ/olP6Zkuk3u/Q+St/LP+o7LqBU/n7euO3/YJyl+z/dvv87StKBjetnr+459ORvv1lffP9/qjjvTvfxDsbhWjzk/2Eczs/TQ8vwQtrrcfjvWbrTBhgdefsZ+e/7AyXpwMaVnvPy/YYxVOn8MGav7VZ1O85nY/lsjD8X48/H+KEYz8Z4d4z3xHhunerH2jh04ff7X6gsne/fmqX3+jx5pdp+Zt/WTlQIYW+P9cmvD/T7PHvejl+/brT8Vb4OBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDTV5t/5+ZlKCOdfe+nwE0dP7l4Yc6DIUW/+nWwZqhXThfBwjCdi/Mv44doHzx9vja/HuBLmQiVUivHhsStFSTeHEM6Ee8PFUA87z1968c25R4+ePXJu11uv7L+8dmsAAAAANr//BwAA//9tDAf/")
r0 = openat(0xffffffffffffff9c, 0x0, 0x181942, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
mount(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x2012024, 0x0)

220.947728ms ago: executing program 6 (id=4741):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
setreuid(0xee01, 0xee01)

0s ago: executing program 6 (id=4742):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

421][T12849] loop2: detected capacity change from 0 to 2048
[  268.072148][T12849] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  268.105128][   T33] audit: type=1800 audit(1755260103.555:352): pid=12849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2416" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  268.415669][T12555] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  268.588150][T12555] usb 3-1: Using ep0 maxpacket: 32
[  268.596667][T12555] usb 3-1: config index 0 descriptor too short (expected 4114, got 18)
[  268.600053][T12555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.604284][T12555] usb 3-1: config 0 has no interfaces?
[  268.609049][T12555] usb 3-1: config index 1 descriptor too short (expected 4114, got 18)
[  268.612370][T12555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.619212][T12555] usb 3-1: config 0 has no interfaces?
[  268.622376][T12555] usb 3-1: config index 2 descriptor too short (expected 4114, got 18)
[  268.625270][T12555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.635384][T12555] usb 3-1: config 0 has no interfaces?
[  268.639880][T12555] usb 3-1: config index 3 descriptor too short (expected 4114, got 18)
[  268.642713][T12555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.649337][T12555] usb 3-1: config 0 has no interfaces?
[  268.652483][T12555] usb 3-1: config index 4 descriptor too short (expected 4114, got 18)
[  268.661332][T12555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.664848][T12555] usb 3-1: config 0 has no interfaces?
[  268.677717][T12555] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  268.681185][T12555] usb 3-1: New USB device strings: Mfr=252, Product=2, SerialNumber=3
[  268.694568][T12555] usb 3-1: Product: syz
[  268.705062][T12555] usb 3-1: Manufacturer: syz
[  268.706822][T12555] usb 3-1: SerialNumber: syz
[  268.714554][T12555] usb 3-1: config 0 descriptor??
[  268.933128][T10074] usb 3-1: USB disconnect, device number 8
[  270.067653][T12969] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2447'.
[  270.193255][T12980] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2450'.
[  270.405725][T12995] 9pnet_fd: Insufficient options for proto=fd
[  271.065700][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  271.217419][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  271.221563][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[  271.236355][    T9] usb 3-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18
[  271.239952][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.243223][    T9] usb 3-1: Product: syz
[  271.247514][    T9] usb 3-1: Manufacturer: syz
[  271.249450][    T9] usb 3-1: SerialNumber: syz
[  271.253445][    T9] usb 3-1: config 0 descriptor??
[  271.474606][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  271.494084][    T9] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2
[  271.511670][ T5843] udevd[5843]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  271.682966][T12555] usb 3-1: USB disconnect, device number 9
[  272.673575][T12555] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  272.778867][T13032] C: renamed from lo (while UP)
[  272.785328][T13032] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  272.847169][T12555] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  272.850228][T12555] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.856132][T12555] usb 3-1: config 0 descriptor??
[  272.863057][T12555] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  272.994784][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  273.430133][T13055] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2483'.
[  273.646118][T13072] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  273.784442][T12555] gspca_stv06xx: I2C: Read error writing address: -71
[  273.791930][T12555] usb 3-1: USB disconnect, device number 10
[  274.559955][T13087] hub 6-0:1.0: USB hub found
[  274.562715][T13087] hub 6-0:1.0: 1 port detected
[  274.834310][T12555] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  274.985858][T12555] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  274.989758][T12555] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.996195][T12555] usb 6-1: Product: syz
[  274.997957][T12555] usb 6-1: Manufacturer: syz
[  274.999845][T12555] usb 6-1: SerialNumber: syz
[  275.005530][T12555] usb 6-1: config 0 descriptor??
[  275.011442][   T33] audit: type=1800 audit(1755260110.469:353): pid=13094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2497" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  275.014240][T12555] gspca_main: sunplus-2.14.0 probing 055f:c230
[  276.430429][T12555] gspca_sunplus: reg_r err -71
[  276.436005][T12555] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  276.517584][T12555] usb 6-1: USB disconnect, device number 10
[  276.951279][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  277.101527][    T9] usb 3-1: Using ep0 maxpacket: 8
[  277.106837][    T9] usb 3-1: config 162 has an invalid interface number: 97 but max is 0
[  277.110150][    T9] usb 3-1: config 162 has no interface number 0
[  277.115374][    T9] usb 3-1: config 162 interface 97 has no altsetting 0
[  277.126463][    T9] usb 3-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[  277.130266][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.136170][    T9] usb 3-1: Product: syz
[  277.138005][    T9] usb 3-1: Manufacturer: syz
[  277.139923][    T9] usb 3-1: SerialNumber: syz
[  277.353465][    T9] metro_usb 3-1:162.97: required endpoints missing
[  277.365185][    T9] usb 3-1: USB disconnect, device number 11
[  280.189025][T13259] loop2: detected capacity change from 0 to 764
[  280.197767][T13259] rock: directory entry would overflow storage
[  280.202492][T13259] rock: sig=0x5850, size=36, remaining=22
[  280.540653][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  280.813622][    T9] usb 3-1: config 0 has an invalid interface number: 209 but max is 0
[  280.828466][    T9] usb 3-1: config 0 has no interface number 0
[  280.848941][    T9] usb 3-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=53.a6
[  280.875761][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.937140][    T9] usb 3-1: config 0 descriptor??
[  280.950872][    T9] ftdi_sio 3-1:0.209: FTDI USB Serial Device converter detected
[  280.964365][    T9] ftdi_sio ttyUSB0: unknown device type: 0x53a6
[  281.161107][    T9] usb 3-1: USB disconnect, device number 12
[  281.170415][    T9] ftdi_sio 3-1:0.209: device disconnected
[  281.857881][T13305] loop2: detected capacity change from 0 to 4096
[  283.512408][T13330] tmpfs: Unknown parameter 'no'
[  283.741572][T13340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2602'.
[  283.746308][T13340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2602'.
[  283.753263][T13340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2602'.
[  283.759124][T13340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2602'.
[  283.932975][T13347] syzkaller1: entered promiscuous mode
[  283.934850][T13347] syzkaller1: entered allmulticast mode
[  284.046814][T13355] loop2: detected capacity change from 0 to 128
[  284.625976][T13375] netlink: 72 bytes leftover after parsing attributes in process `syz.5.2617'.
[  285.303482][T13414] loop2: detected capacity change from 0 to 512
[  285.362925][T13414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.370387][T13414] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.424019][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.640752][T13476] overlayfs: failed to resolve './file0': -2
[  288.126249][T13494] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  288.133035][T13494] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  288.270073][T13506] netlink: 'syz.6.2675': attribute type 4 has an invalid length.
[  288.274812][T13506] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.2675'.
[  288.351938][T13508] fuse: root generation should be zero
[  288.432303][T13521] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2682'.
[  289.175657][T13557] loop2: detected capacity change from 0 to 256
[  289.189234][T13557] exfat: Deprecated parameter 'utf8'
[  289.273510][T13557] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  290.116024][T13586] loop2: detected capacity change from 0 to 1024
[  290.119918][T13586] EXT4-fs: Ignoring removed nobh option
[  290.122174][T13586] EXT4-fs: Ignoring removed bh option
[  290.232462][T13586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.341556][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.103738][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2746'.
[  293.412246][T13681] loop2: detected capacity change from 0 to 32768
[  293.420235][T13681] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2752 (13681)
[  293.431628][T13681] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  293.437470][T13681] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  293.441344][T13681] BTRFS info (device loop2): using free-space-tree
[  293.558712][T12176] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  293.717811][T13701] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  294.502750][ T5235] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  294.503517][   T55] Bluetooth: hci3: command 0x1003 tx timeout
[  294.666857][T13740] binder: 13739:13740 ioctl c0306201 2000000003c0 returned -14
[  294.707300][T13743] loop2: detected capacity change from 0 to 256
[  294.710727][T13743] exfat: Deprecated parameter 'utf8'
[  294.714028][T13743] exfat: Deprecated parameter 'utf8'
[  294.716434][T13743] exfat: Deprecated parameter 'utf8'
[  294.729260][T13743] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  295.350045][   T33] audit: type=1326 audit(1755260130.769:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13728 comm="syz.6.2766" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7fc00000
[  295.977594][T13787] 9pnet_fd: Insufficient options for proto=fd
[  296.677927][   T33] audit: type=1326 audit(1755260132.150:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13817 comm="syz.2.2801" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  296.696709][   T33] audit: type=1326 audit(1755260132.150:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13817 comm="syz.2.2801" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  296.706219][   T33] audit: type=1326 audit(1755260132.160:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13817 comm="syz.2.2801" exe="/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  296.713439][   T33] audit: type=1326 audit(1755260132.160:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13817 comm="syz.2.2801" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  296.721136][   T33] audit: type=1326 audit(1755260132.160:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13817 comm="syz.2.2801" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  296.878306][T13834] loop2: detected capacity change from 0 to 256
[  296.942584][T13834] FAT-fs (loop2): Directory bread(block 64) failed
[  296.945376][T13834] FAT-fs (loop2): Directory bread(block 65) failed
[  296.948209][T13834] FAT-fs (loop2): Directory bread(block 66) failed
[  296.951020][T13834] FAT-fs (loop2): Directory bread(block 67) failed
[  296.958134][T13834] FAT-fs (loop2): Directory bread(block 68) failed
[  296.960936][T13834] FAT-fs (loop2): Directory bread(block 69) failed
[  296.967911][T13834] FAT-fs (loop2): Directory bread(block 70) failed
[  296.970819][T13834] FAT-fs (loop2): Directory bread(block 71) failed
[  296.980442][T13834] FAT-fs (loop2): Directory bread(block 72) failed
[  296.983653][T13834] FAT-fs (loop2): Directory bread(block 73) failed
[  297.634080][T13847] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2812'.
[  300.096426][T13907] afs: Unknown parameter 'A~|vN'
[  300.556117][T13918] sctp: [Deprecated]: syz.6.2844 (pid 13918) Use of struct sctp_assoc_value in delayed_ack socket option.
[  300.556117][T13918] Use struct sctp_sack_info instead
[  301.780331][ T5904] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  301.962102][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  301.973444][ T5904] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  301.983318][ T5904] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.989887][ T5904] usb 6-1: config 0 interface 0 has no altsetting 0
[  302.000520][ T5904] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  302.006181][ T5904] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  302.014791][ T5904] usb 6-1: Product: syz
[  302.018055][ T5904] usb 6-1: Manufacturer: syz
[  302.021864][ T5904] usb 6-1: SerialNumber: syz
[  302.033512][ T5904] usb 6-1: config 0 descriptor??
[  302.058239][ T5904] ldusb 6-1:0.0: Interrupt in endpoint not found
[  302.758999][   T24] usb 6-1: USB disconnect, device number 11
[  303.025188][T13973] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  303.025188][T13973] The task syz.5.2869 (13973) triggered the difference, watch for misbehavior.
[  303.178168][T11754] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  303.338127][T11754] usb 3-1: Using ep0 maxpacket: 16
[  303.342921][T11754] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.346623][T11754] usb 3-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  303.351280][T11754] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.358643][T11754] usb 3-1: config 0 descriptor??
