last executing test programs:

3m38.785069647s ago: executing program 0 (id=172):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000940)={0x1, 0x0, [{0x48d, 0x0, 0x8}]})

3m38.320387424s ago: executing program 0 (id=174):
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file1\x00', 0x4604, &(0x7f0000003240)=ANY=[], 0x3, 0x33d, &(0x7f0000000140)="$eJzs3E1rG0cYwPFHL5YlubZ0KC0tFA/tpb0IW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPPQVC7jkFcjA++mZI/AV8yS255JKbLoYcYkLIhn2zXm0rihw59v8HYUcz80gzmlF4dvFu/bfbfxXzZiqvVSUYVRIQETkRSUpQfAHvGHTKEWm2Ld+MPX/8xcLS8s+ZbHZmXqnZzOK3aaXUxOSDv/+Ned0ORuUouVI/Tj87+uTos/rrxT8LpiqYqlSuKk2tlp9WtVVDV+sFs5hSas7QNVNXhZKpV9z2stueN8obGzWlldbH4xsV3TSVVqqpol5T1bKqVmpK+0MrlFQqlVLjccEF7AWd1zJ9Rq8NeDS4JJVKRguJSKyjJbc7lAEBAIChas//g3ZK31f+LxNO/m93buT/e18eVsd+3Z84sGNX6geRbvn/d0/c92rJ/6Mi0k/+f1feIv/vzIhultzufP/5P66GyUhHVaDllZ3/x73fr2Pn970pp0D+DwAAAAAAAAAAAAAAAAAAAADAh+DEshKWZSX8o/+vcQuB9xrX0lnrPyoiUXv1Ldb/OltYWpaoc+OevcbG/5u5zZx79DocioghukxJQl45+8Fjl/07j5QtKQ+NLSf+pX0MOS2ZvBSc+GlJSLI93rJmf8rOTCuXF396m1K8OT4tCfm4e3y6Nd4e/9ZmLiJff9UUn5KEPFqTshiy7uzrRvx/00r9+Eu2LT7mfggAAAAAANdASqmAd/qcbD3/DTlP93F1a3efMpLJO5eJzrg+4J5fT3U9Pw8nPg8PefIAAAAAANwQZu2fomYYeuWcQkwu7tN/Idxb50hbzch5nUNNM+x1PBHnQobIu87rXo/fakvB/0OKlqaoV9nfePz5D2y9tptrgtJDVLh98JN2hWrtfPyRSFPNrY732fEmclrjXzaKnPE9y1zneILn7ISRge3nT+/cfzG4H8j3+/4OuLjzTr+fFW3fdU5h5LL/3wEAAADw/jWSfr/mh+bmwFAGBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADADXMpj/RrKwx7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBV8SYAAP//pnL5HQ==")
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x88040, 0x0)

3m37.974770515s ago: executing program 0 (id=178):
r0 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x13)
tkill(r0, 0x12)
wait4(0x0, 0x0, 0xe000000b, 0x0)

3m37.707444921s ago: executing program 0 (id=180):
syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40), 0xff, 0x4b7, &(0x7f0000000640)="$eJzs3E1sG8UeAPD/OknzXr+S19f3oKVAoCAqPpI2LbQHJD4kJA6AkOBQjiZJq1K3QU2QSBXRgKpyQYJKiCsCcUFw5sCJEwJOSFw4wB1VqlAuLT0Zrb02jhN/1HXiNPn9JMcz9joz/90d78yOdwPYtEbSP0nE9oj4LSKGIiJXv8BI+en64vzEX4vzE0kUi6/8maQfi2uL8xOVRZPseVs5058+5S4m8fQK5c7MnT+dLxSmzmX5sdkzb47NzJ1/7NSZ/Mmpk1Nnx48dO3L40NEnxh/vSpz/Seu6953pfXuef+3yixPHL7/+49dJTaVr46hbAx0aiIWadVLvwS6UsJ7sqEkn/U0X7cbKpUsGI0oNdaDU/oei7+LO6ntD8dx7Pa0csKqKxWJxvPHbC0VgA0ui1zUAeqNyoL+2+MlEOgZeOg7e+K4+Ux4ApXFfzx7lQU9/daA6UDe+7ab5iDi+cOPT9BHLzkMAAHTfd2n/59Fyv2Np/y8X/69Zbmc2NzSczaXsioj/RsTuiPhfRGnZOyLizpssf6Quv7z/k7vSUWBtSvt/T2ZzW5VHVm5lkeG+LLejFP9AcuJUYepgtk4OxMBgmj+04n9PojQJFL982Kj8kZr+X/pIy6/0BbN6XOkfXPqZyfxs/pYDz1x9N2Jv/0rxZxN42RzWnojY22EZpx7+ct/SV/qqqdbxN9F8nqktxc8iHipv/4Woi78iaT4/OfavKEwdHKvsFcv99POllxuVf0vxd0G6/beuuP9X4x9OaudrZ5b9iy2tyrj0+/sNxzQjEU9FB/v/luTVJYW/nZ+dvVGM2JK8sOz1czUnuCv50vOhcvwH9q/c/nfFP2virohId+K7I+KeiLg323b3RcT9EbG/Sfw/PPvAG03i7+n2j6/K31Btbf/KdijvCNU9olWi7/T33zYqvr3vvyOl1IHslcn87ECrsNqtYIdrDQAAAG4ruYjYHklutJrO5UZHy7/h3x1bc4XpmdlHTky/dXayfI3AcAzkKme6hrJ8ZOc/h8v50uh7PMpD9AvZ+dLD2Xnjj/v+XcqPTkwXJnsdPGxy2xq0/9Qffb2uHbDq2p5H27669QDWXrP2//nRNawIsOY6/x1NF36BA/RUi1bshg2wgTmKw+a1Uvu/0IN6AGuv8fF/StcANrhqI/+ojYVrLveqv3gTuP04yMPm1br9v7Ra978Ceqf9q/jXSyJJlrwSX0Q0/1TS+zp3kPhgfVSjcSJyjd4avNkbRPQkkV8f1WiVqDTUufOn+9u+q8Vc8UK+UPj1m1spvbffSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3ydwAAAP//zlHgaA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000000)=""/39, 0x27)

3m37.019616471s ago: executing program 0 (id=185):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000100)={&(0x7f0000000780)={{@my=0x0, 0x6}, {@my=0x1, 0x2}, 0x400, "48bf816f7c313f77de39effa20fe9b0aa816d0f2fdd7ab12687d198a3235de4713139abfe788d3257516bbd9a90d3be61a63ee5050e7c7f6d4519c8193d0be59a662ba6ea7ffc169880970aef4baabd33cd90e14e5b0e2e48c2214854a6bf9cc90b72521c5f6adfa8fc6438b25d685db27883e2ceeab645cfe4cb0473e5d1c298a9b65616fb838f81c1bb470161014da66028d743ceb2eda884d722953e767adceb422c64e795eef5668873e9508242a983ad4df2582f5a49cbd736ed40f14e85b279ba6a0ecd15e91148e4d36dcdad06fc2af5ac90b90a2407aae3b9b5efe3d91ba931467374eb62342c23beb80c4b8a06ef19203cabb95e8c453c070d2e3bccb8b5a316af04a93bcaf88a41e5b4d491efedfe2550e44715c1dc6b9ed795b7eee0c877b5208a1ac9ec773a4e692ca67af8a83ad5ab82ddb628538032b708419dc6fa76ec56c9d416453f6b5ca87db9a4b03aa09422d9bc46b9dce40cedeb00da91eb7d48ea4583442308beb4074d62ed61e45f6a0ac6f3290e80e81f44c415d56d649be45bd46bdc9db507bb116cce840d32576c9bcbd41d0e88c18a37a2675827e8a6929f07e8da59bff204b965cd416333b2fea8f8b5bed55eded619c52924a3e30a0d579047ff2a2bf72a70524501537d889bcb92bb5559bfb097edac01e623d7b706cf673b17df77c9ad5a4e5ac2837af7aa17adf3a89cdd4af738f3131442a6d86270e3b132737208e579b941eb6f7826e8b3048d61c2d0000715c0ca59d8fbb162574eb0d11ee1f86d82ac046a857ab9189dfd0637d1f1ca29689fcffb8613296d541f3cc3f27b3a37c5bc6f0dea29bf7fd8b58531a70b0ae28c56f2459cc72273b82a579fd5a97ee3e6ae858247a11b5ac39b6c1b15cbabd201ebcea4171de2d7f73d1e4484bc1b78f30325bc045269aa50db31b0f665de34b6f70724afa41cd768b25454b409781d34e4d624f91936f1a0cd50ab0b921498b4563ed8c3c54002598891b2230e113c4e6777a1a896b1f4c3ad602cca3eafed0c32eaeec7a994742f4b147d0090b111a93b42720efb2b85b9ad0fbfff021cf813c52b3604bfdfef4ff6935a2100b69b897baca6b180a92081cb3d7d19ba5f49e6b83ef46529e235a5c8fdaebab7a37dd4c2c7b684de98422b5172c88c02abbe5d66851003c6b13c8d795f3a5405a08235b429d6eaaf4366191d6dc9193e724765f18917b39d405e8481e1402a314ce0a760e8e2339afc83580f30297c413856799e9d764abf664bd4de655882400a150ea866c74c51e38e5ac4f3469814fed27134a0fca68b3ec07434f186e061b286b2709bb76f50484fa124f90e219816660835cf781076521147240173a3ba561be6273390bd232f4ad95cb190430b2d5600543ce506447b0dd93f79fde1d1e9b149cac6e8112f16303ff3682305d22ae8b400937"}, 0x418, 0x7})

3m35.548241808s ago: executing program 0 (id=192):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000540)=[{&(0x7f00000000c0)="7927393059dab7272a842d1a8644", 0xe}, {&(0x7f0000000080)="b91b0711", 0x4}], 0x2, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
splice(r0, 0x0, r2, 0x0, 0x12, 0x4)

3m34.873415518s ago: executing program 32 (id=192):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000540)=[{&(0x7f00000000c0)="7927393059dab7272a842d1a8644", 0xe}, {&(0x7f0000000080)="b91b0711", 0x4}], 0x2, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
splice(r0, 0x0, r2, 0x0, 0x12, 0x4)

2m29.09388939s ago: executing program 1 (id=651):
recvmmsg(0xffffffffffffffff, &(0x7f0000006bc0)=[{{0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000002ac0)=""/11, 0xb}, {&(0x7f0000002c80)=""/4096, 0x1000}], 0x2}, 0x94}], 0x1, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

2m28.873474733s ago: executing program 1 (id=653):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000100)={[{@acl}, {@heartbeat_none}, {@dir_resv_level={'dir_resv_level', 0x3d, 0x3}}, {@coherency_full}, {@coherency_full}, {@localflocks}, {@coherency_full}, {@inode64}]}, 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_RESVSP(r0, 0x80106f05, &(0x7f00000000c0)={0x0, 0x4, 0x32, 0x100000000})

2m27.449026067s ago: executing program 1 (id=660):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="4d7e2bbd7000fbdbdf252a0000000c00050000000000000000000a0001007770616e3000008008002f00040000000500370004000000050036"], 0x44}, 0x4, 0x700000000000000, 0x0, 0x4}, 0x8850)

2m26.933261598s ago: executing program 1 (id=664):
syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40), 0xff, 0x4b7, &(0x7f0000000640)="$eJzs3E1sG8UeAPD/OknzXr+S19f3oKVAoCAqPpI2LbQHJD4kJA6AkOBQjiZJq1K3QU2QSBXRgKpyQYJKiCsCcUFw5sCJEwJOSFw4wB1VqlAuLT0Zrb02jhN/1HXiNPn9JMcz9joz/90d78yOdwPYtEbSP0nE9oj4LSKGIiJXv8BI+en64vzEX4vzE0kUi6/8maQfi2uL8xOVRZPseVs5058+5S4m8fQK5c7MnT+dLxSmzmX5sdkzb47NzJ1/7NSZ/Mmpk1Nnx48dO3L40NEnxh/vSpz/Seu6953pfXuef+3yixPHL7/+49dJTaVr46hbAx0aiIWadVLvwS6UsJ7sqEkn/U0X7cbKpUsGI0oNdaDU/oei7+LO6ntD8dx7Pa0csKqKxWJxvPHbC0VgA0ui1zUAeqNyoL+2+MlEOgZeOg7e+K4+Ux4ApXFfzx7lQU9/daA6UDe+7ab5iDi+cOPT9BHLzkMAAHTfd2n/59Fyv2Np/y8X/69Zbmc2NzSczaXsioj/RsTuiPhfRGnZOyLizpssf6Quv7z/k7vSUWBtSvt/T2ZzW5VHVm5lkeG+LLejFP9AcuJUYepgtk4OxMBgmj+04n9PojQJFL982Kj8kZr+X/pIy6/0BbN6XOkfXPqZyfxs/pYDz1x9N2Jv/0rxZxN42RzWnojY22EZpx7+ct/SV/qqqdbxN9F8nqktxc8iHipv/4Woi78iaT4/OfavKEwdHKvsFcv99POllxuVf0vxd0G6/beuuP9X4x9OaudrZ5b9iy2tyrj0+/sNxzQjEU9FB/v/luTVJYW/nZ+dvVGM2JK8sOz1czUnuCv50vOhcvwH9q/c/nfFP2virohId+K7I+KeiLg323b3RcT9EbG/Sfw/PPvAG03i7+n2j6/K31Btbf/KdijvCNU9olWi7/T33zYqvr3vvyOl1IHslcn87ECrsNqtYIdrDQAAAG4ruYjYHklutJrO5UZHy7/h3x1bc4XpmdlHTky/dXayfI3AcAzkKme6hrJ8ZOc/h8v50uh7PMpD9AvZ+dLD2Xnjj/v+XcqPTkwXJnsdPGxy2xq0/9Qffb2uHbDq2p5H27669QDWXrP2//nRNawIsOY6/x1NF36BA/RUi1bshg2wgTmKw+a1Uvu/0IN6AGuv8fF/StcANrhqI/+ojYVrLveqv3gTuP04yMPm1br9v7Ra978Ceqf9q/jXSyJJlrwSX0Q0/1TS+zp3kPhgfVSjcSJyjd4avNkbRPQkkV8f1WiVqDTUufOn+9u+q8Vc8UK+UPj1m1spvbffSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3ydwAAAP//zlHgaA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000000)=""/39, 0x27)