[  303.407319][T13984] MPI: mpi too large (107144 bits)
[  303.452141][T13986] netlink: 'syz.6.2875': attribute type 26 has an invalid length.
[  303.698705][ T9927] Bluetooth: hci1: command 0x0406 tx timeout
[  303.776151][T11754] gt683r_led 0003:1770:FF00.0007: unknown main item tag 0x0
[  303.785135][T11754] gt683r_led 0003:1770:FF00.0007: item fetching failed at offset 1/5
[  303.789581][T11754] gt683r_led 0003:1770:FF00.0007: hid parsing failed
[  303.792617][T11754] gt683r_led 0003:1770:FF00.0007: probe with driver gt683r_led failed with error -22
[  303.976459][ T5839] usb 3-1: USB disconnect, device number 13
[  304.773046][T14020] loop2: detected capacity change from 0 to 32768
[  304.796325][T14020] jfs_strtoUCS: char2uni returned -22.
[  304.799486][   T33] audit: type=1326 audit(1755260140.274:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14025 comm="syz.6.2893" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x0
[  304.807747][T14020] charset = cp936, char = 0xd4
[  305.107536][   T33] audit: type=1326 audit(1755260140.584:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.116730][   T33] audit: type=1326 audit(1755260140.584:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.133236][   T33] audit: type=1326 audit(1755260140.604:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.144761][   T33] audit: type=1326 audit(1755260140.604:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.154555][   T33] audit: type=1326 audit(1755260140.604:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.165952][   T33] audit: type=1326 audit(1755260140.604:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.177300][   T33] audit: type=1326 audit(1755260140.604:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.207170][   T33] audit: type=1326 audit(1755260140.604:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.2.2900" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7ffc0000
[  305.300097][T14051] can0: slcan on ttyS3.
[  305.347548][T14051] can0 (unregistered): slcan off ttyS3.
[  305.352608][T14051] Falling back ldisc for ttyS3.
[  305.399761][T14055] loop2: detected capacity change from 0 to 128
[  305.403457][T14055] FAT-fs (loop2): bogus number of FAT sectors
[  305.406073][T14055] FAT-fs (loop2): Can't find a valid FAT filesystem
[  305.427766][ T5839] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  305.581267][ T5839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.585273][ T5839] usb 6-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00
[  305.589358][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.595477][ T5839] usb 6-1: config 0 descriptor??
[  305.767697][T11754] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  305.938891][T11754] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  305.943106][T11754] usb 3-1: config 0 interface 0 has no altsetting 0
[  305.950609][T11754] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  305.955315][T11754] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.960286][T11754] usb 3-1: Product: syz
[  305.962601][T11754] usb 3-1: Manufacturer: syz
[  305.964621][T11754] usb 3-1: SerialNumber: syz
[  305.971287][T11754] usb 3-1: config 0 descriptor??
[  305.983678][T11754] usb 3-1: selecting invalid altsetting 0
[  306.010783][ T5839] waltop 0003:172F:0501.0008: item fetching failed at offset 5/7
[  306.014673][ T5839] waltop 0003:172F:0501.0008: probe with driver waltop failed with error -22
[  306.181496][T11754] usb 3-1: USB disconnect, device number 14
[  306.205729][T12555] usb 6-1: USB disconnect, device number 12
[  306.668402][T14082] netlink: 'syz.6.2919': attribute type 2 has an invalid length.
[  306.671153][T14082] netlink: 'syz.6.2919': attribute type 1 has an invalid length.
[  306.725369][T14086] loop2: detected capacity change from 0 to 512
[  306.768132][T14086] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.772607][T14086] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  306.785487][T14086] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2921: bg 0: block 145: padding at end of block bitmap is not set
[  306.808478][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.832671][   T33] audit: type=1326 audit(1755260142.305:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14098 comm="syz.5.2927" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  307.074845][T14117] loop2: detected capacity change from 0 to 2048
[  307.092626][T14120] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  308.202670][T14141] loop2: detected capacity change from 0 to 512
[  308.241329][T14141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.248220][T14141] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.284188][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.665480][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  308.868584][   T24] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  308.872969][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.881152][   T24] usb 3-1: config 0 descriptor??
[  309.090413][   T24] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  309.317529][   T24] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 3
[  309.320678][   T24] [drm] Initialized udl on minor 3
[  309.687946][T14166] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  309.691444][T14166] team0: Device ipvlan2 is already an upper device of the team interface
[  309.703784][   T24] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  309.720581][   T24] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  309.727020][T12555] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  309.733186][T12555] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  309.738168][   T24] usb 3-1: USB disconnect, device number 15
[  310.564547][ T5880] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  310.757022][ T5880] usb 3-1: Using ep0 maxpacket: 32
[  310.761197][ T5880] usb 3-1: unable to get BOS descriptor or descriptor too short
[  310.766790][ T5880] usb 3-1: config 0 has an invalid interface number: 129 but max is 0
[  310.769828][ T5880] usb 3-1: config 0 has no interface number 0
[  310.772068][ T5880] usb 3-1: config 0 interface 129 has no altsetting 0
[  310.776760][ T5880] usb 3-1: New USB device found, idVendor=04bb, idProduct=0930, bcdDevice=cb.5d
[  310.780200][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.783286][ T5880] usb 3-1: Product: syz
[  310.785898][ T5880] usb 3-1: Manufacturer: syz
[  310.787979][ T5880] usb 3-1: SerialNumber: syz
[  310.792011][ T5880] usb 3-1: config 0 descriptor??
[  311.002052][ T5880] asix 3-1:0.129 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  311.006258][ T5880] asix 3-1:0.129: probe with driver asix failed with error -71
[  311.010820][ T5880] usb 3-1: USB disconnect, device number 16
[  311.125466][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  311.274085][   T24] usb 6-1: Using ep0 maxpacket: 32
[  311.278389][   T24] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  311.283925][   T24] usb 6-1: config 0 has no interface number 0
[  311.292989][   T24] usb 6-1: config 0 interface 184 has no altsetting 0
[  311.298639][   T24] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  311.302181][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.305277][   T24] usb 6-1: Product: syz
[  311.306996][   T24] usb 6-1: Manufacturer: syz
[  311.308553][   T24] usb 6-1: SerialNumber: syz
[  311.310412][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  311.310418][   T33] audit: type=1326 audit(1755260146.787:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz.6.2972" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  311.321329][   T24] usb 6-1: config 0 descriptor??
[  311.326500][   T24] smsc75xx v1.0.0
[  311.328243][   T33] audit: type=1326 audit(1755260146.787:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz.6.2972" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  311.336348][   T33] audit: type=1326 audit(1755260146.787:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz.6.2972" exe="/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  311.347228][   T33] audit: type=1326 audit(1755260146.787:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz.6.2972" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  311.358269][   T33] audit: type=1326 audit(1755260146.787:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14206 comm="syz.6.2972" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  311.534012][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  311.543069][   T24] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  311.559245][   T24] usb 6-1: USB disconnect, device number 13
[  311.765004][T14234] loop2: detected capacity change from 0 to 128
[  311.773190][T14234] adfs: Bad value for 'ftsuffix'
[  311.842583][T14238] loop2: detected capacity change from 0 to 2048
[  311.851485][T14238] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  312.933558][T14276] netlink: 'syz.2.3004': attribute type 4 has an invalid length.
[  313.924760][T11754] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  314.073268][T11754] usb 6-1: Using ep0 maxpacket: 16
[  314.076459][T11754] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  314.079761][T11754] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  314.087110][T11754] usb 6-1: New USB device found, idVendor=1d6b, idProduct=1301, bcdDevice= 1.40
[  314.090712][T11754] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.094088][T14298] loop2: detected capacity change from 0 to 8
[  314.094175][T11754] usb 6-1: Product: syz
[  314.098488][T11754] usb 6-1: Manufacturer: syz
[  314.100402][T11754] usb 6-1: SerialNumber: syz
[  314.104659][T14298] unable to read id index table
[  314.117495][T14298] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3013'.
[  314.320496][T11754] usb 6-1: 0:2 : does not exist
[  314.327001][T11754] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  314.351273][T11754] usb 6-1: 5:0: cannot get min/max values for control 2 (id 5)
[  314.359019][T11754] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  314.369599][T11754] usb 6-1: 5:0: cannot get min/max values for control 8 (id 5)
[  314.384365][T11754] usb 6-1: USB disconnect, device number 14
[  315.425174][T14349] loop2: detected capacity change from 0 to 256
[  315.428469][T14349] exfat: Deprecated parameter 'utf8'
[  315.430845][T14349] exfat: Deprecated parameter 'namecase'
[  315.439030][T14349] exfat: Deprecated parameter 'namecase'
[  315.441524][T14349] exfat: Deprecated parameter 'utf8'
[  315.465653][T14349] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  315.798961][T14360] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.3038'.
[  315.803194][T14360] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.3038'.
[  316.483227][T14368] netlink: 'syz.2.3043': attribute type 1 has an invalid length.
[  316.616945][T14376] loop2: detected capacity change from 0 to 2048
[  316.626956][T14376] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  317.006853][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  317.034952][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  317.173148][T14393] syz.6.3053 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  317.392372][T14399] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3056'.
[  317.733757][T14426] loop2: detected capacity change from 0 to 4096
[  317.748595][T14426] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  317.780109][T14426] ntfs3(loop2): ino=19, mi_enum_attr
[  317.798841][T14426] ntfs3(loop2): failed to convert "c46c" to cp850
[  317.802445][T14426] ntfs3(loop2): ino=20, mi_enum_attr
[  318.096805][T14450] loop2: detected capacity change from 0 to 32768
[  318.221827][T14456] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3084'.
[  318.289123][T14464] tipc: Started in network mode
[  318.291488][T14464] tipc: Node identity 0000000000000000000085d3ab8e0001, cluster identity 4711
[  318.297142][T14464] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  318.594533][T14483] loop2: detected capacity change from 0 to 256
[  318.607122][T14483] FAT-fs (loop2): Directory bread(block 64) failed
[  318.609345][T14483] FAT-fs (loop2): Directory bread(block 65) failed
[  318.611960][T14483] FAT-fs (loop2): Directory bread(block 66) failed
[  318.614420][T14483] FAT-fs (loop2): Directory bread(block 67) failed
[  318.616781][T14483] FAT-fs (loop2): Directory bread(block 68) failed
[  318.619050][T14483] FAT-fs (loop2): Directory bread(block 69) failed
[  318.621647][T14483] FAT-fs (loop2): Directory bread(block 70) failed
[  318.623955][T14483] FAT-fs (loop2): Directory bread(block 71) failed
[  318.626702][T14483] FAT-fs (loop2): Directory bread(block 72) failed
[  318.629480][T14483] FAT-fs (loop2): Directory bread(block 73) failed
[  319.062318][T14501] use of bytesused == 0 is deprecated and will be removed in the future,
[  319.065297][T14501] use the actual size instead.
[  319.110131][T14507] vlan0: entered promiscuous mode
[  319.182425][T14513] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3108'.
[  319.185902][T14513] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3108'.
[  319.186619][T14512] netlink: 'syz.5.3109': attribute type 10 has an invalid length.
[  319.194562][T14512] bond0: (slave bond_slave_0): Releasing backup interface
[  319.735166][T14529] loop2: detected capacity change from 0 to 1024
[  319.755924][   T33] audit: type=1800 audit(1755260155.241:379): pid=14529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3116" name="file1" dev="loop2" ino=20 res=0 errno=0
[  320.196881][T14542] vlan0: entered promiscuous mode
[  320.681822][T11754] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  320.808398][T14582] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3142'.
[  320.839517][T11754] usb 3-1: Using ep0 maxpacket: 8
[  320.847256][T11754] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  320.854025][T11754] usb 3-1: config 179 has no interface number 0
[  320.856066][T11754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  320.868662][T11754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  320.876824][T11754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  320.881712][T11754] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  320.887545][T11754] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  320.894418][T11754] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.902557][T14554] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  321.108621][ T5880] usb 3-1: USB disconnect, device number 17
[  321.108785][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  321.114876][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  321.368708][   T33] audit: type=1326 audit(1755260156.852:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.5.3157" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  321.383103][   T33] audit: type=1326 audit(1755260156.852:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.5.3157" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  321.393722][   T33] audit: type=1326 audit(1755260156.882:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.5.3157" exe="/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  321.408349][   T33] audit: type=1326 audit(1755260156.882:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.5.3157" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  321.429200][   T33] audit: type=1326 audit(1755260156.882:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14613 comm="syz.5.3157" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  321.561482][T14627] : renamed from batadv_slave_1 (while UP)
[  321.572516][T14629] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3163'.
[  321.592710][ T5867] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  321.596613][ T5867] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  321.602081][T14629] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3163'.
[  321.605826][ T5867] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  321.610780][ T5867] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  321.690615][T14638] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3166'.
[  321.694138][T14638] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3166'.
[  321.730938][T14642] loop2: detected capacity change from 0 to 64
[  321.862748][T14646] 9pnet_fd: Insufficient options for proto=fd
[  321.907360][T14652] loop2: detected capacity change from 0 to 256
[  321.911209][T14653] netlink: 84 bytes leftover after parsing attributes in process `syz.6.3172'.
[  321.917938][T14652] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  322.003341][T14652] FAT-fs (loop2): bogus number of directory entries (1)
[  322.011092][T14652] FAT-fs (loop2): Can't find a valid FAT filesystem
[  322.202833][T14660] 9pnet_fd: Insufficient options for proto=fd
[  322.240613][T14664] overlayfs: failed to clone upperpath
[  322.480555][ T5880] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  322.676148][ T5880] usb 3-1: config index 0 descriptor too short (expected 149, got 148)
[  322.679225][ T5880] usb 3-1: config 1 has an invalid descriptor of length 37, skipping remainder of the config
[  322.682890][ T5880] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  322.687261][ T5880] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  322.691275][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  322.694504][ T5880] usb 3-1: SerialNumber: syz
[  322.697912][T14672] tipc: Started in network mode
[  322.704095][T14672] tipc: Node identity 010000000000000001, cluster identity 4711
[  322.705714][ T5880] usb 3-1: 0:2 : does not exist
[  322.710911][ T5880] usb 3-1: unit 48 not found!
[  322.903782][ T5880] usb 3-1: USB disconnect, device number 18
[  322.950203][T11754] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  323.104847][T11754] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  323.108757][T11754] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.111865][T11754] usb 6-1: Product: syz
[  323.113599][T11754] usb 6-1: Manufacturer: syz
[  323.115408][T11754] usb 6-1: SerialNumber: syz
[  323.123947][T11754] usb 6-1: config 0 descriptor??
[  323.128636][T11754] gspca_main: sunplus-2.14.0 probing 055f:c230
[  323.552977][T11754] usb 6-1: USB disconnect, device number 15
[  323.891467][T14705] loop2: detected capacity change from 0 to 512
[  323.924535][T14705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.941287][T14705] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.985966][T14705] EXT4-fs error (device loop2): ext4_add_entry:2417: inode #12: comm syz.2.3197: Directory hole found for htree leaf block 0
[  324.010776][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.532646][ T5880] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  325.677971][T14752] loop2: detected capacity change from 0 to 256
[  325.706896][ T5880] usb 6-1: Using ep0 maxpacket: 8
[  325.712664][ T5880] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  325.723536][ T5880] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  325.737218][ T5880] usb 6-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  325.744570][ T5880] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.752590][ T5880] usb 6-1: config 0 descriptor??
[  326.145856][T14771] loop2: detected capacity change from 0 to 2048
[  326.154544][T14771] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.166869][ T5880] cherry 0003:046A:0027.0009: unknown global tag 0xc
[  326.185313][ T5880] cherry 0003:046A:0027.0009: item 0 4 1 12 parsing failed
[  326.197142][ T5880] cherry 0003:046A:0027.0009: probe with driver cherry failed with error -22
[  326.227842][T14776] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3227'.
[  326.374473][ T5880] usb 6-1: USB disconnect, device number 16
[  326.374860][T14789] overlayfs: failed to clone upperpath
[  326.528270][T11754] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  326.700968][T11754] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  326.704646][T11754] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  326.708638][T11754] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  326.713121][T11754] usb 3-1: config 220 has no interface number 2
[  326.718977][T11754] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  326.736128][T11754] usb 3-1: config 220 interface 0 has no altsetting 0
[  326.739707][T11754] usb 3-1: config 220 interface 76 has no altsetting 0
[  326.742556][T11754] usb 3-1: config 220 interface 1 has no altsetting 0
[  326.748358][T11754] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  326.752101][T11754] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.755285][T11754] usb 3-1: Product: syz
[  326.757299][T11754] usb 3-1: Manufacturer: syz
[  326.766417][T11754] usb 3-1: SerialNumber: syz
[  326.986949][T11754] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  326.989649][T11754] usb 3-1: No valid video chain found.
[  326.991937][T11754] usb 3-1: selecting invalid altsetting 0
[  327.010357][T11754] usb 3-1: selecting invalid altsetting 0
[  327.012852][T11754] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  327.020726][T11754] usb 3-1: USB disconnect, device number 19
[  327.989191][T14841] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3257'.
[  331.958198][T14955] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3306'.
[  332.313705][ T5904] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  332.465259][ T5904] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[  332.468732][ T5904] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  332.472911][ T5904] usb 6-1: config 0 has no interface number 0
[  332.477856][ T5904] usb 6-1: config 0 interface 251 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  332.485699][ T5904] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  332.491113][ T5904] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.494617][ T5904] usb 6-1: Product: syz
[  332.496373][ T5904] usb 6-1: Manufacturer: syz
[  332.498263][ T5904] usb 6-1: SerialNumber: syz
[  332.507585][ T5904] usb 6-1: config 0 descriptor??
[  332.517873][ T5904] asix 6-1:0.251: probe with driver asix failed with error -22
[  332.553858][ T5839] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  332.715941][ T5839] usb 3-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  332.719239][   T24] usb 6-1: USB disconnect, device number 17
[  332.719300][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.739290][ T5839] usb 3-1: config 0 descriptor??
[  333.469179][T14980] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.553334][ T5904] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  333.673164][ T5839] usbhid 3-1:0.0: can't add hid device: -71
[  333.675123][ T5839] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  333.688939][ T5839] usb 3-1: USB disconnect, device number 20
[  333.701349][T14987] loop2: detected capacity change from 0 to 256
[  333.705747][T14987] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  333.710594][T14987] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  333.727093][T14987] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  333.929202][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  333.934164][ T5904] usb 6-1: config 0 has an invalid interface number: 89 but max is 0
[  333.937006][ T5904] usb 6-1: config 0 has no interface number 0
[  333.939027][ T5904] usb 6-1: config 0 interface 89 has no altsetting 0
[  333.945459][ T5904] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  333.948722][ T5904] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.951256][ T5904] usb 6-1: Product: syz
[  333.952906][ T5904] usb 6-1: Manufacturer: syz
[  333.954679][ T5904] usb 6-1: SerialNumber: syz
[  333.958569][ T5904] usb 6-1: config 0 descriptor??
[  333.964048][ T5904] em28xx 6-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  333.967293][ T5904] em28xx 6-1:0.89: Video interface 89 found: bulk
[  334.080873][T14995] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3323'.
[  334.094041][T14995] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3323'.
[  334.094349][ T5867] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  334.100434][ T5867] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  334.104495][ T5867] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  334.107841][ T5867] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  334.437069][T15011] overlay: filesystem on ./bus not supported
[  334.569680][ T5904] em28xx 6-1:0.89: unknown em28xx chip ID (0)
[  334.727683][T15028] netlink: 72 bytes leftover after parsing attributes in process `syz.6.3338'.
[  334.784459][   T24] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  334.934042][   T24] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  334.937687][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.946863][   T24] usb 3-1: config 0 descriptor??
[  335.227854][   T24] usb 3-1: USB disconnect, device number 21
[  335.704613][ T5904] em28xx 6-1:0.89: writing to i2c device at 0xa0 failed (error=-5)
[  335.708096][ T5904] em28xx 6-1:0.89: failed to read eeprom (err=-5)
[  335.710794][ T5904] em28xx 6-1:0.89: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[  335.771895][ T5904] em28xx 6-1:0.89: Identified as Terratec Grabby (card=67)
[  335.779822][ T5904] em28xx 6-1:0.89: analog set to bulk mode.
[  335.790219][T10074] em28xx 6-1:0.89: Registering V4L2 extension
[  335.808164][ T5904] usb 6-1: USB disconnect, device number 18
[  335.827009][ T5904] em28xx 6-1:0.89: Disconnecting em28xx
[  335.848192][T10074] em28xx 6-1:0.89: Config register raw data: 0xffffffed
[  335.851514][T10074] em28xx 6-1:0.89: AC97 chip type couldn't be determined
[  335.854889][T10074] em28xx 6-1:0.89: No AC97 audio processor
[  335.867978][T10074] usb 6-1: Decoder not found
[  335.870075][T10074] em28xx 6-1:0.89: failed to create media graph
[  335.873125][T10074] em28xx 6-1:0.89: V4L2 device video103 deregistered
[  335.885010][T10074] em28xx 6-1:0.89: Registering snapshot button...
[  335.901322][T10074] input: em28xx snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.89/input/input10
[  335.910287][T10074] em28xx 6-1:0.89: Remote control support is not available for this card.
[  335.918377][ T5904] em28xx 6-1:0.89: Closing input extension
[  335.928679][ T5904] em28xx 6-1:0.89: Deregistering snapshot button
[  335.981915][ T5904] em28xx 6-1:0.89: Freeing device
[  336.311666][T10074] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  336.431582][ T5839] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  336.462528][T10074] usb 3-1: Using ep0 maxpacket: 8
[  336.467604][T10074] usb 3-1: unable to get BOS descriptor or descriptor too short
[  336.472521][T10074] usb 3-1: config 7 has an invalid interface number: 6 but max is 0
[  336.475768][T10074] usb 3-1: config 7 has no interface number 0
[  336.478288][T10074] usb 3-1: No eUSB2 isoc ep 15 companion for config 7 interface 6 altsetting 254
[  336.484819][T10074] usb 3-1: config 7 interface 6 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  336.492337][T10074] usb 3-1: config 7 interface 6 has no altsetting 0
[  336.497344][T10074] usb 3-1: New USB device found, idVendor=1a8d, idProduct=100d, bcdDevice=30.9e
[  336.500969][T10074] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.507150][T10074] usb 3-1: Product: syz
[  336.508917][T10074] usb 3-1: Manufacturer: syz
[  336.510836][T10074] usb 3-1: SerialNumber: syz
[  336.593932][ T5839] usb 6-1: Using ep0 maxpacket: 16
[  336.598418][ T5839] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  336.605253][ T5839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  336.618778][ T5839] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  336.622944][ T5839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.626360][ T5839] usb 6-1: Product: syz
[  336.628230][ T5839] usb 6-1: Manufacturer: syz
[  336.630314][ T5839] usb 6-1: SerialNumber: syz
[  336.635806][ T5839] usb 6-1: config 0 descriptor??
[  336.648735][ T5839] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  336.653140][ T5839] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  336.731361][T10074] option 3-1:7.6: GSM modem (1-port) converter detected
[  336.740639][T10074] usb 3-1: USB disconnect, device number 22
[  336.746659][T10074] option 3-1:7.6: device disconnected
[  336.872778][T15073] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3357'.
[  337.258224][ T5839] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  337.265345][ T5839] em28xx 6-1:0.0: Config register raw data: 0xfffffffb
[  338.095235][ T5839] em28xx 6-1:0.0: Unknown AC97 audio processor detected!
[  338.098184][ T5839] em28xx 6-1:0.0: couldn't setup AC97 register 2
[  338.101796][ T5839] em28xx 6-1:0.0: couldn't setup AC97 register 4
[  338.104229][ T5839] em28xx 6-1:0.0: couldn't setup AC97 register 6
[  338.106742][ T5839] em28xx 6-1:0.0: couldn't setup AC97 register 54
[  338.109383][ T5839] em28xx 6-1:0.0: couldn't setup AC97 register 56
[  338.114011][ T5839] usb 6-1: USB disconnect, device number 19
[  338.583879][T15122] loop2: detected capacity change from 0 to 8
[  338.587644][T15122] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  338.861007][T15127] cramfs: Error -3 while decompressing!
[  338.863070][T15127] cramfs: ffffffff99beb628(26)->ffff888011268000(4096)
[  338.865293][T15127] cramfs: Error -3 while decompressing!