2m25.632131494s ago: executing program 1 (id=670):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[], 0x28}}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00a717cf64394a00dc299b573660f498c4d99aac48af10923f703f53e58070c2bf4575228d0e471df7101ac03b8d48a1b0fc276e395f25b63e9a27cd2ab98888989eec154d97b4dbcf"], 0x1, 0xa09, &(0x7f0000001540)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EW7WzU7+/eMemZt73h2fj+ptqa6aqaqZ3t6erq7qhIwthpLf+fnp6uULr3z5tG/P/y3LYtLnmiXaC39nexINVNKVU5Phtf7cGI5vv7Raye7xVWaW/pb0umZa+3nbkspnU/70uXUSnsuXXnjvbmnj184dnH/+28dvnpn1h4AAMbLty4fnt/9lz/dv/Pjtx84kja1l5fj81ZOb8/H/UfygX85/m+k1emqI3SaCuUmc2iEchNdynXW0wzlJnvUPxVet9mj3Kaa+ic6lnVbbxhlZTtupaoxsyrdaMzMLP8mT0u/66eqmbOnz7xwbkgNBW67fz6YUtonCMI4hoUdw94DASyL1wtvcj6eWbg17Veb7K/+a082uj8fboP13v7VP1r1/+qCPQ63z0bdmsp6lc/R9pyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JdW7HWvVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEBd61439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvVyu/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdav3xfmK4m/3+xLOnvvL8c1eW7/+v2tv/jby978vpVv5sXc4FyvnCeF69fe9/a3U9jR7l7g3tuadL+aXHu1aXq3atvE7q2M/c1I7p1c/b0avc3tXlWqHclhw2h/bG45Ot4Xnl+KPsV8v7NRnWtxnWYyq0o+xXduY4tgPWomyPve7/L9vndGpWL5w+c+rxnC7b6R8nmpsWlx9Y53YDt67f/j/TaXX/n+3t5c1G535hx8ryqnO/0ArL53osP5jT5XvuOxNblpbPnPzemedv98rDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcabMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh3Xz3Ye3QMbycqX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YLn//0r/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/KUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdw0XspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQxu5/dajO+Gw1xHo7h/G/xaEsQ0LC2bxAO4Ow57/s5z3LPHZP3xz82Ioxa49uXp/GccvhVtxt88/qf6NNf9ne/67vvd/Yca81trq/ffPrn7QUW3a02/9cf3LONC7Bqv/41x/WZtHUn/1L/wi1B8vCPXpP6H+rX3Wf9P6711b/f/N9Ze37dGH+q1/ucVVY3U74nnjcv0vnjcurof1L2N7Drz+a5yo8UauH8bZqMwzO6hRmf+3l3gfxpdyuuwIy30Ocb6TQdtf7q8o3wO7w+tXNd9v5v8dbV/Lcd3nocz/W7bHVpd0oyPd7PLebtR9DYyqD13/E4SxDQsLC3f2hFaNoVbO0N//Yf9OGHb9w37/68T5f+MxfJz/N+bH+X9jfpz/N+bH+fVifpz/N76fcf7fmH9feN04P/B0Tf4na/L31OTfX5O/tyb/UzX5+2vyH6jJf7Am/96a/Idq8j9Tk//ZmvyHa/Ifrcn/XE3+Rlf6o4zr+sM4i/3zfP5hfJTrP70+/7tq8oHR9dO3Dzz13G++3Vru/z/VPh9SruMdyelm/u38o5yO171TR3ox792c/mvIv9vPd8A4ieNnxO/3R2rygdFV7vPy+YYxVHUfsaffcat6HeczWj6f4y/k+Is5fizHMzmezfGBHM+tU/u4M5769e8Ov16t/N7fEfL7vZ889geK40Qd7LM98fzAoPezx3H8BnWr9a+xOxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQNJb+zs9PVyldeufNo88ePz27uOSJdonW0t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjcV4KqUqzaUqVe3l6Zlr7Zq2pZTOp33pcmqlPZeuvPHe3NPHLxy7uP/9tw5fvYNvAQAAAGx4/wsAAP//2XsNow==")
r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x1b5)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40186e8d, &(0x7f0000000040)={0x0, 0x42c0000000003f, 0x400, 0x200000003, 0x6, 0x3, 0x2401})

2m24.667092262s ago: executing program 1 (id=673):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000140)={{0x80a0000, 0xffff1000, 0xf000, 0x9, 0x7f, 0xe3, 0x81, 0xff, 0x0, 0x84, 0x0, 0xb}, {0xd000, 0xd000, 0x10, 0x3, 0x3, 0x7, 0x5, 0x6, 0x1, 0x4, 0xfa, 0x5}, {0xf000, 0x80a0000, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x4, 0x92, 0x80}, {0x10000, 0xeeef0000, 0xe, 0x5, 0x1, 0x40, 0x2, 0x0, 0xfa, 0x29, 0x9, 0x9}, {0xeeee8000, 0x23189000, 0xf, 0x9, 0x5, 0x2, 0x7, 0xf1, 0x7, 0x6e, 0x0, 0x8}, {0x5000, 0x1000, 0xe, 0x2, 0xad, 0x2, 0x4, 0x5, 0x1, 0xe, 0x6, 0xa}, {0x10000, 0x8080000, 0xc, 0x0, 0xcd, 0x5, 0x5, 0x22, 0x5, 0x6, 0xff, 0x6}, {0x1, 0xeeef0000, 0xd, 0xe, 0x10, 0x3e, 0x3, 0x0, 0x7f, 0x1, 0x0, 0x8}, {0x100000, 0x5}, {0x8080000, 0xfffb}, 0x80000003, 0x0, 0x6000, 0x61, 0x5, 0xa800, 0x8000900, 0x1, [0x71b, 0x2, 0x3, 0x1]})

2m24.079415956s ago: executing program 33 (id=673):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000140)={{0x80a0000, 0xffff1000, 0xf000, 0x9, 0x7f, 0xe3, 0x81, 0xff, 0x0, 0x84, 0x0, 0xb}, {0xd000, 0xd000, 0x10, 0x3, 0x3, 0x7, 0x5, 0x6, 0x1, 0x4, 0xfa, 0x5}, {0xf000, 0x80a0000, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x4, 0x92, 0x80}, {0x10000, 0xeeef0000, 0xe, 0x5, 0x1, 0x40, 0x2, 0x0, 0xfa, 0x29, 0x9, 0x9}, {0xeeee8000, 0x23189000, 0xf, 0x9, 0x5, 0x2, 0x7, 0xf1, 0x7, 0x6e, 0x0, 0x8}, {0x5000, 0x1000, 0xe, 0x2, 0xad, 0x2, 0x4, 0x5, 0x1, 0xe, 0x6, 0xa}, {0x10000, 0x8080000, 0xc, 0x0, 0xcd, 0x5, 0x5, 0x22, 0x5, 0x6, 0xff, 0x6}, {0x1, 0xeeef0000, 0xd, 0xe, 0x10, 0x3e, 0x3, 0x0, 0x7f, 0x1, 0x0, 0x8}, {0x100000, 0x5}, {0x8080000, 0xfffb}, 0x80000003, 0x0, 0x6000, 0x61, 0x5, 0xa800, 0x8000900, 0x1, [0x71b, 0x2, 0x3, 0x1]})

2m24.072427356s ago: executing program 3 (id=677):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)="cc540011881a668300111200e68f8858acd630d5f1c170b60800000000000000001700000000e0da897997e48270faf047145bc79e", 0x35}], 0x1000000000000398)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0])

2m23.851285869s ago: executing program 3 (id=679):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000023c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="06886661c1b71ac4fb2eedf3a503112f23a5102eba32aefe39ec29533facb037a44c42da0f8ce35eadfd1eb0f45d488f4dcc5b03dcb95fdd2f28db45e20e0d2f49742917b432d708d130fa3542807a5424528c91a230", 0x56}], 0x1}}], 0x1, 0x888)

2m23.653039121s ago: executing program 3 (id=681):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000002380))
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)

2m23.082721825s ago: executing program 3 (id=685):
syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40), 0xff, 0x4b7, &(0x7f0000000640)="$eJzs3E1sG8UeAPD/OknzXr+S19f3oKVAoCAqPpI2LbQHJD4kJA6AkOBQjiZJq1K3QU2QSBXRgKpyQYJKiCsCcUFw5sCJEwJOSFw4wB1VqlAuLT0Zrb02jhN/1HXiNPn9JMcz9joz/90d78yOdwPYtEbSP0nE9oj4LSKGIiJXv8BI+en64vzEX4vzE0kUi6/8maQfi2uL8xOVRZPseVs5058+5S4m8fQK5c7MnT+dLxSmzmX5sdkzb47NzJ1/7NSZ/Mmpk1Nnx48dO3L40NEnxh/vSpz/Seu6953pfXuef+3yixPHL7/+49dJTaVr46hbAx0aiIWadVLvwS6UsJ7sqEkn/U0X7cbKpUsGI0oNdaDU/oei7+LO6ntD8dx7Pa0csKqKxWJxvPHbC0VgA0ui1zUAeqNyoL+2+MlEOgZeOg7e+K4+Ux4ApXFfzx7lQU9/daA6UDe+7ab5iDi+cOPT9BHLzkMAAHTfd2n/59Fyv2Np/y8X/69Zbmc2NzSczaXsioj/RsTuiPhfRGnZOyLizpssf6Quv7z/k7vSUWBtSvt/T2ZzW5VHVm5lkeG+LLejFP9AcuJUYepgtk4OxMBgmj+04n9PojQJFL982Kj8kZr+X/pIy6/0BbN6XOkfXPqZyfxs/pYDz1x9N2Jv/0rxZxN42RzWnojY22EZpx7+ct/SV/qqqdbxN9F8nqktxc8iHipv/4Woi78iaT4/OfavKEwdHKvsFcv99POllxuVf0vxd0G6/beuuP9X4x9OaudrZ5b9iy2tyrj0+/sNxzQjEU9FB/v/luTVJYW/nZ+dvVGM2JK8sOz1czUnuCv50vOhcvwH9q/c/nfFP2virohId+K7I+KeiLg323b3RcT9EbG/Sfw/PPvAG03i7+n2j6/K31Btbf/KdijvCNU9olWi7/T33zYqvr3vvyOl1IHslcn87ECrsNqtYIdrDQAAAG4ruYjYHklutJrO5UZHy7/h3x1bc4XpmdlHTky/dXayfI3AcAzkKme6hrJ8ZOc/h8v50uh7PMpD9AvZ+dLD2Xnjj/v+XcqPTkwXJnsdPGxy2xq0/9Qffb2uHbDq2p5H27669QDWXrP2//nRNawIsOY6/x1NF36BA/RUi1bshg2wgTmKw+a1Uvu/0IN6AGuv8fF/StcANrhqI/+ojYVrLveqv3gTuP04yMPm1br9v7Ra978Ceqf9q/jXSyJJlrwSX0Q0/1TS+zp3kPhgfVSjcSJyjd4avNkbRPQkkV8f1WiVqDTUufOn+9u+q8Vc8UK+UPj1m1spvbffSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3ydwAAAP//zlHgaA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000000)=""/39, 0x27)

2m22.399620596s ago: executing program 3 (id=687):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x14, r1, 0x321, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4048000}, 0xa4)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0)

2m19.26015541s ago: executing program 3 (id=690):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x4)

2m18.645453767s ago: executing program 34 (id=690):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x4)

34.087665878s ago: executing program 4 (id=1332):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)

33.835542513s ago: executing program 4 (id=1334):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x9, 0x6, 0x3, 0x7ffcfffc}]})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000040)={0x0, 0x2}, 0x8)

33.574970019s ago: executing program 4 (id=1335):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000005304"], 0x38}, 0x1, 0x0, 0x0, 0x28040800}, 0xc000)

33.37801912s ago: executing program 4 (id=1337):
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c3"])
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setsig(0x4203, r0, 0x7, &(0x7f00000001c0)={0x5, 0xffff390e, 0x800})