[  338.867054][T15127] cramfs: ffffffff99beb642(26)->ffff88804035d000(4096)
[  338.869351][T15127] cramfs: Error -3 while decompressing!
[  338.871304][T15127] cramfs: ffffffff99beb65c(16)->ffff88804035c000(4096)
[  338.873669][T15127] cramfs: Error -3 while decompressing!
[  338.875556][T15127] cramfs: ffffffff99beb628(26)->ffff888011268000(4096)
[  339.305315][T15139] netlink: 'syz.6.3387': attribute type 4 has an invalid length.
[  339.310385][T15139] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3387'.
[  340.195109][   T33] audit: type=1326 audit(1755260175.691:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.6.3402" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.205454][   T33] audit: type=1326 audit(1755260175.691:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.6.3402" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.213336][   T33] audit: type=1326 audit(1755260175.701:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.6.3402" exe="/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.222183][   T33] audit: type=1326 audit(1755260175.701:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.6.3402" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.231094][   T33] audit: type=1326 audit(1755260175.701:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.6.3402" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.567585][T15196] loop2: detected capacity change from 0 to 256
[  340.593690][T15196] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  340.615617][   T33] audit: type=1800 audit(1755260176.111:390): pid=15196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3411" name="file2" dev="loop2" ino=1048713 res=0 errno=0
[  340.925864][   T33] audit: type=1326 audit(1755260176.422:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15217 comm="syz.6.3422" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.938695][   T33] audit: type=1326 audit(1755260176.422:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15217 comm="syz.6.3422" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.948165][   T33] audit: type=1326 audit(1755260176.422:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15217 comm="syz.6.3422" exe="/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  340.972122][   T33] audit: type=1326 audit(1755260176.422:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15217 comm="syz.6.3422" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  341.110199][ T5880] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  341.240361][T12555] IPVS: starting estimator thread 0...
[  341.349626][T15230] IPVS: using max 46 ests per chain, 110400 per kthread
[  341.449243][ T5880] usb 3-1: Using ep0 maxpacket: 32
[  341.455813][ T5880] usb 3-1: unable to get BOS descriptor or descriptor too short
[  341.460471][ T5880] usb 3-1: config 6 has an invalid interface number: 115 but max is 0
[  341.463748][ T5880] usb 3-1: config 6 has no interface number 0
[  341.466207][ T5880] usb 3-1: config 6 interface 115 has no altsetting 0
[  341.471728][ T5880] usb 3-1: language id specifier not provided by device, defaulting to English
[  341.477613][ T5880] usb 3-1: New USB device found, idVendor=12d1, idProduct=c256, bcdDevice=35.82
[  341.481561][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.484895][ T5880] usb 3-1: Product: syz
[  341.486672][ T5880] usb 3-1: SerialNumber: syz
[  341.712057][ T5880] option 3-1:6.115: GSM modem (1-port) converter detected
[  341.720719][ T5880] usb 3-1: USB disconnect, device number 23
[  341.730491][ T5880] option 3-1:6.115: device disconnected
[  342.301970][T15249] vxcan1: tx drop: invalid da for name 0x00000000000000c7
[  342.551582][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888110502000: rx timeout, send abort
[  342.958082][T15259] netlink: 'syz.5.3438': attribute type 6 has an invalid length.
[  343.051480][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888110503000: rx timeout, send abort
[  343.056840][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888110502000: abort rx timeout. Force session deactivation
[  343.554951][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888110503000: abort rx timeout. Force session deactivation
[  343.751037][   T55] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  343.754454][   T55] CPU: 0 UID: 0 PID: 55 Comm: kworker/u11:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  343.754466][   T55] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  343.754471][   T55] Workqueue: hci2 hci_rx_work
[  343.754500][   T55] Call Trace:
[  343.754504][   T55]  <TASK>
[  343.754509][   T55]  dump_stack_lvl+0x189/0x250
[  343.754521][   T55]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.754529][   T55]  ? __pfx__printk+0x10/0x10
[  343.754543][   T55]  ? kernfs_path_from_node+0x250/0x290
[  343.754552][   T55]  ? kernfs_path_from_node+0x2f/0x290
[  343.754561][   T55]  sysfs_create_dir_ns+0x259/0x280
[  343.754570][   T55]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  343.754579][   T55]  ? do_raw_spin_unlock+0x4d/0x240
[  343.754591][   T55]  kobject_add_internal+0x59f/0xb40
[  343.754605][   T55]  kobject_add+0x155/0x220
[  343.754617][   T55]  ? __pfx_kobject_add+0x10/0x10
[  343.754626][   T55]  ? _raw_spin_unlock+0x28/0x50
[  343.754636][   T55]  ? get_device_parent+0x366/0x3a0
[  343.754645][   T55]  device_add+0x408/0xb50
[  343.754653][   T55]  hci_conn_add_sysfs+0xd5/0x1e0
[  343.754662][   T55]  le_conn_complete_evt+0xc3a/0x1220
[  343.754677][   T55]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  343.754687][   T55]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  343.754699][   T55]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  343.754707][   T55]  ? skb_pull_data+0xfb/0x200
[  343.754717][   T55]  hci_le_enh_conn_complete_evt+0x189/0x470
[  343.754727][   T55]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  343.754738][   T55]  hci_event_packet+0x78f/0x1200
[  343.754746][   T55]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  343.754756][   T55]  ? __pfx_hci_event_packet+0x10/0x10
[  343.754764][   T55]  ? kcov_remote_start+0x4d3/0x7f0
[  343.754774][   T55]  ? lockdep_hardirqs_on+0x90/0x150
[  343.754784][   T55]  ? hci_send_to_monitor+0xe2/0x570
[  343.754796][   T55]  hci_rx_work+0x46a/0xe80
[  343.754808][   T55]  ? process_scheduled_works+0x9ef/0x17b0
[  343.754817][   T55]  process_scheduled_works+0xae1/0x17b0
[  343.754835][   T55]  ? __pfx_process_scheduled_works+0x10/0x10
[  343.754849][   T55]  worker_thread+0x8a0/0xda0
[  343.754867][   T55]  kthread+0x711/0x8a0
[  343.754877][   T55]  ? __pfx_worker_thread+0x10/0x10
[  343.754883][   T55]  ? __pfx_kthread+0x10/0x10
[  343.754892][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  343.754900][   T55]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.754913][   T55]  ? __pfx_kthread+0x10/0x10
[  343.754922][   T55]  ret_from_fork+0x3fc/0x770
[  343.754931][   T55]  ? __pfx_ret_from_fork+0x10/0x10
[  343.754941][   T55]  ? __switch_to_asm+0x39/0x70
[  343.754950][   T55]  ? __switch_to_asm+0x33/0x70
[  343.754959][   T55]  ? __pfx_kthread+0x10/0x10
[  343.754968][   T55]  ret_from_fork_asm+0x1a/0x30
[  343.754984][   T55]  </TASK>
[  343.755061][   T55] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  343.870600][   T55] Bluetooth: hci2: failed to register connection device
[  347.563077][T15401] loop2: detected capacity change from 0 to 4096
[  347.628301][T15401] ntfs3(loop2): failed to convert "0080" to maccroatian
[  347.644725][T15401] ntfs3(loop2): failed to convert name for inode 1e.
[  347.649849][T15401] ntfs3(loop2): ino=1f, mi_enum_attr
[  347.677913][ T5839] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  347.836030][ T5839] usb 6-1: Using ep0 maxpacket: 32
[  347.839628][ T5839] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  347.843721][ T5839] usb 6-1: config 0 has no interface number 0
[  347.848041][ T5839] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  347.851037][ T5839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.853657][ T5839] usb 6-1: Product: syz
[  347.855141][ T5839] usb 6-1: Manufacturer: syz
[  347.858563][ T5839] usb 6-1: SerialNumber: syz
[  347.861358][ T5839] usb 6-1: config 0 descriptor??
[  347.864365][ T5839] smsc95xx v2.0.0
[  348.600222][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  348.600237][   T33] audit: type=1326 audit(1755260184.095:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15410 comm="syz.2.3505" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x7fc00000
[  348.725121][T15426] loop2: detected capacity change from 0 to 4096
[  348.729809][T15426] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  348.756324][T15426] ntfs3(loop2): ino=19, mi_enum_attr
[  348.758473][T15426] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  349.079499][ T5839] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[  349.090562][ T5839] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  349.109175][ T5839] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  349.113458][ T5839] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[  349.195949][ T5839] usb 6-1: USB disconnect, device number 20
[  349.618438][T15445] loop2: detected capacity change from 0 to 4096
[  349.622838][T15445] ntfs3(loop2): ino=3, Correct links count -> 2.
[  349.803868][T15451] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3522'.
[  349.814319][T15451] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3522'.
[  349.833422][T15451] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3522'.
[  350.354219][T15472] loop2: detected capacity change from 0 to 32768
[  350.358431][T15472] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3532 (15472)
[  350.379315][T15472] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  350.389668][T15472] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  350.397115][T15472] BTRFS info (device loop2): using free-space-tree
[  350.543162][T15472] BTRFS error (device loop2): target device  is invalid!
[  350.588990][T12176] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  351.248326][T15513] netlink: 'syz.5.3543': attribute type 2 has an invalid length.
[  351.251473][T15513] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3543'.
[  352.634139][   T24] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  352.794042][   T24] usb 6-1: Using ep0 maxpacket: 8
[  352.801311][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  352.812372][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid wMaxPacketSize 0
[  352.818379][   T24] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  352.826076][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  352.831708][   T24] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  352.835048][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.840622][   T24] usb 6-1: Product: syz
[  352.842105][   T24] usb 6-1: Manufacturer: syz
[  352.844155][   T24] usb 6-1: SerialNumber: syz
[  352.851674][   T24] usb 6-1: config 0 descriptor??
[  352.873883][   T24] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found
[  353.039002][T15562] loop2: detected capacity change from 0 to 2048
[  353.068009][   T24] snd_usb_toneport 6-1:0.0: cannot get proper max packet size
[  353.074165][T15565] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  353.074706][   T24] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected
[  353.081757][   T24] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  353.132428][T15567] loop2: detected capacity change from 0 to 1024
[  353.159929][T15567] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.166694][T15567] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.187709][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.269112][   T24] usb 6-1: USB disconnect, device number 21
[  353.335195][T15579] loop2: detected capacity change from 0 to 512
[  353.362917][T15579] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  353.372277][T15579] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3573: bg 0: block 384: padding at end of block bitmap is not set
[  353.379624][T15579] EXT4-fs (loop2): Remounting filesystem read-only
[  353.382318][T15579] EXT4-fs (loop2): 1 truncate cleaned up
[  353.385425][T15579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.400579][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.500693][T15586] loop2: detected capacity change from 0 to 4096
[  353.605955][T15586] ntfs3(loop2): ino=b, mi_enum_attr
[  353.608396][T15586] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  353.611582][T15586] ntfs3(loop2): Failed to load $Extend (-22).
[  353.615507][T15586] ntfs3(loop2): Failed to initialize $Extend.
[  353.739619][T15594] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  353.899429][T15613] bridge0: port 3(hsr_slave_1) entered blocking state
[  353.902425][T15613] bridge0: port 3(hsr_slave_1) entered disabled state
[  353.908415][T15613] hsr_slave_1: entered allmulticast mode
[  353.912317][T15613] hsr_slave_1: left allmulticast mode
[  354.102903][ T5839] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  354.262813][ T5839] usb 6-1: Using ep0 maxpacket: 16
[  354.268155][ T5839] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  354.272050][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.277738][ T5839] usb 6-1: config 0 descriptor??
[  354.282903][ T5839] gspca_main: sonixj-2.14.0 probing 0471:0327
[  355.712412][ T5839] gspca_sonixj: i2c_w8 err -71
[  355.733844][ T5839] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[  355.739583][ T5839] usb 6-1: USB disconnect, device number 22
[  355.923123][T15658] loop2: detected capacity change from 0 to 256
[  355.927736][T15658] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  356.189462][T15676] loop2: detected capacity change from 0 to 512
[  356.243278][T15676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  356.248628][T15676] ext4 filesystem being mounted at /344/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.267945][T15676] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  356.327038][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.413547][T15689] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3617'.
[  356.741871][   T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  356.768039][ T5887] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  356.904030][   T24] usb 6-1: Using ep0 maxpacket: 16
[  356.908062][   T24] usb 6-1: config 0 has an invalid interface number: 142 but max is 0
[  356.912019][   T24] usb 6-1: config 0 has no interface number 0
[  356.916857][   T24] usb 6-1: New USB device found, idVendor=1bcf, idProduct=0b40, bcdDevice=a0.f1
[  356.921691][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.925100][   T24] usb 6-1: Product: syz
[  356.926820][   T24] usb 6-1: Manufacturer: syz
[  356.928732][   T24] usb 6-1: SerialNumber: syz
[  356.940747][ T5887] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  356.945393][   T24] usb 6-1: config 0 descriptor??
[  356.951450][ T5887] usb 3-1: config 0 has no interface number 0
[  356.960979][ T5887] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  356.967074][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.970581][ T5887] usb 3-1: Product: syz
[  356.976381][ T5887] usb 3-1: Manufacturer: syz
[  356.978415][ T5887] usb 3-1: SerialNumber: syz
[  356.991803][ T5887] usb 3-1: config 0 descriptor??
[  357.178227][   T24] usb 6-1: Found UVC 0.00 device syz (1bcf:0b40)
[  357.180806][   T24] usb 6-1: Forcing UVC version to 1.0a
[  357.190386][   T24] usb 6-1: No valid video chain found.
[  357.202153][   T24] usb 6-1: USB disconnect, device number 23
[  357.820969][ T5887] asix 3-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0xd7
[  358.020545][ T5904] usb 3-1: USB disconnect, device number 24
[  358.219581][   T55] Bluetooth: hci2: unexpected Set CIG Parameters response data
[  358.226973][   T55] Bluetooth: hci2: unexpected event for opcode 0x2062
[  359.847970][T15758] loop2: detected capacity change from 0 to 1024
[  359.862625][T15758] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  359.897262][T15758] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  359.910207][T15758] EXT4-fs (loop2): orphan cleanup on readonly fs
[  359.913925][T15758] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.3644: Freeing blocks not in datazone - block = 0, count = 4096
[  359.952796][T15758] EXT4-fs (loop2): 1 orphan inode deleted
[  359.959352][T15758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  360.038772][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.323234][T15770] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3649'.
[  360.576910][T15781] 9pnet_virtio: no channels available for device syz
[  360.765028][T15796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3661'.
[  361.747602][T15821] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3673'.
[  361.851844][ T5904] kernel read not supported for file /dsp1 (pid: 5904 comm: kworker/0:6)
[  362.261036][   T33] audit: type=1326 audit(1755260197.752:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15846 comm="syz.5.3684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  362.291554][   T55] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  362.295204][   T55] Bluetooth: hci2: Injecting HCI hardware error event
[  362.307983][ T9927] Bluetooth: hci2: hardware error 0x00
[  362.342086][   T33] audit: type=1326 audit(1755260197.752:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15846 comm="syz.5.3684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  362.693277][   T33] audit: type=1326 audit(1755260197.752:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15846 comm="syz.5.3684" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  362.702506][   T33] audit: type=1326 audit(1755260197.752:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15846 comm="syz.5.3684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  362.711855][   T33] audit: type=1326 audit(1755260197.752:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15846 comm="syz.5.3684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  362.920948][T15864] netlink: 64859 bytes leftover after parsing attributes in process `syz.5.3689'.
[  363.023766][T15867] loop2: detected capacity change from 0 to 4096
[  363.041819][T15867] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  363.115059][T15867] ntfs3(loop2): ino=19, mi_enum_attr
[  363.158979][T15867] ntfs3(loop2): failed to convert "c46c" to maciceland
[  363.163546][T15867] ntfs3(loop2): ino=20, mi_enum_attr
[  363.205978][T15873] netlink: 'syz.2.3692': attribute type 2 has an invalid length.
[  364.387652][ T9927] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  367.196620][T12555] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  367.671128][T12555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  367.675664][T12555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  367.680746][T12555] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  367.688912][T12555] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  367.692847][T12555] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.703674][T12555] usb 3-1: config 0 descriptor??
[  368.127922][T12555] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  368.326544][ T5904] usb 3-1: USB disconnect, device number 25
[  368.338661][T16009] netlink: 'syz.5.3749': attribute type 15 has an invalid length.
[  369.333611][T16023] loop2: detected capacity change from 0 to 1024
[  369.556364][T16023] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.693674][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.940594][T16051] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check.
[  370.005949][T16054] loop2: detected capacity change from 0 to 512
[  370.017681][T16054] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  370.034058][T16054] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  370.045450][T16054] EXT4-fs (loop2): filesystem has both journal inode and journal device!
[  370.140864][T16061] btrfs: Unexpected value for 'acl'
[  370.226757][ T9927] Bluetooth: hci0: command 0x0406 tx timeout
[  370.333530][T16077] libceph: resolve '0' (ret=-3): failed
[  372.318818][T16134] loop2: detected capacity change from 0 to 65
[  372.323087][T16134] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  372.331876][T16134] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[  374.641111][T16210] loop2: detected capacity change from 0 to 2048
[  374.645837][T16210] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=3932051, location=3932051
[  374.684829][T16210] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  375.191903][T16224] loop2: detected capacity change from 0 to 16
[  375.207034][T16224] erofs (device loop2): mounted with root inode @ nid 36.
[  376.040446][T16249] loop2: detected capacity change from 0 to 256
[  376.045605][T16249] exfat: Deprecated parameter 'namecase'
[  376.065434][T16249] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  376.222450][T16246] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.227762][T16246] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.360965][T16246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.374647][T16246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.485219][ T5867] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  376.489031][ T5867] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.496510][ T5867] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  376.500105][ T5867] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.505148][ T5867] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  376.508946][ T5867] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.512937][ T5867] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  376.516843][ T5867] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.552453][ T5887] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  376.725890][ T5887] usb 6-1: Using ep0 maxpacket: 16
[  376.732548][ T5887] usb 6-1: config 8 has an invalid interface number: 206 but max is 0
[  376.736394][ T5887] usb 6-1: config 8 has no interface number 0
[  376.739173][ T5887] usb 6-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[  376.744807][ T5887] usb 6-1: config 8 interface 206 altsetting 1 endpoint 0x87 has invalid maxpacket 33058, setting to 1024
[  376.749559][ T5887] usb 6-1: config 8 interface 206 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  376.756243][ T5887] usb 6-1: config 8 interface 206 has no altsetting 0
[  376.761950][ T5887] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  376.765478][ T5887] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.768885][ T5887] usb 6-1: Product: syz
[  376.770729][ T5887] usb 6-1: Manufacturer: syz
[  376.773999][ T5887] usb 6-1: SerialNumber: syz
[  376.853918][   T24] kernel read not supported for file /dsp1 (pid: 24 comm: kworker/1:0)
[  376.935620][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3863'.
[  376.939608][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3863'.
[  376.947336][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3863'.
[  376.987132][ T5887] garmin_gps 6-1:8.206: Garmin GPS usb/tty converter detected
[  377.175577][ T5887] usb 6-1: Garmin GPS usb/tty converter now attached to ttyUSB0
[  377.199640][ T5887] usb 6-1: USB disconnect, device number 24
[  377.232243][ T5887] garmin_gps ttyUSB0: Garmin GPS usb/tty converter now disconnected from ttyUSB0
[  377.241822][ T5887] garmin_gps 6-1:8.206: device disconnected
[  378.387314][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  378.392298][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  378.871382][T12555] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  379.022648][T12555] usb 6-1: Using ep0 maxpacket: 16
[  379.034918][T12555] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  379.039016][T12555] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  379.065183][T12555] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  379.069177][T12555] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  379.093181][T12555] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  379.106728][T12555] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  379.113079][T12555] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  379.116593][T12555] usb 6-1: Manufacturer: syz
[  379.123056][T12555] usb 6-1: config 0 descriptor??
[  379.315507][T16338] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3891'.
[  379.426914][T12555] rc_core: IR keymap rc-hauppauge not found
[  379.429401][T12555] Registered IR keymap rc-empty
[  379.437917][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.460164][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.482482][T12555] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  379.490802][T12555] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input12
[  379.499785][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.520269][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.540112][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.564500][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.580316][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.599998][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.621567][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.653830][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.679989][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.700113][T12555] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  379.741694][T12555] mceusb 6-1:0.0: Registered  with mce emulator interface version 1
[  379.747622][T12555] mceusb 6-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  379.813365][ T5839] usb 6-1: USB disconnect, device number 25
[  380.465183][   T33] audit: type=1326 audit(1755260215.981:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16384 comm="syz.5.3912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  380.481795][   T33] audit: type=1326 audit(1755260215.981:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16384 comm="syz.5.3912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  380.595599][T16398] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3917'.
[  380.624422][T16402] netlink: 'syz.6.3919': attribute type 39 has an invalid length.
[  382.066005][T16457] loop2: detected capacity change from 0 to 128
[  382.073351][T16457] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  382.086124][T16457] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  382.099122][ T5904] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  382.248620][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  382.253113][ T5904] usb 6-1: config 0 has an invalid interface number: 9 but max is 0
[  382.256566][ T5904] usb 6-1: config 0 has no interface number 0
[  382.261712][ T5904] usb 6-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  382.265687][ T5904] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.269279][ T5904] usb 6-1: Product: syz
[  382.271202][ T5904] usb 6-1: Manufacturer: syz
[  382.273334][ T5904] usb 6-1: SerialNumber: syz
[  382.277773][ T5904] usb 6-1: config 0 descriptor??
[  382.284368][ T5904] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  382.486627][ T5904] gspca_topro: reg_w err -71
[  382.520582][ T5904] gspca_topro: Sensor soi763a
[  382.531114][ T5904] usb 6-1: USB disconnect, device number 26
[  382.915842][T16481] loop2: detected capacity change from 0 to 16
[  382.921673][T16481] erofs (device loop2): mounted with root inode @ nid 36.
[  384.021104][T16507] [U] v
[  384.360134][T16518] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3963'.
[  384.494722][T16524] netlink: 'syz.2.3966': attribute type 2 has an invalid length.
[  384.816528][T16536] sctp: [Deprecated]: syz.5.3970 (pid 16536) Use of int in maxseg socket option.
[  384.816528][T16536] Use struct sctp_assoc_value instead
[  386.248950][T16578] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3988'.
[  386.974427][T16584] pim6reg: entered allmulticast mode
[  386.979022][T16584] pim6reg: left allmulticast mode
[  387.676949][T16605] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[  387.679856][T16605] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[  388.956122][T12555] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  389.115400][T12555] usb 3-1: Using ep0 maxpacket: 16
[  389.124583][T12555] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  389.137678][T12555] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.145373][T12555] usb 3-1: too many endpoints for config 1 interface 1 altsetting 48: 49, using maximum allowed: 30
[  389.155187][T12555] usb 3-1: config 1 interface 1 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 49
[  389.165328][T12555] usb 3-1: config 1 interface 1 has no altsetting 0
[  389.172576][T12555] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  389.185086][T12555] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.188246][T12555] usb 3-1: Product: syz
[  389.189919][T12555] usb 3-1: Manufacturer: syz
[  389.201994][T12555] usb 3-1: SerialNumber: syz
[  389.216506][T12555] usb 3-1: selecting invalid altsetting 1
[  389.218808][T12555] usb 3-1: selecting invalid altsetting 0
[  389.221070][T12555] usb 3-1: selecting invalid altsetting 0
[  389.233943][T12555] cdc_ncm 3-1:1.0: bind() failure
[  389.323413][T16696] netlink: zone id is out of range
[  389.326879][T16696] netlink: zone id is out of range
[  389.328992][T16696] netlink: zone id is out of range
[  389.331261][T16696] netlink: zone id is out of range
[  389.333669][T16696] netlink: zone id is out of range
[  389.338238][T16696] netlink: zone id is out of range
[  389.340513][T16696] netlink: zone id is out of range
[  389.344237][T16696] netlink: zone id is out of range
[  389.349661][T16696] netlink: zone id is out of range
[  389.351888][T16696] netlink: zone id is out of range
[  389.426084][T12555] usb 3-1: selecting invalid altsetting 0
[  389.428336][T12555] usbtest 3-1:1.1: probe with driver usbtest failed with error -22
[  389.453058][T12555] usb 3-1: USB disconnect, device number 26
[  389.552019][T16702] bridge0: port 3(macvlan3) entered blocking state
[  389.556840][T16702] bridge0: port 3(macvlan3) entered disabled state
[  389.562585][T16702] macvlan3: entered allmulticast mode
[  389.564407][T16702] dummy0: entered allmulticast mode
[  389.571276][T16702] macvlan3: entered promiscuous mode
[  389.574349][T16702] bridge0: port 3(macvlan3) entered blocking state
[  389.577156][T16702] bridge0: port 3(macvlan3) entered forwarding state
[  390.027923][T16709] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  390.168376][T16718] kAFS: unable to lookup cell '\/'
[  390.460957][T16737] netlink: 256 bytes leftover after parsing attributes in process `syz.5.4061'.