33.008043022s ago: executing program 4 (id=1340):
syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000009740)='./file0\x00', 0x4000000, &(0x7f00000002c0)={[{@pquota}, {@discard}, {@swalloc}, {@grpid}, {@uquota}, {@noalign}, {@inode64}, {@attr2}]}, 0x1, 0x97ee, &(0x7f0000012f40)="$eJzs3QW8rGWheP994ACHDkGwACkxSQkD6VBESVFCkJYUEAGlQwkVFAEFFFCQ7u4u6e7u7o7/58AB8bjgcn9/74XLWuvj2bNn5t2zn3m+87zu2e9mZsl5F51zYGCcgTd68/SfnbPr7csuNuaC6x678+Dr9tphoYeGXTzyGyfjzj7sdI5hp3MODAwMGnY7g964bPBsxxw7wsDggaH/+2djjDraCGMMDIw27Oyw2xmY+Y2T0fd/c7vXhosHOunQb7f9G/9eb8yhNzL0k6WXe2WtgYGBIW/7+qHjmvbf7qi0JeeYb95/Wr3lNsKwqwf987rXTwe/8W/0fQcGRt974J0fH0O3HeltX/u/2dDvOc7kA4vf/j587/9zLTnHfAsM5z90LY447LKZh67x4degseEf5zssuvoDw6Zw0LCJG/y29fJ+PO7/n1pyjnkXHHjndTyw0Dyb3P/a6/vNwXMPDAyeZ2Bg8LwDA4Pne7896j/T+/rgq6qqqvelOeacYehz9hGG+3lgyJs/19LPhRe8PN3dAwODF3rjeeLg5d58LlhVVVVVVVVVH8zmmHOGueD5/zjv9vx/0pO3Hrfn/1VVVVVVVVX/d1pgjjlnGPpcf7jn/xO92/P/xx88dL83/vZ/9pnf+KpX3987UVVVVVVVVVXv2rwL4PP/Sd/t+f9Fx0x6ac//q6qqqqqqqv7vtMhrr7222dteZ2/YxVO/eT09/z/1vluXed8GXFVVVVVVVVX/7V595KTT/vma7xMPDPd676837PcCg4444/LL37eBfjAa9O+/D9n8/R7T/9+GOg85aNKBgbUWf7+HUu9D/2deq77+R8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9w/H/t17//9SjVnjzveA/M+UM15/0z698/b3/By+0wCNbvE9Dfz/6sB7/H1ht0MDAMN9xVhsYGFhojkUWm3pgYOCk62eYcoqBt66bZeh1Xx1vxNffIP7N/0xknnH5hjef7I3ToQ+UgfHfuo0jXr/9BV7bZ8RBww3ibY173H77rbrkczMOfzrVO9+PEd76bMxjH3zzv2UZYbiNhrzDF795+2/el+Gdh4196qFjn2b9NdeZZr2NNv7iamsuv8pKq6y01qzTzzTdjLPOOtNM06y82horTfvGx3eas0lf/zjXe5mzMYafs0fmePucDX/f3mnOJn33OXv9Fne5cMg33pyzwf/NOZvr3eds0tWGfaNxZx9pYLnX52bQwMC4c480sOHQM9ONMjAw7jzDtp1o6LZfG2+EgYGd/nlHh342yluPwUGbD91myXkXnfON3dTAwD9P/9k7vJ/9yMNGPvuw0zmGnc75xrcZZ+CfD8XBsx1z7AhD5+JfpmOMUUcbYYyBgdGGnR12OwOzvnEy2slvbvcO77M+3EBff5mV7d/493pjDgwMjD70k4mXP3WboVP/v/A+7f9P////b16zDHrr8Tho2L9h27zhNcd8C/zze70+DUPnbsRhl8081OQ//Nb2/9K/jXfSIQOTvst43+V1cV6PHl9rnDTBlv+p18Wh8U70LuN9l9fxfcfxLnH37g+8cVP/sfEOt69b8PWPs7+Xfd3Au+/rRqQbWOmSTw2/r/vWOw/xX3aXb87RKMNt9E77uon2nGTzobc/+7vv6xYcOvaR/mVfN8LAwLhzvbmvG7rjm3ekgZ2Gnpl+6Jn5Rho4YOiZGV4/M+rAGUPPfGmFtddYcegF8//742DqQf/yB5qwzuYdbp0Nett9HzTc33cOfuN09H3ffA+nd9hvDhp2t/7LfQU9bsd5l/G+y/tP4TwPvWzFI4dM8J96/yka75B3H+87vV/2O453x2dPvf0/PN631tlIb5uu+d/LOpv0X9fZ0Ls44ttWxnv9OWxF2P6Nzyd669Y22PTBt36mGGm42/2vfqaY/93X2TirDfd12+09MOjd5ma+9zI3n/y3fdAWb5+b9/rz1tSTv3H9iO8yN6PMuuxUb87NyP/NuZnvvzs3sw+M+K9zM3hgnoGBgSmG7R/mfS9zM9G7z817fdyMBtu/8flKb1009w4Hnffm3Aw/F//V3Mz7352bSd963Ezx+nWTjTAw8sgDGy6//vrrTvfGxzfPTv/Gx3dfg3O/l7kc5z8zlx8f/E5z+c+H6hh3X7rvf7EG/22f/ubtz/3fncuBt+ZyYLXhF0t9UOv3f+7yd5e/u/zd5e8uf3f5i3uH4/9vvf7/buN8dedhv9wY6dJJJtz2/R7v+9yH+vj/MN9/Of6/7YSTXDrCwFvXvevx2Te2+UAen535jZPR939zu+GPD/JA3/n47N6zzrz1/9Lx2f+n3lyr7+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uLe4fj/tG/+HcB90y385LADoSM9tNVSC7/f432f+1Af/x/m+y/H/xdeaquHRhh467p3Pf7/xjaO4/93vjTvjh/k4/9vrtWO/9d/Uf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+4djv/P/ubfARx66O4bv/n3AFePu/1J7/d43+c+rMf/e/9/b+3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uKGHf8fGO7tLb/b4wKD4///t3sH/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+v8wfs/j/Kn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/r/OH7P4/yZ/zOL/2/wxi/9O+WMW/53zxyz+v8sfs/j/Pn/M4r9L/pjF/w/5Yxb/XfPHLP675Y9Z/HfPH7P4/zF/zOL/p/wxi/8e+WMW/z3zxyz+e+WPWfz/nD9m8f9L/pjFf+/8MYv/PvljFv9988cs/n/NH7P4/y1/zOK/X/6YxX///DGL/9/zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvH/R/6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9J/AcN5I9Z/Aflj1n8R8gfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yd70H/I+jesDmsV/8tY/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfxnyx+z+H8jf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfzxyz+38ofs/gvmD9m8f92/pjFf6H8MYv/d/LHLP7fzR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fyx+z+C+ZP2bx/37+mMX/B/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9h/pjFf7n8MYv/8vljFv8f5Y9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/OH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/JH7P4r5s/ZvFfL3/M4r9+/pjF/6f5Yxb/DfLHLP4/yx+z+G+YP2bx3yh/zOK/cf6Yxf/n+WMW/1/kj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/2X+mMX/V/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f91/pjF/zf5Yxb/3+aPWfx3yh+z+O+cP2bx/13+mMX/9/ljFv9d8scs/n/IH7P475o/ZvHfLX/M4r97/pjF/4/5Yxb/P+WPWfz3yB+z+O+ZP2bx3yt/zOL/5/wxi/9f8scs/nvnj1n898kfs/jvmz9m8f9r/pjF/2/5Yxb//fLHLP77549Z/P/+r/73/q+P6wOaxf+A1j9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6YxP/18v/3JP6DLs4fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/mPTBda/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljEv/XP83/37P4D8ofs/iPkD9m8R8xf8ziPzh/zOI/Uv6YxX/k/DGL/yj5Yxb/IfljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfw/kj9m8R8/f8ziP0H+mMX/o/ljFv8J88cs/hPlj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfOH/M4j9J/pjFf9L8MYv/p/PHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/zP5Yxb/qfPHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP03+mMV/2vyxQefsOtLAwMCH3n+6/DHL+p8+f8ziP0P+mMV/xvwxi/+X88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/5X8MYv/V/PHLP5fyx+z+H89f8ziP1v+mMX/G/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mT9m8f9W/pjFf8H8MYv/t/PHLP4L5Y9Z/L+TP2bx/27+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/17+mMV/yfwxi//388cs/j/IH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/PHLP7L5Y9Z/JfPH7P4/yh/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/cf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/Sf6YxX/d/DGL/3r5Yxb/9fPHLP4/zR+z+G+QP2bx/1n+mMV/w/wxi/9G+WMW/43zxyz+P88fs/j/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/EQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfwHD+SPWfwHvTf/kf/HxvUBzeI/Qusfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v+Z/DGL/9T5Yxb/z+aPWfw/lz9m8f98/pjF/wv5Yxb/L+aPWfy/lD9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/nD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/9nyxyz+38gfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOL/zfwxi/+38scs/gvmj1n8v50/ZvFfKH/M4v+d/DGL/3fzxyz+C+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL//fyxyz+S+aPWfy/nz9m8f9B/pjFf6n8MYv/0vljFv9l8scs/svmj1n8f5g/ZvFfLn/M4r98/pjF/0f5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/j/PHLP6r549Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/T/LHLP7r5o9Z/NfLH7P4r58/ZvH/af6YxX+D/DGL/8/yxyz+G+aPWfw3yh+z+G+cP2bx/3n+mMX/F/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfx/mT9m8f9V/pjFf7v8MYv/9vljFv8d8scs/jvmj1n8f50/ZvH/Tf6Yxf+3+WMW/53yxyz+O+ePWfx/lz9m8f99/pjFf5f8MYv/H/LHLP675o9Z/HfLH7P4754/ZvH/Y/6Yxf9P+WMW/z3yxyz+e+aPWfz3yh+z+P85f8zi/5f8MYv/3vljFv998scs/vvmj1n8/5o/ZvH/W/6YxX+//DGL//75Yxb/v+ePWfwPyB+z+B+YP2bxPyh/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4v+P/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH5P4jzSQP2bxH5Q/ZvEfIX/M4j9i/pjFf3D+mMV/pPwxi//I+WMW/1Hyxyz+Q/LHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/h/JH/M4j9+/pjFf4L8MYv/R/PHLP4T5o9Z/CfKH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/cf6YxX+S/DGL/6T5Yxb/T+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/2fyxyz+U+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+33X5D36vG1r8F3b5v+cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfxHHsgfs/gPyh+z+I+QP2bxHzF/zOI/OH/M4j9S/pjFf+T8MYv/KPljFv8h+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/D+SP2bxHz9/zOI/Qf6Yxf+j+WMW/wnzxyz+E+WPWfw/lj9m8f94/pjF/xP5Yxb/T+aPWfw/lT9m8Z84f8ziP0n+mMV/0vwxi/+n88cs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/M/ljFv+p88cs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fzl/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxn/2/9h/lf3RcH9As/nO0/jGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/N/PHLP7fyh+z+C+YP2bx/3b+mMV/ofwxi/938scs/t/NH7P4L5w/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/t/LH7P4L5k/ZvH/fv6Yxf8H+WMW/6Xyxz6k/oOGsx556fyxD6n/6719/S+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD826JxBw2bmw+2/Yv6YZf2vlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH7P4/y5/zOL/+/wxi/8u+WMW/z/kj1n8d80fs/jvlj9m8d89f8zi/8f8MYv/n/LHLP575I9Z/PfMH7P475U/ZvH/c/6Yxf8v+WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V79F/8P/UuD6gWfyvbv1jFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+Q+MCpdZ/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf0ziP8pA/pjFf1D+mMV/hPwxi/+I+WMW/8H5Yxb/kfLHLP4j549Z/EfJH7P4D8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+b/7CG/Ms5i/94+WMW/4/kj1n8x88fs/hPkD9m8f9o/pjFf8L8MYv/RPljFv+P5Y9Z/D+eP2bx/0T+mMX/k/ljFv9P5Y9Z/CfOH7P4T5I/ZvGfNH/M4v/p/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4T5U/ZvH/TP6YxX/q/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+X84fs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/9s+WMW/2/kj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+C+QP2bx/2b+mMX/W/ljFv8F88cs/t/OH7P4L5Q/ZvH/Tv6Yxf+7+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/826N8jwuK/bdqYxf+X+WMW/1/lj1n8t8sfs/hvnz9m8d/hDf9XXnu/xvUBzeK/Y+sfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx//N78h/pf25cH9As/n9p/WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj8m8R8ykD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+SP2bx/+q7+u/+Pz+uD2gW/6+1/jGL/9fzxyz+s+WPWfy/kT9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf+b+WMW/2/lj1n8F8wfs/h/O3/M4r9Q/pjF/zv5Yxb/7+aPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+WPWfyXzB+z+H8/f8zi/4P8MYv/UvljFv+l88cs/svkj1n8l80fs/j/MH/M4r9c/pjFf/n8MYv/j/LHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f549Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv+f5I9Z/NfNH7P4r5c/ZvFfP3/M4v/T/DGL/wb5Yxb/n+WPWfw3zB+z+G+UP2bx3zh/zOL/8/wxi/8v8scs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8yf8zi/6v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx/3P+mMX/L/ljFv+988cs/vvkj1n8980fs/j/NX/M4v+3/DGL/375Yxb//fPHLP5/zx+z+B+QP2bxPzB/zOJ/UP6Yxf/g/DGL/yH5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/x/5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v/Au/mP9b8wrg9oFv8HW/+Yxf+h/DGL/8P5Yxb/R/LHDP6DBg8MeTR/zOA/dP0/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/JvEfdSB/zOI/KH/M4j9C/pjFf8T8MYv/4Pwxi/9I+WMW/5Hzxyz+o+SPWfyH5I9Z/EfNH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8f9I/pjFf/z8MYv/BPljFv+P5o9Z/CfMH7P4T5Q/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvH/VP6YxX/i/DGL/yT5Yxb/SfPHLP6fzh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/z+SPWfynzh+z+H82f8zi/7n8MYv/5/PHLP5fkPlP9x63s/h/Ueb/XrP4fyl/zOI/Tf6YxX/agYHN3q8hfZCz+E/X+scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+380fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+38sfs/gvmT9m8f9+/pjF/wf5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Yf6YxX+5/DGL//L5Yxb/H+WPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/zh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/yR+z+K+bP2bxXy9/zOK/fv6Yxf+n+WMW/w3yxyz+P8sfs/hvmD9m8d8of8ziv3H+mMX/5/ljFv9f5I9Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9l/pjF/1f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/df6Yxf83+WMW/9/mj1n8d8ofs/jvnD9m8f9d/pjF//f5Yxb/XfLHLP5/yB+z+O+aP2bx3y1/zOK/e/6Yxf+P+WMW/z/lj1n898gfs/jvmT9m8d8rf8zi/+f8MYv/X/LHLP57549Z/PfJH7P475s/ZvH/a/6Yxf9v+WMW//3yxyz+++ePWfz/nj9m8T8gf8zif2D+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljH17/PS5826WjnpI/9uH1/9f1f2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4/yN/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHJP6jDeSPWfwH5Y9Z/EfIH7P4j5g/ZvEfnD9m8R8pf8ziP3L+mMV/FJX/qO95S4v/EJX/e8/iP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL/0fyxyz+4+ePWfwnyB+z+H80f8ziP2H+mMV/ovwxi//H8scs/h/PH7P4fyJ/zOL/yfwxi/+n8scs/hPnj1n8J8kfs/hPmj9m8f90/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Jn/M4j91/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/L+ePWfxnyh+z+M+cP2bxnyV/zOI/a/6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6YxX+2/DGL/zfyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4fzN/zOL/rfwxi/+C+WMW/2/nj1n8F8ofs/h/J3/M4v/d/DGL/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+9/DGL/5L5Yxb/7+ePWfx/kD9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/x/mj1n8l8sfs/gvnz9m8f9R/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J/8Nv8R3o9xfUCz+J/S+scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/z/yxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+LQv9R38M2Fv+XhP7vJYv/y/ljFv9X8scs/q/mj1n8X8sfk/iPPpA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8kf8ziP37+mMV/gvwxi/9H88cs/hPmj1n8J8ofs/h/LH/M4v/x/DGL/yfyxyz+n8wfs/h/Kn/M4j9x/pjFf5L8MYv/pPljFv9P549Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8Z97SP6Uxf9rrX/M4v/1/DGL/2z5Yxb/b+SPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvH/Zv6Yxf9b+WMW/wXzxyz+384fs/gvlD9m8f9O/pjF/7v5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjF/3v5Yxb/JfPHLP7fzx+z+P8gf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+P8wfs/gvlz9m8V8+f8zi/6P8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/x/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMX/J/ljFv9188cs/uvlj1n8188fs/j/NH/M4r9B/pjF/2f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/zx/zOL/i/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/zB+z+P8qf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v84fs/j/Jn/M4v/b/LEPnf/bkN/uv1P+2IfO/x3W/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP/am/8CQgYEPs/8p+WOW9X9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8jf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB9z+Cf/Tjn8B0Z/qEcBZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/MQbyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xWN/u/hDlv8VzL6v4cs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/LEPt//tb146xq35Yx9u/7ca47b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+2IfUf8rhLh3jvvyxD6n/6719/d+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+T+I85kD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLH/sV/2GXjvM9j+v/VO/jPmj9mWf9fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjF/5v5Yxb/b+WPWfwXzB+z+H87f8ziv1D+mMX/O/ljFv/v5o9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv/v5Y9Z/JfMH7P4fz9/zOL/g/wxi/9S+WMW/6Xzxyz+y+SPWfyXzR+z+P8wf8ziv1z+mMV/+fwxi/+P8scs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH/uw+g8Zzv93+WMfVv+B4fx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/7hvff/H95XB/QLP73t/4xi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMR/rIH8MYv/oPwxi/8I+WMW/xHzxyz+g/PHLP4j5Y9Z/EfOH7P4j5I/ZvEfkj9m8R81f8ziP1r+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6Yxf8j+WMW//Hzxyz+E+SPWfw/mj9m8Z8wf8ziP1H+mMX/Y/ljFv+P549Z/D+RP2bx/2T+mMX/U/ljFv+J88cs/pPkj1n8J80fs/h/On/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P5M/ZvGfOn/M4v/Z/DGL/+fyxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/5fzxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOI/W/6Yxf8bav/lRn+nayz+s6v93zmL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv9v5o9Z/L+VP2bxXzB/zOL/7fwxi/9C+WMW/+/kj1n8v5s/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8v5c/ZvFfMn/M4v/9/DGL/w/yxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfx/nD9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfx/kj9m8V83f8ziv17+mMV//fwxi/9P88cs/hvkj1n8f5Y/ZvHfMH/M4r9R/pjFf+P8MYv/z/MfGBgY9d8usfj/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/sQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP7Y/8fO3Yd7Xdd3HP9xT5azT7sudWnDoTHXZiQyGrUQFcXjzSkTzbxHPQLJjdxIgCmw0Uodmy51s2ATC8ecrVricHPdrWhY1myN2FrlFNfCGHOwyJyx68A5BGdvz7XzZd+vm+/H4w/O+f2O71/K83r5+3lxXWXpf5j+oSz9D9c/lKX/z+gfytL/1fqHsvQ/Qv9Qlv5H6h/K0v81+oey9P9Z/UNZ+g/TP5Sl/1H6h7L0/zn9Q1n6D9c/lKX/0fqHsvQ/Rv9Qlv6v1T+Upf8I/UNZ+v+8/qEs/Y/VP5Sl/y/oH8rS/3X6h7L0/0X9Q1n6/5L+oSz9j9M/lKX/6/UPZek/Uv9Qlv5v0D+Upf/x+oey9B+lfyhL/xP0D2XpP1r/UJb+v6x/KEv/MfqHsvR/o/6hLP1/Rf9Qlv5j9Q9l6f8m/UNZ+r9Z/1CW/r+qfyhL/7foH8rSf5z+oSz9T9Q/lKX/eP1DWfqfpH8oS/+T9Q9l6X+K/qEs/SfoH8rS/1T9Q1n6n6Z/KEv/ifqHsvQ/Xf9Qlv5t+oey9D9D/1CW/mfqH8rS/yz9Q1n6n61/KEv/dv1DWfq/Vf9Qlv5v0z+Upf85+oey9H+7/qEs/c/VP5Sl/yT9Q1n6n6d/KEv/8/UPZen/Dv1DWfpfoH8oS/936h/K0v9C/UNZ+l+kfyhL/4v1D2Xpf4n+oSz9L9U/lKX/ZfqHsvS/XP9Qlv6T9Q9l6X+F/qEs/a/UP5Sl/1X6h7L079A/lKX/1fqHsvSfon8oS/+p+oey9J+mfyhL/3fpH8rS/xr9Q1n6T9c/lKX/DP1DWfrP1D+Upf8s/UNZ+l+rfyhL/9n6h7L0n6N/KEv/ufqHsvSfp38oS//r9A9l6T9f/1CW/u/WP5Sl/wL9Q1n6L9Q/lKX/Iv1DWfpfr38oS//36B/K0v8G/UNZ+t+ofyhL/8X6h7L0X6J/KEv/pfqHsvT/Nf1DWfr/uv6hLP2X6R/K0v+9+oey9P8N/UNZ+r9P/1CW/u/XP5Sl/036h7L0v1n/UJb+t+gfytL/N/UPZem/XP9Qlv6/pX8oS//f1j+Upf+t+oey9L9N/1CW/r+jfyhL/w/oH8rS/3b9Q1n636F/KEv/O/UPZen/u/qHsvT/Pf1DWfrfpX8oS/8P6h/K0v9D+oey9F+hfyhL/5X6h7L0/339Q1n6/4H+oSz979Y/lKX/Kv1DWfrfo38oS/8P6x/K0v8j+oey9F+tfyhL/3v1D2Xp/4f6h7L0X6N/KEv/P9I/lKX/ffqHsvT/Y/1DWfrfr38oS/+P6h/K0v9P9A9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/qH8rS/5P6h7L0f0D/UJb+a/UPZen/oP6hLP3/TP9Qlv7r9A9l6f+Q/qEs/f9c/1CW/n+hfyhL/4f1D2Xp/5f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Sv9Qlv6f1z+Upf8X9A9l6b9e/1CW/l/UP5Sl/1/rH8rSf4P+oSz9H9E/lKX/l/QPZen/Zf1DWfo/qn8oS/+v6B/K0v+r+oey9P8b/UNZ+j+mfyhL/6/pH8rS/2/1D2Xp/3X9Q1n6/53+oSz9N+ofytL/G/qHsvTfpH8oS/+/1z+Upf8/6B/K0v+b+oey9P9H/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/7j+oSz9/0n/UJb+T+gfytL/Sf1DWfpv1j+Upf9T+oey9P9n/UNZ+n9X/1CW/v+ifyhL/+/pH8rSf4v+oSz9n9Y/lKX/9/UPZem/Vf9Qlv7/qn8oS/9t+oey9P83/UNZ+j+jfyhL/3/XP5Sl/3b9Q1n679A/lKX/f+gfytL/B/qHsvTfqX8oS/8f6h/K0v9Z/UNZ+v9I/1CW/s/pH8rS/z/1D2Xp/7z+oSz9f6x/KEv/XfqHkvR/ZUv/UJb+/fQPZenfX/9Qlv4D9A9l6T9Q/1CW/oP0D2XpP1j/UJb+Q/QPZek/VP9Qlv4v0z+Upf9B+oey9H+5/qEs/V+hfyhL/4P1D2Xp/1P6h7L0P0T/0EuuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP81cxcuumby9Okdc3zjG9/4Zu83L/a/mQAAgP9tP/nQ/2L/nQAAAAAAAAAAAAAAAAAAAEBeTfzfib3Y/4wAAAAAAAAAAAAAAPD/XVv7SVsH9NvvqQH7PnjNox27v47eecHU1asfLN1fu358ZvCS/fd9sGvXrl0rnxk3oevhkFar1fm/9squx0N7Hne+/pJhKw7f86iM//ydj1866eCz5qy9beA3Vt7S/vSg3c8Oal1+9bTpHW/o32qVUwa1FnQ+OL5fq1VOG9S6tfPBqM4HEwe11nQ+OGH3g5e1PtP54PVXzpp+VecTp1f+PYOXirb2Ja0B+y22td+/Dfbd/5JhT0zt/trLS3a/2sBW1/6Hr/3SYT1+1u0F9t/9+uWknvvv8z8g8IL6tv9nN3V/7eUl/9v7/4c37FwU/eyF99/9+uVk+4f6BJ//99toz8/9PT7/HxW85N77E4duuL1z/23n3Xdk11MD/yef/3/y+uWUnvvvv9/n/87P8RO6P/8PabXKqQf42wGptLUv3drb+3/v+x/46h43/fbd/z1f2fyKzv3f+1xrWddTg/q4/wm9vf/f1OPvFeibtvZVu3q8//dh/60RwUvu3f+WtQfv/vy/+f4rD93nZ33Z/6k99z9y3oxrR85duOi4aTMmT+mY0jFz7Kgxx48eO3bMmJG7PxHs+fUAf1MgiQN7/28d1OOmX6vVsfd+/X23TOjc/7aHln2k66mhfdz/ab2+/x/l/R9Cw/u3Bg9uLZg8b96c4/f82v1w1J5f9/xlwf778N//Rx/b9Zd1/5lhv1br8L33Iy4dO6Rz/9fPLuu6nhrcx/1P7HX/4/f/s0qgbw7w/f+qHjf77f/ELTfO79z/MT941eaup/r63/+n97r/u73/w4Foa2/V+ibauf8Thiw9o9p1afPnf1CfJvY/bPutO6pdlzPsH+rTxP4nLX/zFdWuy5n2D/VpYv8PzrhsebXrcpb9Q32a2P/zP73jiGrX5Wz7h/o0sf/HvvvU6mrXpd3+oT5N7P+Dd7WfUO26vNX+oT5N7P+46344rtp1eZv9Q32a2P/VLz93TbXrco79Q32a2P8Zu04+tNp1ebv9Q32a2H+/pd9bUu26nGv/UJ8m9v/k5OWzql2XSfYP9Wli/2uGjXi22nU5z/6hPk3sf9nTb5xY7bqcb/9Qnyb2/9U7VjxW7bq8w/6hPk3s/xMXv2pFtetygf1DfZrY/4+GP3RQtevyTvuH+jSx/40b1zxQ7bpcaP9Qnyb2v3LNgOHVrstF9g/1aWL/i0+f8mi163Kx/UN9mtj/6DFfvqjadbnE/qE+Tez/8M9966lq1+VS+4f6NLH/cx+eP7fadbnM/qE+Tex//hEf/3G163K5/UN9mtj/WzqOmFrtuky2f6hPE/svtx20sdp1ucL+oT5N7P/CbavGV7suV9o/1KeJ/a875Asfq3ZdrrJ/qE8T+98+e+bYatelw/6hPk3s/zvvXfy+atflavuH+jSx/9uf+3qpdl2m2D/Up4n9bxl14cXVrstU+4f6NLH/VWc980i16zLN/qE+Tex/+brH51W7Lu+yf6hPE/tfv/7MJ6pdl2vsH+rTxP6PGTHy4GrXZbr9Q32a2P+sC5Z9qNp1mWH/UJ8m9n/K/Xe8ttp1mWn/UJ8m9j/0a+M+We26zLJ/qE8T+//0uPd/qtp1udb+oT5N7H/H+KOPrXZdZts/1KeJ/W96YNSd1a7LHPuH+jSx/w88clfF6zLX/qE+Tex/9uue31btusyzf6hPE/t/06TzF1a7LtfZP9Snif0fevfEL1a7LvPtH+rTxP4v+fb3z6l2Xd5t/1CfJvZ/9GFXHFntuiywf6hPE/ufOm3DzdWuy0L7h/o0sf8JKzeNrnZdFtk/1KeJ/R/y5Nx7ql2X6+0f6tPE/rcOOOzsatflPfYP9Wli//fe8PA3q12XG+wf6tPE/m++6aMd1a7LjfYP9Wli/5/dOXh7teuy2P4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2IHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WQfRuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAUAAD//3II6Vg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x4)

30.820223081s ago: executing program 4 (id=1345):
unshare(0x62040200)
syz_usb_connect(0x2, 0x56, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000084a48e08d112f74247aa000000010902"], 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/fib_trie\x00')
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)

15.732563892s ago: executing program 35 (id=1345):
unshare(0x62040200)
syz_usb_connect(0x2, 0x56, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000084a48e08d112f74247aa000000010902"], 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/fib_trie\x00')
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)

6.403763592s ago: executing program 6 (id=1454):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
rseq(&(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2, 0x7d1b97b9, 0x6, 0x1}, 0x5}, 0x20, 0x0, 0x0)

3.792586096s ago: executing program 2 (id=1464):
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000340)="8a226ff432407a7f5fd09590d734f795e12e57ce9fed3f0300eb6368ed559a85603b0080", 0x24}], 0x2)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x0, 0x0, 0x0, 0x800007, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x1, 0xb, 0x2, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b36, &(0x7f0000000000)={'wlan0\x00'})

3.56578832s ago: executing program 2 (id=1465):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x200000000000}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x1}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xff)
sendto(r1, 0x0, 0x40, 0x810, &(0x7f00000008c0)=@nl=@unspec={0x0, 0x700, 0x0, 0xfdff}, 0x80)

3.379937591s ago: executing program 2 (id=1466):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000003c0)={0x1, 0x9, 0x3, &(0x7f0000000380)={0x1d, "a0603fa57e64e799060000000000001100"}})

3.243999149s ago: executing program 6 (id=1467):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='8-N:'], 0x6a)

2.976108994s ago: executing program 6 (id=1468):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f0000000040)='=', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000180)={0x0, 0x3}, 0x8)

2.840087863s ago: executing program 6 (id=1469):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3U9oVNsZAPDvTv5YY2LSUrHVFgItVrGdmESjQilmVRAtbS100T8Sk5iISSaYCagUahCLFCpddGFx1Y1ddBO6K9IiFB681Vu4eG8hCm/1njyfPHkuXOVxJ3d0jGPyYmLuY/z94DL3nEnmfHc+7p1zhnPPBPDW6o6IIxHRFBHFiOjM6gvZFpcWt/TvTvXPj6dbEgsLJx4lkUTE0f758eprJdnjluwFvpU+XInY2/xyuzMXLp4dmpgYPZeVe8qT0z0zFy7+6Mzk0Njo2OjUwMGDhw8dGDhweP2OdfP26ze//fdjd669M/fdbVuGJ9N427Pnao9jvXRHd/aetERH7RNJxKn1bixnX8s7AFbtk8LOW3nHAABsvELW92+u9P87oykWO+v37/72cWf8sS3v+AAAAIC1W1hoyh4BAACAxpUY+wMAAECDq84DONo/P17dNmruwYOfblRLvMrDwYjoWsx/9f7uxWean93T2/KG7u/9w9OI7uh48tFPvvH/dIs3dB82X03zH+YdAXlq3Z93BORpxy/yjoA8vXc17wi4NBcRt4/U6f8na+7ztS8pJ0vKxwfT/t9fZmrr9P/eHr88kXcE5OlnA3lHQJ5uPMo7Am4PRsS+et//FSrr91Vtjoi26tp+6+RQe/r5/+/7tXUvf/4XHqxjkyzxcDDixzVrO56qyX+mqykrdVS+KmxJTp+ZGN0XEVsjYne0bErLvcu00Ttw46/16r/zJM3/P5Pq93/plrZf/S4wi+NB86YX/29kqDy01uNm0cO5iB3N9fL/vP+fZLl+Xf8tXftzvfqBPZV1RXctn3/epIV/ROyqe/4/H60ly67P2lO5HPRULwp1/OuDz67Uq//+79P8n90j//lJz/+25fNfuf4/W693ZvVtXP7fzSf16p/eSvP/t0uvc/1vTX5VCbA1qzs/VC6f641oTY69XN+3+pgbVfX9qL5faf53f6/+53+1/5dk60J3RcTXX6PNuXvTd+rVXy+k+b/xO+d/ftL8j6xw/icvnP+r35l//4c/qNf2zqtp/rt+vfL5v78SzO6sRv9vZV82QXnHCQAAAAAAAMD6KFTu00kKxWf7hUKxuDjP95vRVpgozZT3ni7NTo0s3s/TFS2F6lSvzpr5oL3Z/JBquW9JuT+bO3K1c3OlXBwuTYzkffAAAADQ4Noj7v3m8n+2b3nF+D91tzPvKAEAAIC1SMf/HffaKst5fW6cDwAAAA0pHf8//tOn74bxPwAAADSs2vE/AAAA0Nh+fvx4ui1Uf/dvqjR25uz49OG+fcXJ2eHicOncdHGsVBqrrNg3ufLrTZRK0719MXu+pzw6U+6ZuXDx5GRpdqp8svK7sSdHWzbgmICVFbd+vC3vGAAAgI2zlt/1t2PHTqPu5H1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLb4IAAD//wws/WY=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000003200)=ANY=[], 0x1001)
preadv2(r0, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

2.089794427s ago: executing program 6 (id=1470):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x96}, 0x20)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000003280)={r1, 0xe0, &(0x7f0000003180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003100), 0x8, 0x10, 0x8, 0x0, 0x0}}, 0x10)

1.884058109s ago: executing program 5 (id=1471):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae4000000060a0b0400000000000000000200fffeb80004802800018007000100637400001c0002800800014000000002080002400000001605000300000000008c0001800c000100636f756e746572007c0002800c00014000000000000000020c00024000000000000000090c000140fffffffffffffbff0c00024000000000000000010c00024000000000000006920c00014000000000000000020c00024000000000000000010c00024000000000000000070c00014000000000000088770c00024000000000000000060900010073797a30000000000900020073797a320000000014000000110001"], 0x10c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
close(r0)

1.495800772s ago: executing program 6 (id=1472):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x20008d0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610916dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84b99b2ed90f71810cd92eeca69f5275cb7b7027d4babf643bd69b0a68134c022fe5dcd03834f547325ac2d1a5d16f074d898946ff71afa90180b317e645dd58a922e5d907462cd50dc23801c48c0d49ab012961d84d2eb85a3730a3f3177da048c3bc991216b11dca020afefc24ae7583b59534a0ab1fca82bf473216141db8e9864f7861d0500a920e1a8d3352d0662f586e743386e87b6c0c5ed6e4d192ef2990b44cedbb708e7a18b20dcd5573b603c4d659992647ffa8210abf4e9d232b52a8ea1dd1c045afd8e472cd1fbb775e89cca49d136a6"], 0x1, 0x4446, &(0x7f00000088c0)="$eJzs3b9vHFkdAPDvjH3ENslhH1ccEhIrcRIIkGVfBfgkHMeJz76YoMCdEM1mbW8Sw9ob2WtEkcJ0kaiQKBBFBBKdq8gFbfgTaChDHQkKGiSkCKPdnXV2xrt4E3kdkvt8Co/n/ba/M2/fFLMvzTTubu6WNndLle1Sff327geln9dre1vVSM9Jz/7fOr/+GcwwrpNXfe19lt24cu2Hn34Q8eeNvz49Ojo6iqbR6Gm26/d//fP+evexIy3Uabbbu7Wz8pOIePfEuJpGIuLHf4pIIuJylraQHccj4lK08z69/6tbpTMazaMn1Q/Lz1YfHM69v3Lw8LD/355E/K72pW/d2fr7V0fm/vaNM+oeAAAAAAAAAAAAAAAAAIDX3NLNG5/8YGY2HicxepCcfF93KTv2fT/26Kx8JWJy6H8uAAAAAAAAAAAAAAAAAAAA/F96/v5/KXmnx/v/i9lxvk/9o+8Nf4wMz/L3byxenZnN9n9PTuR/O0v6x+WRmOqx73tx//fLhfq9938/2c/L6oyv0+9kJOl07jxNp6cj/pBt/P5eMpHW6ruNb96u721vnNkwXlv5+Ld3789FJ9vQf9D4LxTaH/7+/188cTU1z2+d3SX2RsvHf6RvuT/+Mhko/lcK9c4j/ry8fPxHW2nj3QXm2xNAM/6/Hj09/ouF9ocV/7cjopQ0x1rKzQDNNUwzvd96hbx8/N9qpeWmzuwf2e/+/3ch/lcL7b+q+X+/+EFET/n4f66VNpYr8fz+n0pPv/+vFdp/FfFvjn/f5/9A8vG/0E4czRVp/ScHnf+XCu0PK/6fpNk4305yV8BB0k7v+3115OTjP3Yi//nzXzrQ+u+jQv3zev7r9Nt5/utM/19P2s9/9JaP/3jfcoPe/8uFesOe/+ejFElc7Jya9V9QPv4TrbT82rn9pZzd8b/wP+K/Umh/WPFvrUrG2vHvnv//c6Gd/nvrv4Hk4//5dmLaXWK/9bO1/ktOX/9/XGi/Hf9h3pYn13/N8e+nQ+zyDZKP/8W+5Zrx/8sAn//XC/WGv/6PmDHrv7R8/C/1Lde6/8dOj/9qod6w4/+1YTYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BpYyI6TkaTTufM0nZ6OuJKdvxcTyVplo7xWq6//bDdiMUsvxTvJnVp9rVIrb27XN6rlSq1WX4+4muW/G2PJbq3eKG9V7l07bms8uVut7DTWqpVGRCxl6V+OS5221jYbW5V7EfHRcd4X0vrOvbuV7fLG5s53Z2ZmZmL5eAxTSfUXjep2o917Ozdi5bjuZNI1uFb2x8djuZj8tL63s12ptdKvd9Wp1dcrta46q1neb2Iqaezsba9XGtVyrX6n099pkv0XDM4LmG/+SCMWl2/+6Ob12Yli/q2kfVwY3hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAOP577z24gYbZ+lETHf+SXpVf7Rk+qH5WerDw7n3l85eHj4tF85AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkZpIIjCAPxmLNTOY1gtu53tiiJauCJ4Aj2Gh9GjeAnvkCJF2hQhkMxC2OzCNkn1fc2D+Zl5D+YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDP03v38VY3ESmuNpcRf1//i8P8pdSf+/H7F2eYkdN5fu0eHuum/Hs6yu/K0bLNu3S9+v6Mkdr7HezJcJ/2+j7Xk3NN7dvUfH3fm0i5ioi25Lcp56qa9xYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BQAA///8NR6x")
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

1.428327086s ago: executing program 2 (id=1473):
unshare(0x6020400)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x15, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x4, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)

1.084857536s ago: executing program 2 (id=1474):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

932.337245ms ago: executing program 5 (id=1475):
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0xfffffffffffffffc, 0x0, 0x8)
tkill(r0, 0x7)