[  390.484906][T16737] unsupported nlmsg_type 40
[  390.572569][T16746] netlink: 92 bytes leftover after parsing attributes in process `syz.5.4064'.
[  390.589191][T16747] pimreg: entered allmulticast mode
[  390.751032][T16757] loop2: detected capacity change from 0 to 512
[  390.880751][T16757] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4070: invalid indirect mapped block 4294967295 (level 1)
[  390.895181][T16757] EXT4-fs (loop2): Remounting filesystem read-only
[  390.900305][T16757] EXT4-fs (loop2): 2 truncates cleaned up
[  390.903809][T16757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.112780][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.628882][T16793] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4085'.
[  391.772122][T16809] loop2: detected capacity change from 0 to 2048
[  391.777386][T16809] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  391.877414][T16817] loop2: detected capacity change from 0 to 1024
[  392.352843][   T33] audit: type=1326 audit(1755260227.867:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16829 comm="syz.6.4102" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  392.369379][   T33] audit: type=1326 audit(1755260227.867:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16829 comm="syz.6.4102" exe="/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  392.386095][   T33] audit: type=1326 audit(1755260227.867:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16829 comm="syz.6.4102" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  392.398915][   T33] audit: type=1326 audit(1755260227.867:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16829 comm="syz.6.4102" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  394.567715][T16871] Bluetooth: MGMT ver 1.23
[  394.610603][   T33] audit: type=1800 audit(1755260230.128:408): pid=16874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4121" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  394.919551][T16898] tmpfs: Bad value for 'mpol'
[  395.239437][T16900] loop2: detected capacity change from 0 to 32768
[  395.305952][T16900] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  395.326594][T16900] XFS (loop2): Ending clean mount
[  395.357265][T12176] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  396.594034][T16943] 9pnet_fd: Insufficient options for proto=fd
[  396.893974][   T33] audit: type=1326 audit(1755260232.420:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16946 comm="syz.5.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  396.916372][   T33] audit: type=1326 audit(1755260232.420:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16946 comm="syz.5.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  396.951401][   T33] audit: type=1326 audit(1755260232.420:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16946 comm="syz.5.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  396.987326][   T33] audit: type=1326 audit(1755260232.420:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16946 comm="syz.5.4150" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  397.166176][T16968] netlink: 'syz.5.4159': attribute type 3 has an invalid length.
[  398.676669][   T33] audit: type=1326 audit(1755260234.201:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa7385ba7 code=0x7ffc0000
[  398.730706][   T33] audit: type=1326 audit(1755260234.211:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa732add9 code=0x7ffc0000
[  398.764017][   T33] audit: type=1326 audit(1755260234.211:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x7ffc0000
[  398.821481][   T33] audit: type=1326 audit(1755260234.221:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa7385ba7 code=0x7ffc0000
[  398.850351][   T33] audit: type=1326 audit(1755260234.221:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa732add9 code=0x7ffc0000
[  398.874551][   T33] audit: type=1326 audit(1755260234.221:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa7385ba7 code=0x7ffc0000
[  398.902503][   T33] audit: type=1326 audit(1755260234.221:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa732add9 code=0x7ffc0000
[  398.909924][   T33] audit: type=1326 audit(1755260234.221:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa7385ba7 code=0x7ffc0000
[  398.978373][   T33] audit: type=1326 audit(1755260234.221:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fa732add9 code=0x7ffc0000
[  399.012091][   T33] audit: type=1326 audit(1755260234.221:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.6.4168" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fa7385ba7 code=0x7ffc0000
[  399.149679][T16983] syz.5.4166 (16983): drop_caches: 2
[  400.129818][T17027] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4185'.
[  400.154701][T17028] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  401.195134][T17064] o2cb: This node has not been configured.
[  401.198413][T17064] o2cb: Cluster check failed. Fix errors before retrying.
[  401.202472][T17064] (syz.5.4199,17064,1):user_dlm_register:674 ERROR: status = -22
[  401.205886][T17064] (syz.5.4199,17064,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[  401.259515][T17067] binder: 17059:17067 ioctl 400c620e 200000000240 returned -22
[  402.427258][T17086] loop2: detected capacity change from 0 to 64
[  402.552780][T17090] loop2: detected capacity change from 0 to 256
[  402.560760][T17090] FAT-fs (loop2): bogus logical sector size 0
[  402.564308][T17090] FAT-fs (loop2): Can't find a valid FAT filesystem
[  403.340370][T10074] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  403.358283][T10074] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  403.373794][T17116] loop2: detected capacity change from 0 to 32768
[  403.397880][T17116] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  403.462577][T17116] XFS (loop2): Ending clean mount
[  403.474593][T17116] XFS (loop2): Quotacheck needed: Please wait.
[  403.524136][T17116] XFS (loop2): Quotacheck: Done.
[  403.597296][T17116] XFS (loop2): User initiated shutdown received.
[  403.602907][T17116] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  403.614774][T17116] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  403.684871][T12176] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  404.015302][T17150] netlink: 180 bytes leftover after parsing attributes in process `syz.6.4234'.
[  404.872600][T17172] loop2: detected capacity change from 0 to 1024
[  405.060624][T11550] hfsplus: b-tree write err: -5, ino 4
[  405.619967][T17200] loop2: detected capacity change from 0 to 1024
[  405.664400][ T3607] hfsplus: b-tree write err: -5, ino 4
[  405.695845][T17206] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4261'.
[  406.215691][T17242] loop2: detected capacity change from 0 to 256
[  406.236257][T17242] FAT-fs (loop2): Directory bread(block 64) failed
[  406.242935][T17242] FAT-fs (loop2): Directory bread(block 65) failed
[  406.256982][T17242] FAT-fs (loop2): Directory bread(block 66) failed
[  406.260440][T17242] FAT-fs (loop2): Directory bread(block 67) failed
[  406.263286][T17242] FAT-fs (loop2): Directory bread(block 68) failed
[  406.266064][T17242] FAT-fs (loop2): Directory bread(block 69) failed
[  406.280265][T17242] FAT-fs (loop2): Directory bread(block 70) failed
[  406.283038][T17242] FAT-fs (loop2): Directory bread(block 71) failed
[  406.285790][T17242] FAT-fs (loop2): Directory bread(block 72) failed
[  406.291153][T17242] FAT-fs (loop2): Directory bread(block 73) failed
[  406.430301][T17253] loop2: detected capacity change from 0 to 128
[  406.484735][T12176] FAT-fs (loop2): error, invalid access to FAT (entry 0x266f0005)
[  406.490987][T12176] FAT-fs (loop2): Filesystem has been set read-only
[  406.552208][T17257] loop2: detected capacity change from 0 to 512
[  406.555462][T17257] EXT4-fs: Ignoring removed orlov option
[  406.562954][T17257] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  406.586038][T17257] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #17: comm syz.2.4285: corrupted in-inode xattr: overlapping e_value 
[  406.592294][T17257] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4285: couldn't read orphan inode 17 (err -117)
[  406.599399][T17257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  406.609707][T17257] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.811104][T17269] tmpfs: Bad value for 'mpol'
[  407.062288][T17281] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4295'.
[  407.069564][T17281] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4295'.
[  407.164395][T17286] tipc: Can't bind to reserved service type 1
[  407.164410][T17288] loop2: detected capacity change from 0 to 256
[  407.182792][T17288] overlayfs: failed to resolve './file0': -2
[  407.408092][T17304] loop2: detected capacity change from 0 to 164
[  407.431967][T17304] iso9660: Corrupted directory entry in block 2 of inode 1920
[  407.908945][ T5839] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  408.356707][ T5839] usb 6-1: Using ep0 maxpacket: 16
[  408.359802][ T5839] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.363233][ T5839] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.366760][ T5839] usb 6-1: config 0 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  408.371602][ T5839] usb 6-1: config 0 interface 0 has no altsetting 0
[  408.373988][ T5839] usb 6-1: New USB device found, idVendor=05ac, idProduct=025a, bcdDevice= 0.00
[  408.377349][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.382212][ T5839] usb 6-1: config 0 descriptor??
[  408.392430][ T5839] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input14
[  408.590206][ T5280] bcm5974 6-1:0.0: could not read from device
[  408.620222][ T5280] bcm5974 6-1:0.0: could not read from device
[  408.627429][ T5280] bcm5974 6-1:0.0: could not read from device
[  408.648768][ T5839] usb 6-1: USB disconnect, device number 27
[  408.670751][ T5843] udevd[5843]: Unable to EVIOCGABS device "/dev/input/event3"
[  408.679739][ T5843] udevd[5843]: Unable to EVIOCGABS device "/dev/input/event3"
[  408.682758][ T5843] udevd[5843]: Unable to EVIOCGABS device "/dev/input/event3"
[  408.687244][ T5843] udevd[5843]: Unable to EVIOCGABS device "/dev/input/event3"
[  408.802125][T17329] tipc: Cannot configure node identity twice
[  409.084260][   T33] kauditd_printk_skb: 8 callbacks suppressed
[  409.084273][   T33] audit: type=1326 audit(1755260244.606:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz.2.4321" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc06878ebe9 code=0x0
[  409.382456][T17349] loop2: detected capacity change from 0 to 2048
[  409.398646][T17349] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  409.414377][T17349] UDF-fs: error (device loop2): udf_read_inode: (ino 1345) failed !bh
[  409.860696][T17352] loop2: detected capacity change from 0 to 32768
[  409.914082][T17355] loop2: detected capacity change from 0 to 16
[  409.924023][T17355] erofs (device loop2): mounted with root inode @ nid 36.
[  410.150748][T17363] loop2: detected capacity change from 0 to 2048
[  410.158834][T17363] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  412.178557][T17441] loop2: detected capacity change from 0 to 16
[  412.191048][T17441] erofs (device loop2): mounted with root inode @ nid 36.