776.116444ms ago: executing program 2 (id=1476):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES16=0x0], 0x1, 0xabd, &(0x7f0000000e00)="$eJzs3U2MW0cBAODx7nqz2x/ilIQuaWgTCm356abZLOEngqRKhETUVIhLpYpLlKYlIgSJIgFVJZKcuNGqChInfsSpl6ogJHpBUU9cKtFIFVJPhQMHoiAqcSiBxCj2zNvniZ1nb3btdfx90ux43szzzPM+P7+/eROAiTXV+ru8vFAL4fwbrxz+x0N/n78+5UBRotH6O1NK1UMItZieyd7vvel2fPX9F493i2thqfU3pcOTl4t57wwhnAk7w4XQCNvPX3z5raUnjp49cm7X26/uv7Q+Sw8AAJPl6xf2L2/765/v23LltfsPhk3F9LR/3ojpu+J+/8G445/2/6dCZ7pWCmWzWbmZGKbmO8tNdylXrqeelZvpUf9sVn+9R7lN4eb1T5emdVtuGGdpPW6E2tRiR3pqanGxfUweWsf1s7XF0ydPPfv8iBoKrLl/PxBC2FkKh851pjdaOLAB2rDK0NwAbRjLcHB4dV1pto18mYcUmptHvQUCaMuvF97gTH5m4dYU7zbTX/2XH5/qPj+sgWGv/wPVPzvi+oP6f3PWFoe1c7uuTWm50vforpjOryPk9y/1/v7lVzo6p+bXI+p9trPXdYRxub7Qq53TQ27HavVqf75e3K6+HOP0OXylI/eBju9P/j8dl/8x0N0H+fl/QRA2dggd6fqtvFdzxNsfYOPK75trpuujUX5fX56/qSJ/riJ/viL/jor8OyvyYZL97vs/DS/VVs535cf0g50PnyvOs90d4w8N2J78fOSg5+Pz+34Hdav15/cTw0b2h2NPnfjCM09fbN//XyvW/2txfU+HG4343boQC6Tzhfl59eLe/0ZnPVM9yt2TtefuLuVbr7d2lqttXXmfUNrO3NCOhc75Nvcqt6OzXCMrNx/DXNbefP/kjmy+tP8x3d71KOabyZa3ni3HbNaOtF3ZEuO8HbAa6fvb6/7/tH4uhHrt2ZOnTjwW02k9/dN0fdP16XuG3G7g1vXb/2chdPb/uauYXp8qbxc2r0yvtbcLr8f365y+VNRTml76UUu/c9+anm+VXzz+3VPPrPGyw6R7/kcvfPvYqVMnvufFql98dWM0Y5AX6bBlo7THi0Ff7FzvKka8YQLW3e4ft3cCHj35nWPPnXjuxOm9+/btXVra98W9y7tb+/W7y3v3ZWdG0FpgLa386I+6JQAAAAAAAAAAAEC/fnDk8MV33vz8u+3+/yv9/1L//3Tnb+r//5Os/3/eTz71g0/9ALd0yW+VyR6wOpuVq8fw4ay9W7N6tmXzfSTGxTh+sf9/qi5/rmtqz73Z9HqPZPY4gRuelzKbPYMkHy/w4zE+F+NfBxih2nz3yTG+yfOtax+U1vX0fIpSF96m5wOPj/R/a60NpUcapf7fXZ/r1KW/NuNlGD0WR72MQHf/nKjnf/9rZcFH3hahd5gZbn0/n9x1otlzL73fEWwA1saox/9M5z1TfPqPX5u7HlKxy493bi/z55fCIP7yTmd6o48/ud715+P2Dbv+US//sMf/LMa/63v7l42Y11hdvf/5xaV3S9WG7f3Wny9/eg701sHqvxLrT0vzcOiv/uavsvrzC0J9+m9W/x191n/D8u9YXf3/i/Wnj+2RB/utv93i2lRnO+az5UjX//LzxsnVbPnTsz1vUv83Xui2/KscqPFarB8mWdU4s+M6nkW2H1HstK9+/N/ozNqO/1s0Ntus5fdhfC6m04Y43eeQj3cyaPvT/RXpd2Bb9v61it834/+Oty/FuOr7kMb/TetjI/7kl9KtzzKl610+23EZ0xomxXsTdf1vWOFS+zBodfPPjb79wgChOb2K+Yr96hG3v9lsru8JrQojrZyRf/6jPk4Ydf2j/vyr5OP/5vvw+fi/eX4+/m+en4//m+fPx/9Qr/x8/N/888zH/83z783eNx8feKEi/6MV+du75xeH7fdVzL+jIv9jFfm7ivwDHSVS/v03nX+lXK/3v6ci/8GK/E9U5H+yIv+hivxHSvnlMaBT/qcq5r/dpf4ocfnrk7b8MMny/nm+/zA50vWfXt//rRX5wPj62Wt7Dj3922822v3/Z4vzIek63sGYrsfjpx/GdH7dO5TS1/PejOm/Zfkb/XwHTJL8+Rn57/vDFfnA+Er3efl+wwSqzXWfHOOq51b12s9nvHw6xp+J8Wdj/GiMF2O8O8Z7Yrw0pPaxPg69/vv9L9VWjvc3Z/n93k+e9wfqeE5UCGFvn+3Jzw8Mej97/hy/Qd1q/avsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAyU62/y8sLtRDOv/HK4aeOntx9fcqBokSj9XemlKoX84XwWIynY/zL+OLq+y8eL8fXYlwLS6EWasX08OTloqY7Qwhnws5wITTC9vMXX35r6YmjZ4+c2/X2q/svrd8nAAAAALe//wcAAP//di0VJA==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
truncate(&(0x7f0000000000)='./file2\x00', 0xfff)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x200026, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

704.793889ms ago: executing program 7 (id=1428):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10000, &(0x7f00000009c0)=ANY=[], 0x2, 0x6329, &(0x7f0000000a40)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ8S5B67c+AOIlCCBKg4dtN7nccbTtddOujNrz+cjOTO/eWY9z+S74931zPgJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC+/70fnisi4sov0oITEZ+JfkQvYmVcr0XEytqJvP4gIp6L7eZ4NiKGSxFFbnw64tWI+PCpiPsP7qyPF50/YD+++6d//O5HT/zg738cnvnvn2/1X9trvdu3f/2fv9x99P0FAACALirLsizSx/yT6fN9r+1OAQCNyK//ZZKXqxeu3jzk+v9bsP6r1Wq1egHqqnK6u9UiIjarjxm/Z3A6HgCOmM34qO0u0CL5d9ogIp5ouxPAQiva7gBzcf/BnfUi5VtUXw/WJu35WpBd+W8WO/d37DWdpX6NSVPPr63oxzN79GeloT4skpx/r57/lUn7KK037/ybslf+o8mtT52T8+/X8685Pvn3pubfVTn/waHy78sfAAAAAAAWWP79/4mWz/8uPf6uHMh+53/XGuoDAAAAAAAAAHzaHnf8vx2F8f8AAABgUY0/q4/95qmHy6rX+o9i9/LLRcSTtfWB4+Vvs27ISTfLrDbRGQAAAAAAAAAAAABgYjC5hvdyETGMiCdXV8uyHH9V1evDetzHH3Vd33/osrZ/yAMAwMSHT9Xu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyuVD7X5ul42dLoAG+IB6Ny/M2WK4+rmvV5eVZ7/fuNtzUq+wfoWDNaDBwAImLyanTfK9IxU5ZPR9vvcjgaHP/Hj+Ofg2j7eQoAAADMX1mWZZH+nPfJdM6/13anAIBG5Nf/+nkBtVqtVqvVDdfLDxfMa3tV5XR3q0VEbFYfM37PYDh+ADhiNuOjtrtAi+TfaYOIeK7tTgALrWi7A8zF/Qd31ouUb1F9PUjju+drQXblv1lsPy4/ftp0lvo1Jk09v7aiH8/s0Z9nG+rDIsn59+r5X5m0j9J6886/KXvlP97PEy30p205/349/5rjk39vav5dlfMfHCr/vvwBAAAAAGCB5d//n1io87+jR92dmfY7/7s2t60CAAAAAAAAwHzdf3BnPd/3ms//f27Keu7/PJ5y/oX8Oynn36vl/+Xaev3K/L03H+b/7wd31n9/61+fzdOD5r+UZ4r0zCrSM6JIWyoGafo4e/dJW8P+aLylYdHrD9I1P+Xw7bgW12Mjzu5at5f+Px62n9vVPu7pcLu97E/az+9qH+y058df2NU+TFc6lSu5/XSsx0/jery13T5uW5qx/8sz2ssZ7Tn/vuO/k3L+g8rXOP/V1F7UpmP3Puh94rivTqdt541rn//V2fnvzkxb0d/Zt6rx/r3QQn+2/0+eGMXPb27cOH376q1bN85Fmuxaej7S5FOW8x+mr52f/y9O2vPP/erxeu+D0aHzXxRbMdgz/xcr8+P9fanhvrUh5z9KXzn/t1L79OP/EPn3/tDYvhzEfsf/yy30BwAAAAAAAAAAAAAAAPZTluX2LaJvRMTFdP9PW/dmAgDNyq//ZZKXN1X3G96eWn3E62LB+tNo/XG5WP1Rq49iXVVO93q1iIi/Vh8zfs/wy2nfDABYZB9HxD/b7gStkX+H5b/3N56earszQKNuvvf+j69ev75x42bbPQEAAAAAAAAAHlUe/3OtMv7zqbIs79bW2zX+65ux9rjjvw7yzM4Ao3sMVN0//D7tZ6s36vcqw40/H3uN/z3cmdtv/O/BjO0NZ7SPZrQvzWhfntE+9UaPipz/85Xxzk9FxMna8OuPPP7rgtlv/Nf6mPddkPN/ofJ8Huf/pdp61fzL3x7l/Hu78j9z692fnbn53vuvXHv36jsb72z85MK5c2cvXLx46dKlM29fu75xdvJviz2er5x/HvvadaDdkvPPmcu/W3L+X0i1/Lsl5//FVMu/W3L++f2e/Lsl558/+8i/W3L+L6Va/t2S8/9KquXfLTn/l1Mt/27J+X811fLvlpz/K6mWf7fk/E+nWv7dkvM/k+oD5r8y737RjJx/PsPl+O+WnH++skH+3ZLzP59q+XdLzv9CquXfLTn/V1Mt/27J+X8t1fLvlpz/xVTLv1ty/l9Ptfy7Jed/KdXy75ac/zdSLf9uyfl/M9Xy75ac/2upln+35Py/lWr5d0vO/9upln+35Py/k2r5d0vO//VUy79bHv79fzNmzJjJM23/ZAIAAAAAAAAAAAAA6pq4nLjtfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd78xcpz1HcBnz3fnsxMSAyF1UhMujgkhueTOduI/tCkmQKDhX0kIBdpiu76zOerYxmeXQKPaUaBExaioom140RYQavOmIqqoRCtAUYVaVaoE7Qv6BlGhUimqAgpIldoKuGpnnue53b293Tvf+W525vOR7J9vd3bnmdlnZu935+8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArW5+/cwnGlmWNRqN4oZtWXZ1s24Z35bf8pqNHR8AAACwej/N/37h2nTDoWU8qGWZf7zpm1+en5+fz96z6Y9GPjM/H2//7pYsG9mcZfl90TPfe2+jZZnoiWysMdTy9VCf1W/qc/9wn/tH+tw/2uf+zX3uH+tz/6IdsMiWrJGebFf+z21Zlo1nWXZdNpLft6vLo55obB5q7rv02KyRP2Z+5Hg2m53MZrKptuWLZRv58l+9ubmuN2dxXUMt69rRnCE/euxYHEMj7ONdbetaeM7oB6/Lxn/8o8eO/cW552/oVvvuhrbnK8Z5287mOD8WbinG2sg2p30SxznUMs4dXV6TTW3jbOSPa/67c5wvLHOcmxaGua46X/OxbCj/97fy/TTcyLrspx3htv+5JcuyiwvD7lxm0bqyoWxr2y1DC6/PWDEjm8/RnEovyYZ7z9P5Rts8vXkZ87RZp3e1z9POYyK+/jeHxw0vMYbWl+kHj4+2vO4/mb+ceRo1t3qpY6VzDq71sVKWORjnxbfyjX6y6xzcFbb/sVuXnoNd506XOZi2u2UO7uw3B4dGN+VjTi9CI3/Mwhzc3bb8pnxNjbw+d2vvOTh57pEzk3Mf+eids48cPTFzYubU3t27p/bu23fgwIHJ47MnZ6aKvy9zb5ff1mwoHQM7w76Lx8CrOpZtnarznx9ddP693ONwrMdxuK1j2bU+Doc7N66xPgfk4jldHBvvau70sUtD2RLHWP763L764zBtd8txONxyHHZ9T+lyHA4v4zhsLnPm9uV9zzLc8qfbGJZ+L1jdHNzWMgc7vx/pnINr/f1IWebgWJgX37l96feCHWG8T06s9PuRTYvmYNrccO5p3lJ8v3/i6mzsQP6vbvPyxuYdV41m5+dmzt716NFz587uzkJZFy9tmSud83VryzZli+br0Irn66HZm568scvt28K+Gruz+dfYkq9Vc5m77+r9WuXvbt33Z9ute7JQ1ljYn/Ob12l/dns3b+7P0Sz77Dcef/Brj3329Uvuz2a/+bHJ1X8vnvrSlvPvyBLn39j3/6xYX3qqJzaNDBfH76a0d0bazsftL9Vwfu5q5Ot+YXJ55+OR8Ge9z8fX9Tgfb+9Ydq3PxyOdGxfPx41+P+1Ync7XcyzMk5NTvc/HzWW271npnBzueT6+JdRG2P+vDp1C6ota5s5S8zata3h4JGzXcFxD+zzd27b8SOjNmut6es/lzdPbbimea1PaugXrNU/HO5Zd63mafva11Dxt9Pvp2+XpfD3Hwry4bm/vedpc5tm7V3/u3BL/2XLuHO03B0c2jTbHPJImYX6+z+a3xDl4V3YsO52dzKbze0fz+dTI1zVxz/Lm4Gj4s97nyu095uBtHcuu9RxM72NLzb3G8OKNXwOdr+dYmBdP3dN7DjaXecP+tf3e9bZwS1qm5XvXzp+vLfUzrxs7dtOVmivDYZzf2N/7Z7PNZU4eWGmf2Xs/3RFuuarLfuo8fpc6pqaz9dlP28M4nz+w9H5qjqe5zGcOLnM+Hcqy7MKH7st/3ht+v/LX57/95bbfu3T7nc6FD933wxcd/4eVjB+Awfezomwt3utafjO1nN//AwAAAAMh9v1DoSb6fwAAAKiM2PfH/xWe6P8BAACgMmLfPxxqUpP+f/sbnp/92YUsJfPng3h/2g0PFMvFjOtU+Hp8fkHz9vu+OPPff3dheeseyrLsJw/8Ttfltz8Qx1UYD+N85o3tty/y5Tt7rfK5+AofefhCWm9rfv1z4fnj9ix3GnSL4E5lWfbVaz+Vr2f8vZfy+uwDR/L64MUnn2gu88LB4uv4+OdeWiz/pyH8e+j40bbHPxf2w/dDnXpL9/0RH/elS6/esf/dC+uLj2vsvCbf7KfeXzxv/JycTz9RLB/381Lj/9onn/5Sc/lHX9l9/BeGuo//6fC8Xwz1f19eLN/6GjS/jo/7eBh/XF983F1f+HrX8T/ziWL5M/cXyx0JNa7/tvuf/8/fz7Js1/3Pz7bur0cbR9u2K3tT8bi4/qlv/0F+f3y++Pyd4x87fKltf3TOj2f/tXieyY7l4+1xPdHfdqy/+Tyt8zOu/+nfO9K2n/ut/5kHn3t583k7139Hx3JnPnR7vv6F52v/xKY/+/inuq4vjufQX51p255D7wzHcVj/U+8P8zHc/3/PFM/X+ekKR97Zfv6Jy39u24W27Yne/ONi/c+89kReN49t2XrV1S+65uIrmvsuy761uXi+fus/8een28b/+euL/RHvjxn9zvUvJa7/7IcnTp2eOz87nfbqY9fmn53z1mI8cbzXhnNr59eHT5/7wMzZ8anxqSwbr+5H6F22L4T6w6Jc7L30/KIz6O0Ph9fzxj/56tZb/+WT8fZ/e1dx+6W3FO9brwrLfTrcvi28fitb/2JP3Xx9fnw3ng0jnF/8ecGrsWPXfx1Y1oJh+zu/L4jz/czLPpDvh+Z9+ftGPK5XOf7vThfP85WwX+fDJzPvvH5hfa3Lx89GuPRQcbyvev+F01x8Xf8yvN5v+37x/HFccXu/G76P+fr29vNdnB9fuTDU+fz5p3hcDOeT7GJxf1wq7u9LL1zfdXjxc0iyizfkX/9hep4bVrSZS5n7yNzkydlT5x+dPDczd25y7iMfPfzI6fOnzh3OP8vz8Af7PX7h/LQ1Pz9Nz+y7O8vPVqeLcoVt9PjPPHxsev/UrdMzx4+eP37u4TMzZ08cm5s7NjM9d+vR48dnPtzv8bPT9+7ec3Dv/j0TJ2an7z1w8ODegxOzp043h1EMqo99U781cers4fwhc/fefXD3PffcPTXxyOnpmXv3T01NnO/3+Py9aaL56N+eODtz8ui52UdmJuZmPzpz7+6D+/bt6ftpgI+cOT43Pnn2/KnJ83MzZyeLbRk/l9/cfO/r93iqae7fi+9nOzWKD+LL3nHHvvT5rE1ffHzJpyoW6fgA0efDZ9H804vPHFjO17HvHwk1qUn/DwAAAHUQ+/7RUBP9PwAAAFRG7Ps3h5ro/wEAAKAyYt8/FmpSk/6/cvn/7ReWtX75/9rm//Ov5f9rnv9/qGz5/+J8If+/Nlabv5f/D+T/5f/l/wcm/z8f3pDk/ymjsuX/Y9+/Jctq2f8DAABAHcS+f2uoif4fAAAAKiP2/VeFmuj/AQAAoDJi3391qElN+n/5f/l/+X/5f/n/7uuX/x9M8v+9yf/3If8/mdUr/39xLcfv+v/y/yxWtvx/7PtfFGpSk/4fAAAA6iD2/deEmuj/AQAAoDJi339tqIn+HwAAACoj9v3bQk1q0v/L/8v/y//L/8v/d1+//P9gkv/vTf6/D/n/1Vw/P27GIOX/28j/y/+z9sqW/499/4tDTWrS/wMAAEAdxL7/JaEm+n8AAAAon+HLe1js+18aarKo/7/MFQAAAAAbLvb912UdQfCa/P5f/l/+v/z5/83pPvl/+f+slPn/TZn8f3nI//cm/9+H/P+G5ufXY/zdvmdbq/HL/8v/s1jZ8v9535+NZS8LNalJ/w8AAAB1EPv+60NN9P8AAABQGbHv/7lQE/0/AAAAVEbs+7eHmtSk/5f/l//f6Pz/SMfYXf9/4XHy/4Xy5/9d/79M5P97k//vQ/6/8vn/Kzl++X/5fxYrW/4/9v03hJrUpP8HAACAOoh9/42hJvp/AAAAqIzY9/98qIn+HwAAACoj9v07Qk1q0v/L/5c8/x+ToxXO//e//r/8v/y//L/8//LJ//d2efn/0XSz/L/8fy/y//L/8v90Klv+P/b9Lw81qUn/DwAAAHUQ+/6bQk30/wAAAFAZse9/RaiJ/h8AAAAqI/b946EmNen/5f9Lnv8vcvCjVb7+v/y//L/8v/z/WpL/7831//sIp7kfZFkm/z+o+f/4lfy//D9lULb8f+z7bw41qUn/DwAAAHUQ+/6doSb6fwAAAKiM2PffEmqi/wcAAIDKiH3/rlCTmvT/8v8Dkf/P5P/l/+X/5f/l/5dH/r83+f8+XP+/Avl/1/9vyf83p5b8PxuqbPn/2Pe/MtSkJv0/AAAA1EHs+28NNdH/AwAAQGXEvv9VoSb6fwAAAKiM2PffFmpSk/5f/l/+X/5f/l/+v/v65f8Hk/x/b/L/fcj/y/9XK//v+v9suLLl/2Pf/+pQk5r0/wAAAFAHse+/PdRE/w8AAACVEfv+O0JN9P8AAABQGbHvnwg1qUn/L/8v/y//L/8v/999/fL/g0n+vzf5/z4qlf8fXtGmZyXIz6/WRo9f/l/+n8XKlv+Pff+doSY16f8BAACgDmLff1eoif4fAAAAKiP2/ZOhJvp/AAAAqIzY90+FmtSk/5f/l/+X/5f/X1H+/xULzyv/X5D/Lxf5/97k//uoVP5/5TY6Pz/o41+b/P+I/D+VUrb8f+z7d4eapMZv9DK2EgAAACiT2PfvCTWpye//AQAAoA5i37831ET/DwAAAJUR+/67Q01q0v/L/8v/y//L/7v+f/f1y/8PJvn/3tY+/x83Uf5f/l/+3/X/5f9ZrGz5/9j33xNqUpP+HwAAAOog9v37Qk30/wAAAFAZse/fH2qi/wcAAIDKiH3/gVCTmvT/8v/y//L/8v/x9pGO5eT/5f8Hkfx/b67/30f58v+vbX34eub/m+uS/5f/l/9n5R763davypb/j33/wVCTmvT/AAAAUAex739NqIn+HwAAACoj9v2/EGrSu//ffGVHBQAAAKyl2Pf/YqhJTX7/L/8v/y//L//v+v/d1y//