[  412.346668][   T33] audit: type=1326 audit(1755260247.857:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17443 comm="syz.6.4370" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fa738ebe9 code=0x0
[  412.502381][T17462] erofs (device loop2): inline data across blocks @ nid 36
[  412.506128][T17462] syz.2.4367: attempt to access beyond end of device
[  412.506128][T17462] loop2: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  413.214531][   T33] audit: type=1804 audit(1755260248.748:433): pid=17498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.4396" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=43676 res=1 errno=0
[  413.230939][   T33] audit: type=1804 audit(1755260248.748:434): pid=17498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.4396" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=43676 res=1 errno=0
[  413.375156][T17497] loop2: detected capacity change from 0 to 32768
[  413.386908][T17497] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4395 (17497)
[  413.407418][T17497] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  413.415481][T17497] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  413.419551][T17497] BTRFS info (device loop2): disk space caching is enabled
[  413.426474][T17497] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  413.503221][T17497] BTRFS info (device loop2): rebuilding free space tree
[  413.521560][T17497] BTRFS info (device loop2): disabling free space tree
[  413.531572][T17497] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  413.543193][T17497] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  413.667637][T17538] overlayfs: failed to resolve './file0': -2
[  413.684790][T12176] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  414.258645][T17569] loop2: detected capacity change from 0 to 512
[  414.261696][T17569] EXT4-fs: Ignoring removed nomblk_io_submit option
[  414.274452][T17569] EXT4-fs: Ignoring removed i_version option
[  414.301669][T17569] EXT4-fs (loop2): 1 orphan inode deleted
[  414.305807][T17569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.359698][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.388295][   T33] audit: type=1326 audit(1755260249.918:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.418698][   T33] audit: type=1326 audit(1755260249.918:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.436452][   T33] audit: type=1326 audit(1755260249.918:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.446561][T17577] loop2: detected capacity change from 0 to 256
[  414.463921][T17577] exFAT-fs (loop2): error, data size is invalid(34359738378)
[  414.466622][T17577] exFAT-fs (loop2): Filesystem has been set read-only
[  414.470735][T17577] exFAT-fs (loop2): error, data size is invalid(34359738378)
[  414.474169][   T33] audit: type=1326 audit(1755260249.918:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474210][   T33] audit: type=1326 audit(1755260249.918:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474238][   T33] audit: type=1326 audit(1755260249.918:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474264][   T33] audit: type=1326 audit(1755260249.918:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474289][   T33] audit: type=1326 audit(1755260249.918:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474316][   T33] audit: type=1326 audit(1755260249.928:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.474342][   T33] audit: type=1326 audit(1755260249.928:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17574 comm="syz.5.4421" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  414.698638][T17585] loop2: detected capacity change from 0 to 256
[  414.795212][T17585] FAT-fs (loop2): Directory bread(block 64) failed
[  414.798018][T17585] FAT-fs (loop2): Directory bread(block 65) failed
[  414.800983][T17585] FAT-fs (loop2): Directory bread(block 66) failed
[  414.805266][T17585] FAT-fs (loop2): Directory bread(block 67) failed
[  414.808405][T17585] FAT-fs (loop2): Directory bread(block 68) failed
[  414.811527][T17585] FAT-fs (loop2): Directory bread(block 69) failed
[  414.817134][T17585] FAT-fs (loop2): Directory bread(block 70) failed
[  414.820236][T17585] FAT-fs (loop2): Directory bread(block 71) failed
[  414.824823][T17585] FAT-fs (loop2): Directory bread(block 72) failed
[  414.827620][T17585] FAT-fs (loop2): Directory bread(block 73) failed
[  415.722648][T17601] loop2: detected capacity change from 0 to 32768
[  415.731280][T17601] XFS: noikeep mount option is deprecated.
[  415.778643][T17601] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  415.856166][T17601] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  415.899085][T17601] XFS (loop2): Starting recovery (logdev: internal)
[  415.945744][T17601] XFS (loop2): Ending recovery (logdev: internal)
[  415.991214][T12176] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  416.479795][T17655] loop2: detected capacity change from 0 to 764
[  416.515819][T17655] rock: directory entry would overflow storage
[  416.518619][T17655] rock: sig=0x5245, size=8, remaining=5
[  417.459054][T17703] net_ratelimit: 4 callbacks suppressed
[  417.459491][T17703] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  417.462595][ T5839] IPVS: starting estimator thread 0...
[  417.561311][T17706] IPVS: using max 80 ests per chain, 192000 per kthread
[  418.122016][T17734] loop2: detected capacity change from 0 to 4096
[  418.150893][T17734] ntfs3(loop2): mft corrupted
[  418.153010][T17734] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  418.159016][T17734] ntfs3(loop2): ino=1a, mi_enum_attr
[  418.161879][T17734] ntfs3(loop2): ino=1a, mi_enum_attr
[  418.164503][T17734] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  418.976267][T17759] loop2: detected capacity change from 0 to 1024
[  418.979629][T17759] EXT4-fs: Ignoring removed bh option
[  418.984752][T17759] EXT4-fs: inline encryption not supported
[  418.996484][T17759] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  419.013708][T17759] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.4497: lblock 2 mapped to illegal pblock 2 (length 1)
[  419.022580][T17759] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.4497: lblock 0 mapped to illegal pblock 48 (length 1)
[  419.027070][T17759] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.4497: Failed to acquire dquot type 0
[  419.031540][T17759] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  419.037011][T17759] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.4497: mark_inode_dirty error
[  419.041257][T17759] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  419.044518][T17759] EXT4-fs (loop2): 1 orphan inode deleted
[  419.047092][T17759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.054057][   T26] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  419.056241][T17759] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 16: comm syz.2.4497: lblock 0 mapped to illegal pblock 16 (length 1)
[  419.077589][   T26] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u9:0: Failed to release dquot type 0
[  419.091393][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.095367][T12176] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  419.104875][T12176] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  419.110841][T12176] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  420.725245][T17818] loop2: detected capacity change from 0 to 2048
[  420.750794][T17818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.577289][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.026498][T17868] overlayfs: failed to clone upperpath
[  423.491018][T17881] loop2: detected capacity change from 0 to 512
[  423.496472][T17881] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  423.499982][T17881] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.4544: inode #1661: comm syz.2.4544: iget: illegal inode #
[  423.505803][T17881] EXT4-fs (loop2): no journal found
[  423.507803][T17881] EXT4-fs (loop2): can't get journal size
[  423.515071][T17881] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  423.518935][ T5904] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  423.523523][T17881] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002]
[  423.529793][T17881] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  423.533835][T17881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.556834][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.668323][ T5904] usb 6-1: Using ep0 maxpacket: 16
[  423.674099][ T5904] usb 6-1: config 8 has an invalid interface number: 39 but max is 0
[  423.682526][ T5904] usb 6-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  423.696926][ T5904] usb 6-1: config 8 has no interface number 0
[  423.699728][ T5904] usb 6-1: config 8 interface 39 altsetting 1 endpoint 0xC has invalid wMaxPacketSize 0
[  423.703433][ T5904] usb 6-1: config 8 interface 39 altsetting 1 bulk endpoint 0xC has invalid maxpacket 0
[  423.712859][T17888] loop2: detected capacity change from 0 to 2048
[  423.715438][ T5904] usb 6-1: config 8 interface 39 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  423.736964][ T5904] usb 6-1: config 8 interface 39 has no altsetting 0
[  423.753214][ T5904] usb 6-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  423.757292][ T5904] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.773606][ T5904] usb 6-1: Product: syz
[  423.775280][ T5904] usb 6-1: Manufacturer: syz
[  423.777126][ T5904] usb 6-1: SerialNumber: syz
[  423.779640][T17888] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.796138][   T33] kauditd_printk_skb: 28 callbacks suppressed
[  423.796149][   T33] audit: type=1800 audit(1755260259.323:470): pid=17888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4546" name="file1" dev="loop2" ino=15 res=0 errno=0
[  423.809741][T17888] EXT4-fs (loop2): Online defrag not supported with bigalloc
[  423.816314][   T33] audit: type=1800 audit(1755260259.343:471): pid=17888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4546" name="file2" dev="loop2" ino=16 res=0 errno=0
[  423.848922][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.023800][ T5904] ipheth 6-1:8.39: Unable to find endpoints
[  424.033427][ T5904] usb 6-1: USB disconnect, device number 28
[  424.066960][T17902] netlink: 'syz.6.4552': attribute type 5 has an invalid length.
[  424.172847][T17912] loop2: detected capacity change from 0 to 256
[  424.180552][T17912] exfat: Deprecated parameter 'utf8'
[  424.182573][T17912] exfat: Deprecated parameter 'namecase'
[  424.184738][T17912] exfat: Deprecated parameter 'namecase'
[  424.196351][T17912] exfat: Deprecated parameter 'utf8'
[  424.209516][T17912] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  424.220181][T17912] exFAT-fs (loop2): start_clu is invalid cluster(0x400)
[  424.328402][T17919] loop2: detected capacity change from 0 to 2048
[  424.355291][T17919] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  424.600733][T17934] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  424.671686][T17939] loop2: detected capacity change from 0 to 512
[  424.861726][T17946] loop2: detected capacity change from 0 to 512
[  424.865151][T17946] EXT4-fs: Ignoring removed nobh option
[  424.896153][T17946] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4572: iget: bad i_size value: 38620345925642
[  424.919919][T17946] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4572: couldn't read orphan inode 15 (err -117)
[  424.939300][T17946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.983333][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.226148][   T33] audit: type=1326 audit(1755260260.754:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.5.4579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  425.240775][   T33] audit: type=1326 audit(1755260260.754:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.5.4579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  425.261263][   T33] audit: type=1326 audit(1755260260.774:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.5.4579" exe="/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  425.279002][   T33] audit: type=1326 audit(1755260260.774:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.5.4579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  425.288900][   T33] audit: type=1326 audit(1755260260.774:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17961 comm="syz.5.4579" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67ea38ebe9 code=0x7ffc0000
[  425.298426][ T5904] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  425.390397][T17975] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4584'.
[  425.447828][ T5904] usb 3-1: Using ep0 maxpacket: 32
[  425.454897][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.463098][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.466745][ T5904] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  425.476026][ T5904] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.493121][ T5904] usb 3-1: config 0 descriptor??
[  425.500003][ T5904] hub 3-1:0.0: USB hub found
[  425.753617][ T5904] hub 3-1:0.0: 31 ports detected
[  425.756347][ T5904] hub 3-1:0.0: insufficient power available to use all downstream ports
[  426.228220][ T5904] usb 3-1: USB disconnect, device number 27
[  426.803986][T18027] loop2: detected capacity change from 0 to 4096
[  426.855571][T18027] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  426.879898][T18027] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  427.106273][ T5904] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  427.153974][T18047] loop2: detected capacity change from 0 to 32768
[  427.191802][T18047] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  427.218968][T12176] ocfs2: Unmounting device (7,2) on (node local)
[  427.268874][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  427.272367][ T5904] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  427.275550][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  427.280572][ T5904] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  427.284102][ T5904] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  427.288126][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.294752][ T5904] usb 6-1: config 0 descriptor??
[  427.866687][ T5904] hdpvr 6-1:0.0: firmware version 0x20 dated %@
[  427.869606][ T5904] hdpvr 6-1:0.0: untested firmware, the driver might not work.