P5jk/3uT/++jfPn/Nq7/X+7xy//L/7NY2fL/se+/N9SkJv0/AAAA1EHs+38p1ET/DwAAAJUR+/7Xhpro/wEAAKAyYt9/KNSgW5x7UPzNthUsLP8v/7/M/H9cpCT5/zH5f/n/yuX/R+Pzyv+vivx/b/L/fcj/y//L/8v/s6bKlv+Pff/rQk38/h8AAAAqI/b994Wa6P8BAACgMmLf//pQE/0/AAAAVEbs+98QalKT/l/+X/7f9f/l/+X/u6/f9f8Hk/x/b/L/fcj/y//L/8v/s6bKlv+Pff8bQ01q0v8DAABAHcS+//5QE/0/AAAAVEbs+98UaqL/BwAAgMqIff+bQ01q0v/L/8v/b2T+v3BR/l/+Pyf/L/+/FuT/e5P/70P+X/5f/l/+nzVVtvx/7Pt/OdSkJv0/AAAA1EHs+x8INdH/AwAAQGXEvv8toSb6fwAAAKiM2Pe/NdSkJv2//L/8v+v/y//L/3dfv/z/YJL/723A8v8/vSbcLv9fkP8v9/hXmv8f7vj6iuT/v7dU/n9+c+fj5f+5EsqW/499/9tCTWrS/wMAAEAdxL7/7aEm+n8AAACojNj3vyPUpKX/X9P/eAcAAACsu9j3/0qoSU1+/y//3xzHQnpZ/l/+P79B/l/+X/5/YMn/9zZg+X/X/+8g/1/u8bv+v/w/i5Ut/x/7/neGmtSk/wcAAIA6iH3/g6Em+n8AAACojNj3PxRqov8HAACAyoh9/7tCTWrS/8v/u/6//L/8v/x/9/XL/w8m+f/e5P/7kP+X/y9b/v8/5P8ZbGXL/8e+/+FQk5r0/wAAAFAHse9/d6iJ/h8AAAAqI/b9vxpqov8HAACAyoh9/3tCTWrS/8v/D0r+f3xA8/+Py/9fwfz/TdcUy8n/y/+zQP6/N/n/PuT/5f/Llv93/X8GXNny/7Hvf2+oyfL7/7FlLwkAAABcQcNL3hP7/veFmtTk9/8AAABQB7Hv/7VQE/0/AAAAVEbs+3891KQm/b/8/6Dk/13/P5P/d/3/ju2R/5f/72b98v/xzCP/L/9frvz/thVtcLuNzs+v1kaPv775/+KdUf6fbsqW/499/2+EmtSk/wcAAIA6iH3/+0NN9P8AAAAwELr9n+xOse8/HGqi/wcAAIDKiH3/kVCTmvT/8v/y//L/Jc3///HOf/7ON99+ZLf8/4ry/2ffJ/9fd+t6/f/mwe/6//L/Jcv/r8ZG5+fXa/yNJS4NJv/v+v+svbLl/2PffzTUpCb9PwAAANRB7Pt/M9RE/w8AAACVEfv+Y6Em+n8AAACojNj3T4ea1KT/L2n+/+/l/4uv5f9rnP8f4Ov/x/3h+v/t1iz/H0+68v9drWv+/90LOXH5/5Xm/0e73ir/L/8/yOOX/5f/Z7Gy5f9j3z8TalKT/h8AAADqIPT9Q8eLunCH/h8AAAAqI/b9J0JN9P8AAABQGbHv/0CoSU36/5Lm/13/X/5f/n+A8/8bef3/bJ3y/41h1/8vK/n/3sqT/+9O/l/+f5DHL/8v/89iZcv/x75/NtSkJv0/AAAA1EHs+z8YaqL/5//Zu7MnS+u7juOnmWGmp7Asyxur9MYqL/0TuJBrvccLb7yxynLBBRV3Btw3FBV3RXFPIAsEQkhC9g2ykZAdkpCE7CvZCElqUnR/v9/p6X7OOd095/R5nt/v9brgm2noOSdTk4EPPe88AAAANCN3/8/GLfY/AAAANCN3/8/FLZ3sf/2//l//r//X/w+//mif/6//X0j/v5j+fwn9v/5f/6//Z6XG1v/n7v/5uKWT/Q8AAAA9yN1/Xdxi/wMAAEAzcvf/Qtxi/wMAAEAzcvf/YtzSyf7X/+v/m+3/f0T/P+/19f/6/5bp/xfT/y+h/9f/6//1/6zU2Pr/3P2/FLd0sv8BAACgB7n7fzlusf8BAACgGbn7r49b7H8AAABoRu7+X4lbOtn/+/r/rVmf/X9mvPr/lvp/z/+f+/r6/8vo/0/p/8fuZPv/m579lU//r//X/wf9/6H6/7PzPl//T4vG1v/n7v/VuKWT/Q8AAAA9yN3/a3GL/Q8AAADNyN1/Q9xi/wMAAEAzcvf/etzSyf5f3fP/z+18fKL9f9H/6/93PqD/1//P6/9PX/y2/n+cPP9/sZ76/+sfveq6p+77gfuP8vr6f/2/5//r/1mtsfX/uft/I27pZP8DAABAD3L3/2bcYv8DAABAM3L3/1bcYv8DAABAM3L3/3bc0sn+X13/P+nn/xf9v/5/5wP6f/3/vP7/Ws//Hzv9/2Jr7/9Pjaf/P87r6//1//p//T+rten+P7/j/Hbu/t+JWzrZ/wAAANCD3P2/G7fY/wAAANCM3P03xi32PwAAADQjd//5uKWT/a//X3///239v/4/rv5f/6//Xz/9/2I9Pf//OK+v/9f/6//1/6zWpvv//d/O3X9T3NLJ/gcAAIAe5O6/OW6x/wEAAKAZuft/L26x/wEAAKAZuft/P27pZP/r/z3/X/+v/9f/D7++/n+a9P+L6f+X0P9fbj9/pf5/gv1//IOU/p91OGL//8yCX7ZX0v/n7v+DuKWT/Q8AAAA9yN3/h3GL/Q8AAADNyN3/R3GL/Q8AAADNyN3/x3FLJ/tf/6//1//r/4/d/x/8qbdD/z9M/38y9P+Ljab/3zo9+GH9/+T7f8//n2L/H/T/rMPYnv+fu/9P4pZO9j8AAAD0IHf/n8YtC/b/kf9lPgAAALBRufv/LG7x9X8AAACYvKzOcvf/edzSyf7X/+v/9f/6f8//H379Rf3//Xven/5/XPT/i42m/59D/6//n/L71//r/zlobP1/7v6/iFs62f8AAADQg9z9t8Qt9j8AAAA0I3f/X8Yt9j8AAAA0I3f/X8Utnez/4f7/4p/X/x+O/v/S96//H/75sar+P79H/f/C/v8az//vk/5/sZPv/8/q/y/9/vX/a7Tp9994/39u2efr/xkytv4/d/+tcUsn+x8AAAB6kLv/r+MW+x8AAACakbv/b+IW+x8AAACakbv/b+OWTvb/hp//f9OZee9L/79D/6//9/z/cT7/f3bi/f9p/f8h6f8X8/z/JfT/+n/9v+f/s1Jj6/9z998Wt3Sy/wEAAKAHtz0929n9fzeb2f8AAAAwRXt/78D+31Aacvf/fdxi/wMAAEAzcvf/Q9zSyf7fcP+/ruf/X7nstfX/+v+9P176f/3/0OuPq//3/P/D0v8vpv9fQv+/jn7+dGP9/+3zPn8M/f+N+n9G5pL+/8GLH99U/5+7/x/jlk72PwAAAPQgd/8/xS32PwAAADQjd/8/xy32PwAAADQjd/+/xC2d7P+19//n5r/2Gvv/pfT/+v+9P176f/3/0Ovr/6dJ/7+Y/n8J/b/n/3v+v/6flbqk/99jU/1/7v5/jVs62f8AAADQg9z9/xa32P8AAADQjNz9t8ct9j8AAAA0I3f/v8ctnez/Rp//v5T+X/+/98dL/6//H3p9/f806f8X0/8vof/X/+v/l/f/+/9GHfT/DBlb/5+7/z/ilk72PwAAAPQgd/8dcYv9DwAAAM3I3f+fcYv9DwAAAM3I3f9fcUsn+1//v97+Pz+u/9f/z47S/8cn6P936f/1/0cxtf5///9+jt2vbw39neigOf3/wz99/scu/Yj+X/+v/9f/e/4/KzCK/v/CxX+6zN3/33FLJ/sfAAAAepC7/3/iFvsfAAAAmpG7/3/jFvsfAAAAmpG7///iliPu/+9Z6bs6Ofp/z//X/4+w/w/6/136f/3/UUyt/9/P8//1//r/6b5//b/+n4NG0f/v+Xbu/v+PW3z9HwAAAJqRu/85cYv9DwAAAM3I3f/cuMX+BwAAgGbk7r8zbulk/+v/9f/6f/2//n/49Y/b/2/Phun/T4b+fzH9/xL6f/2//l//z0qNrf/P3X9X3NLJ/gcAAIAe5O5/Xtxi/wMAAEAzcvc/P26x/wEAAGBKMh0blLv/BXFLJ/tf/6//1/9Pof//7vp+9P/j7//n0f+fjIn2//XL4FT7/1NT6v/vXvAGhvr/C2f1//p//b/+n2MaW/+fu/+FcUsn+x8AAAB6kLv/7rjF/gcAAIBm5O6/J26x/wEAAKAZuftfFLd0sv/1//p//f8U+n/P/590/7/7y6v+/4RMtP8vU+3/Pf9f/z/T/+v/9f8MGFv/n7v/3rilk/0PAAAAPcjdf1/cYv8DAABAM3L3vzhusf8BAACgGbn7749bOtn/+n/9v/5f/6//H359z/+fpvX1/7PN9f9PXnHU72Yu/f8S+n/9v/5f/89Kja3/z93/krilk/0PAAAAPcjd/0DcYv8DAABAM3L3vzRusf8BAACgGbn7Xxa3dLL/++z/z+j/J9//37o99P71//r/mf6/e57/v5j+fwn9v/5f/6//Z6XG1v/n7n953NLJ/gcAAIAe5O5/MG6x/wEAAKAZuftfEbfY/wAAANCM3P2vjFs62f999v+e/z+//5/NptH/e/7/TP/fQv+/PdP/r5z+f7HD9f/X6P/1/231/1fMGur/z839fP0/YzS2/j93/6vilk72PwAAAPQgd/+r4xb7HwAAABqw+3tncve/Jm6x/wEAAGDMTh/lL87d/9q4pZP9P/3+/+y+T9T/z2azx25o/vn/+v+Z/r+F/r9+VPX/q6P/X8zz/5fQ/7fZ/3v+v/6fjRlb/5+7/3VxSyf7HwAAAHqQu//1cYv9DwAAAM3I3f+GuMX+BwAAgGbk7n9j3NLJ/p9+/7//E/X/s8t6/r/+f+cD+n/9v/5/svT/i+n/l9D/L+3nt+b8c89M/6//1/8zYGz9f+7+N8Utnex/AAAA6EHu/ofiFvsfAAAAmpG7/+G4xf4HAACAZuTuf3Pc0sn+1//r//X/0+z/t/X/+n/9/6Cx9P9XX/2jj+j/9f8t9v+L6P/1//p/9htb/5+7/y1xSyf7HwAAAHqQu/+tcYv9DwAAAM3I3f+2uMX+BwAAgGbk7n973NLJ/j/Y/1852y1Udw31/9Go6f/30P9f+v71/8M/Pzz/X/+v/1+/sfT/nv9/vPev/9f/T/n9H6n//8GDn6//p0Vj6/9z9z8St3Sy/wEAAKAHufvfEbfY/wAAANCM3P3vjFvsfwAAAGhG7v5H45ZO9r/n/+v/9f/6f/3/8Ovr/6dp7P3/FUteX/+v/9f/T/f9N/P8/1P6f1ZnbP1/7v53xS07w++HvuuY/zUBAACAEcnd/+64pZOv/wMAAEAPcve/J26x/wEAAKAZufvfG7d0sv/1//p//b/+X/8//Pr6/2kae/+/jP5f/39C/f/20Ac33c9frk2//2b6f8//Z4XG1v/n7n9f3NLJ/gcAAIAe5O5/f9xi/wMAAEAzcvd/IG6x/wEAAKAZufsfi1s62f/6f/1/+/3/T+r/972+/l//3zL9f/4dfZj+f4l++v9Bm+7np/7+9f/6fw4aW/+fu//xuKWT/Q8AAAA9yN3/wbjF/gcAAIBm5O7/UNxi/wMAAEAzcvd/OG7pZP9vpP+PGrL7/v/mJ068/9+a9dj/e/6//l//35Pp9P93nB76qOf/6//1/9N9//p//T8Hja3/z93/xNbpLvc/AAAATNWP//DPPH7Yv/aJnT9uzz4St9j/AAAA0Izc/R+NW+x/AAAAaEbu/o/FLZ3sf8//9/x//b/+X/8//Pr6/2maTv8/TP+v/9f/T/f96//1/xw0tv4/d/+Tccue4Tf4f9ADAAAATEbu/o/HLZ18/R8AAAB6kLv/E3HLgf1/4ZC/qx0AAAAYm9z9n4xbOvn6v/5/5P3/bE39f/x1+v9d+n/9/9Dr6/+nqbX+/+xsVP3/hS39v/5/Af2//l//z35j6/9z9z9w76zL/Q8AAACNuuTfKHxq54/bs0/HLfY/AAAANCN3/2fiFvsfAAAAmpG7/7NxSyf7X/8/8v7/WM//P1f/yfP/m+n/v/f742NH6v9v2R58ff2//r9lrfX/nv+/+3H9/y79/7jfv/5f/89BR+j/dwbpuvv/3P2fi1s62f8AAADQg9z9n49b7H8AAABoRu7+L8Qt9j8AAAA0I3f/F+OWTva//n8D/f+tZ2eztfb/h3j+v/5/av2/5/8P9v/fd9X5h37ip+65S//PRSfZ/+fPBf2//n8D/f+d8fNP/z+i96//1/9z0Nie/5+7/0txSyf7HwAAAHqQu/+puGfyT9j/AAAA0Izc/V+OW+x/AAAAaEbu/q/ELZ3sf/1/i8//n2b/nz/WG+j/z0+v/8+muPf+3/P/9f8Hef7/Yvr/JabT/+982/P/x/X+9f/6fw4aW/+fu/+rcUsn+x8AAAB6kLv/a3FL7v+tI/+rewAAAGBkcvd/PW7x9X8AAABoRu7+p+OWae//a5cGQkH/r/8fS/+fPP//4ud5/v8u/b/+/yj0/4vp/5fQ/+v/9f/6f1ZqbP1/7v5vxC3T3v8AAADAHrn7n4lb7H8AAABoRu7+b8Yt9j8AAAA0I3f/t+KWTva//l//r//X/+v/h19f/z9N+v/F9P/POjP/Dej/9f/6f/0/KzW2/j93/3cCAAD//5q6VjY=")
syz_read_part_table(0x5fd, &(0x7f0000000240)="$eJzs1L+LXFUUAODz3ps3b9fsMiIRES0shoCwJv4oDJiBgAyDTTaFShpbIYrNQoQthombqddY2SXEGAjb5B9YsAnZIhBYsQgpLGQaS0WRweLJmzfDsu4WoiPZhe+Due/ewzn33Jl3meBYSyOvHuWgGhcPTUn2zcpWPF/nFSfig61uEa9czOLT5WlK9+Wl6tFMyySiiCiLuqyISJvVMm/Mdtu99fDdX7eebcb3O+3b+TS4nUYsRMRn065XZ9mTnkW1dbM+dzTm/FNwDN3rPGhlw7Xe5nozotcfvfVxEvFHRDl1Ka3zttNYjI9+rqYL03v++3z6FxF59DbXO5cf9/qj9u7ZO4/K1V9uLJ/Od3bHn7ffbM1Ss2QeDTlSzmcRMbl/9fu/eXLjycb4wqm7V86sNOL+4HoS/a8j4rekmUZk8U5V9MnVyLNJ+eH/uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/Cvc6DcQzXkr3Ia92XvuyWX739zbnBhy+cu5RWsSTKP6+fjhMHyvM59G9dG8626Y/yOHvnUbl6IG+lPmE5uPFfO3KUvJq/GNeGa73N9c7lx73+6ObJ19/YGF84dffKmZXnntwf1K99Mcq/FyZP47QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHGwHAv71o14Zt86ifORTGbpZFwt6vh7jUhuPdz67scfyrKx0759cRrfXoqlyeSnb1t7Ze9nk63qT3zRqMbs//1i/CN/BQAA//+fR3Ky")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r0, 0x0, 0x0, 0xfecc)