[  428.261525][ T5904] hdpvr 6-1:0.0: Could not setup controls
[  428.264894][ T5904] hdpvr 6-1:0.0: registering videodev failed
[  428.275151][ T5904] hdpvr 6-1:0.0: probe with driver hdpvr failed with error -71
[  428.288578][ T5904] usb 6-1: USB disconnect, device number 29
[  428.481489][T18075] loop2: detected capacity change from 0 to 40427
[  428.493707][T18075] F2FS-fs: heap/no_heap options were deprecated
[  428.498536][T18075] F2FS-fs (loop2): Image doesn't support compression
[  428.504380][T18075] F2FS-fs (loop2): invalid crc value
[  428.551867][T18075] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  428.563381][T18075] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  428.589296][T12176] syz-executor: attempt to access beyond end of device
[  428.589296][T12176] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  428.601048][T12176] CPU: 1 UID: 0 PID: 12176 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  428.601061][T12176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  428.601065][T12176] Call Trace:
[  428.601068][T12176]  <TASK>
[  428.601072][T12176]  dump_stack_lvl+0x189/0x250
[  428.601086][T12176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.601094][T12176]  ? __pfx_queue_work_on+0x10/0x10
[  428.601102][T12176]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  428.601111][T12176]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  428.601124][T12176]  f2fs_handle_critical_error+0x37c/0x540
[  428.601136][T12176]  f2fs_write_end_io+0x886/0xb60
[  428.601150][T12176]  __submit_merged_bio+0x27a/0x6a0
[  428.601184][T12176]  __submit_merged_write_cond+0x255/0x530
[  428.601197][T12176]  f2fs_write_data_pages+0x261d/0x3000
[  428.601219][T12176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  428.601245][T12176]  ? __mod_zone_page_state+0xd7/0x140
[  428.601258][T12176]  ? folios_put_refs+0x560/0x640
[  428.601271][T12176]  ? __lock_acquire+0xab9/0xd20
[  428.601283][T12176]  ? do_raw_spin_lock+0x121/0x290
[  428.601295][T12176]  ? do_raw_spin_unlock+0x4d/0x240
[  428.601303][T12176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  428.601313][T12176]  do_writepages+0x32e/0x550
[  428.601325][T12176]  ? do_raw_spin_unlock+0x4d/0x240
[  428.601335][T12176]  filemap_fdatawrite+0x199/0x240
[  428.601344][T12176]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  428.601370][T12176]  ? do_raw_spin_unlock+0x4d/0x240
[  428.601380][T12176]  f2fs_sync_dirty_inodes+0x31f/0x830
[  428.601392][T12176]  f2fs_write_checkpoint+0x95a/0x1df0
[  428.601408][T12176]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  428.601431][T12176]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  428.601437][T12176]  ? kfree+0x18e/0x440
[  428.601446][T12176]  ? kill_f2fs_super+0x298/0x6c0
[  428.601455][T12176]  kill_f2fs_super+0x2c3/0x6c0
[  428.601464][T12176]  ? __pfx_kill_f2fs_super+0x10/0x10
[  428.601469][T12176]  ? radix_tree_delete_item+0x2b6/0x400
[  428.601482][T12176]  ? shrinker_free+0x2ce/0x3e0
[  428.601490][T12176]  deactivate_locked_super+0xbc/0x130
[  428.601500][T12176]  cleanup_mnt+0x425/0x4c0
[  428.601507][T12176]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.601517][T12176]  task_work_run+0x1d4/0x260
[  428.601527][T12176]  ? __pfx_task_work_run+0x10/0x10
[  428.601535][T12176]  ? __x64_sys_umount+0x122/0x160
[  428.601545][T12176]  ? exit_to_user_mode_loop+0x40/0x110
[  428.601556][T12176]  exit_to_user_mode_loop+0xec/0x110
[  428.601565][T12176]  do_syscall_64+0x2bd/0x3b0
[  428.601573][T12176]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.601581][T12176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.601588][T12176]  ? exc_page_fault+0x9f/0xf0
[  428.601597][T12176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.601603][T12176] RIP: 0033:0x7fc06878ff17
[  428.601610][T12176] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  428.601616][T12176] RSP: 002b:00007ffd7d898288 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  428.601624][T12176] RAX: 0000000000000000 RBX: 00007fc068811c05 RCX: 00007fc06878ff17
[  428.601635][T12176] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd7d898340
[  428.601639][T12176] RBP: 00007ffd7d898340 R08: 0000000000000000 R09: 0000000000000000
[  428.601644][T12176] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd7d8993d0
[  428.601648][T12176] R13: 00007fc068811c05 R14: 0000000000068a1c R15: 00007ffd7d899410
[  428.601660][T12176]  </TASK>
[  428.601663][T12176] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  429.011199][T18093] loop2: detected capacity change from 0 to 2048
[  429.017816][T18093] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  429.129064][T18098] loop2: detected capacity change from 0 to 4096
[  429.161832][T18100] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  429.335128][T11754] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[  429.475196][T12555] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  429.486531][T11754] usb 6-1: config 7 has an invalid interface number: 34 but max is 0
[  429.490010][T11754] usb 6-1: config 7 has no interface number 0
[  429.494849][T11754] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db51, bcdDevice=5e.35
[  429.499670][T11754] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.503080][T11754] usb 6-1: Product: syz
[  429.505003][T11754] usb 6-1: Manufacturer: syz
[  429.506994][T11754] usb 6-1: SerialNumber: syz
[  429.628634][T12555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  429.632743][T12555] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  429.637347][T12555] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  429.642243][T12555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  429.654248][T12555] usb 3-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  429.658630][T12555] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.662100][T12555] usb 3-1: Product: syz
[  429.664038][T12555] usb 3-1: Manufacturer: syz
[  429.666300][T12555] usb 3-1: SerialNumber: syz
[  429.672741][T12555] usb 3-1: config 0 descriptor??
[  429.686529][T12555] kvaser_usb 3-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  429.924131][T11754] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual USB' in warm state.
[  429.934565][T11754] dvb-usb: bulk message failed: -22 (2/0)
[  429.937841][T12555] usb 3-1: USB disconnect, device number 28
[  429.948491][T11754] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  429.957341][T11754] dvb-usb: DViCO FusionHDTV DVB-T Dual USB error while loading driver (-19)
[  429.961394][T11754] dvb_usb_cxusb 6-1:7.34: probe with driver dvb_usb_cxusb failed with error -22
[  430.255254][T11754] usb 6-1: USB disconnect, device number 30
[  430.792828][T18122] loop2: detected capacity change from 0 to 1024
[  430.806167][T18122] EXT4-fs: Ignoring removed nobh option
[  430.821363][T18122] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  430.837089][T18122] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.4650: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  430.846591][T18122] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4650: couldn't read orphan inode 11 (err -117)
[  430.852989][T18122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.875012][T12176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.229694][T18132] netlink: 'syz.2.4652': attribute type 84 has an invalid length.
[  431.641999][T18137] loop2: detected capacity change from 0 to 2048
[  431.650524][T18137] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  431.675019][T18137] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  431.749944][T18141] 9pnet_fd: Insufficient options for proto=fd
[  432.633421][T12555] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  432.825057][T12555] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  432.829277][T12555] usb 3-1: New USB device found, idVendor=056a, idProduct=032b, bcdDevice= 0.00
[  432.833533][T12555] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.839023][T12555] usb 3-1: config 0 descriptor??
[  433.369448][T12555] wacom 0003:056A:032B.000C: unbalanced collection at end of report description
[  433.375681][T12555] wacom 0003:056A:032B.000C: parse failed
[  433.377818][T12555] wacom 0003:056A:032B.000C: probe with driver wacom failed with error -22
[  433.569289][T12555] usb 3-1: USB disconnect, device number 29
[  434.190451][T18211] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  434.358698][T18223] loop2: detected capacity change from 0 to 128
[  434.362345][T18223] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  434.379404][T18223] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  436.246680][T18299] gtp0: entered promiscuous mode
[  436.248960][T18299] gtp0: entered allmulticast mode
[  436.547184][T18319] overlayfs: failed to clone lowerpath
[  436.616091][T18323] netlink: 'syz.6.4738': attribute type 10 has an invalid length.
[  436.619472][T18323] veth1_vlan: entered allmulticast mode
[  436.642213][T18323] veth1_vlan: left promiscuous mode
[  436.648086][T18323] team0: Device veth1_vlan failed to register rx_handler
[  436.748512][T18306] loop2: detected capacity change from 0 to 32768
[  436.800520][   T33] audit: type=1800 audit(1755260272.340:477): pid=18306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4731" name="file1" dev="loop2" ino=4 res=0 errno=0
[  437.123570][ T5839] libceph: connect (1)[c::]:6789 error -101
[  437.126722][ T5839] libceph: mon0 (1)[c::]:6789 connect error
[  437.213171][T18306] ERROR: (device loop2): dbAdjCtl: the maximum free buddy is not the old root
[  437.213171][T18306] 
[  437.217381][T18306] ERROR: (device loop2): remounting filesystem as read-only
[  437.245598][T12176] ------------[ cut here ]------------
[  437.247901][T12176] kernel BUG at fs/jfs/inode.c:169!
[  437.249760][T12176] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  437.252282][T12176] CPU: 1 UID: 0 PID: 12176 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  437.258469][T12176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  437.262769][T12176] RIP: 0010:jfs_evict_inode+0x438/0x440
[  437.265193][T12176] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 53 7d e8 fe e9 16 fe ff ff e8 29 14 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  437.273312][T12176] RSP: 0018:ffffc900047afae0 EFLAGS: 00010293
[  437.275913][T12176] RAX: ffffffff833a9767 RBX: ffff88803f4d44b8 RCX: ffff8880218d5640
[  437.279320][T12176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88803f4d44b8
[  437.282723][T12176] RBP: 0000000000000001 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  437.286142][T12176] R10: dffffc0000000000 R11: ffffffff833a7460 R12: dffffc0000000000
[  437.289542][T12176] R13: dffffc0000000000 R14: ffff88803f4d4140 R15: ffffffff833a9330
[  437.292952][T12176] FS:  00005555917a2500(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  437.296774][T12176] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  437.299607][T12176] CR2: 00007ffd7d897ff8 CR3: 000000010823c000 CR4: 00000000000006f0
[  437.303058][T12176] Call Trace:
[  437.304529][T12176]  <TASK>
[  437.305844][T12176]  ? evict+0x4f8/0x9c0
[  437.307638][T12176]  ? __pfx_jfs_evict_inode+0x10/0x10
[  437.309946][T12176]  evict+0x504/0x9c0
[  437.311663][T12176]  ? __pfx_evict+0x10/0x10
[  437.313628][T12176]  ? do_raw_spin_unlock+0x4d/0x240
[  437.315904][T12176]  evict_inodes+0x64c/0x6d0
[  437.317914][T12176]  ? __pfx_evict_inodes+0x10/0x10
[  437.320114][T12176]  generic_shutdown_super+0x9a/0x2c0
[  437.322232][T12176]  kill_block_super+0x44/0x90
[  437.324216][T12176]  deactivate_locked_super+0xbc/0x130
[  437.326454][T12176]  cleanup_mnt+0x425/0x4c0
[  437.328369][T12176]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.330593][T12176]  task_work_run+0x1d4/0x260
[  437.332623][T12176]  ? __pfx_task_work_run+0x10/0x10
[  437.334858][T12176]  ? __x64_sys_umount+0x122/0x160
[  437.337067][T12176]  ? exit_to_user_mode_loop+0x40/0x110
[  437.339441][T12176]  exit_to_user_mode_loop+0xec/0x110
[  437.341746][T12176]  do_syscall_64+0x2bd/0x3b0
[  437.343772][T12176]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.346025][T12176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.348636][T12176]  ? exc_page_fault+0x9f/0xf0
[  437.350529][T12176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.352930][T12176] RIP: 0033:0x7fc06878ff17
[  437.354832][T12176] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  437.362781][T12176] RSP: 002b:00007ffd7d898288 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  437.366377][T12176] RAX: 0000000000000000 RBX: 00007fc068811c05 RCX: 00007fc06878ff17
[  437.369789][T12176] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd7d898340
[  437.373185][T12176] RBP: 00007ffd7d898340 R08: 0000000000000000 R09: 0000000000000000
[  437.376597][T12176] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd7d8993d0
[  437.379980][T12176] R13: 00007fc068811c05 R14: 000000000006abea R15: 00007ffd7d899410
[  437.383339][T12176]  </TASK>
[  437.384631][T12176] Modules linked in:
[  437.387312][T12176] ---[ end trace 0000000000000000 ]---
[  437.391281][ T5839] libceph: connect (1)[c::]:6789 error -101
[  437.396063][T12176] RIP: 0010:jfs_evict_inode+0x438/0x440
[  437.396222][ T5839] libceph: mon0 (1)[c::]:6789 connect error
[  437.398625][T12176] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 53 7d e8 fe e9 16 fe ff ff e8 29 14 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  437.409998][T12176] RSP: 0018:ffffc900047afae0 EFLAGS: 00010293
[  437.412851][T12176] RAX: ffffffff833a9767 RBX: ffff88803f4d44b8 RCX: ffff8880218d5640
[  437.416310][T12176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88803f4d44b8
[  437.419721][T12176] RBP: 0000000000000001 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  437.424294][T12176] R10: dffffc0000000000 R11: ffffffff833a7460 R12: dffffc0000000000
[  437.427643][T12176] R13: dffffc0000000000 R14: ffff88803f4d4140 R15: ffffffff833a9330
[  437.431217][T12176] FS:  00005555917a2500(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  437.434919][T12176] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  437.437626][T12176] CR2: 00007ffd7d897ff8 CR3: 000000010823c000 CR4: 00000000000006f0
[  437.441394][T12176] Kernel panic - not syncing: Fatal exception
[  437.444904][T12176] Kernel Offset: disabled
[  437.446794][T12176] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:13:45  Registers:
info registers vcpu 0

CPU#0
RAX=280b4dc377988d00 RBX=ffffffff81968308 RCX=280b4dc377988d00 RDX=0000000000000001
RSI=ffffffff8be333e0 RDI=ffffffff81968308 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa37e30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b30a23ffc CR3=000000010d610000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f1fa7587498 00007f1fa7587470 XMM03=00007f1fa75874a8 00007f1fa75874a0
XMM04=00007f1fa80ed100 00007f1fa7587460 XMM05=00007f1fa7587478 00007f1fa75874c0
XMM06=00007f1fa75874b8 00007f1fa75874b0 XMM07=00007f1fa75874a8 00007f1fa75874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f1fa7412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000037 RBX=0000000000000037 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900047af1f0
R8 =ffff8880218f0237 R9 =1ffff1100431e046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98d4 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555917a2500 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd7d897ff8 CR3=000000010823c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 ff000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fc068812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