650.714752ms ago: executing program 5 (id=1477):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x10}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x89b0, &(0x7f0000000040)={'veth0\x00'})

391.039587ms ago: executing program 5 (id=1478):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x4e21, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
close(r0)

179.33289ms ago: executing program 5 (id=1479):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x20)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000001180)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYRESOCT, @ANYRESDEC], 0x8b)

0s ago: executing program 5 (id=1480):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file1\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r0 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r0, 0x0, 0x11, 0x9)

kernel console output (not intermixed with test programs):

nmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  215.460833][ T5816] kernel write not supported for file /288/clear_refs (pid: 5816 comm: kworker/1:3)
[  215.502337][    T8] XFS (loop5): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xd0, xfs_rmapbt block 0x14 
[  215.516341][    T8] XFS (loop5): Unmount and run xfs_repair
[  215.546782][    T8] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  215.602522][    T8] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  215.647858][    T8] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 80  ................
[  215.684468][    T8] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  215.716896][    T8] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  215.725842][    T8] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  215.782012][    T8] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  215.808036][    T8] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  215.840372][    T8] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  215.862109][ T8408] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x14 len 4 error 74
[  216.023452][ T8408] XFS (loop5): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x183c/0x1e00 (fs/xfs/libxfs/xfs_defer.c:598).  Shutting down filesystem.
[  216.079883][ T8408] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  216.373442][ T8069] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  216.531702][ T8467] loop2: detected capacity change from 0 to 64
[  216.649391][ T8467] hfs: request for non-existent node 24 in B*Tree
[  216.655907][ T8467] hfs: request for non-existent node 24 in B*Tree
[  216.726985][ T8469] hfs: request for non-existent node 25 in B*Tree
[  216.743781][ T8469] hfs: request for non-existent node 25 in B*Tree
[  216.969598][ T8473] loop5: detected capacity change from 0 to 256
[  217.076724][ T5080] Bluetooth: hci3: command 0x0406 tx timeout
[  217.080045][ T8473] FAT-fs (loop5): Directory bread(block 64) failed
[  217.132201][ T8463] loop6: detected capacity change from 0 to 32768
[  217.174704][ T8473] FAT-fs (loop5): Directory bread(block 65) failed
[  217.182259][ T8473] FAT-fs (loop5): Directory bread(block 66) failed
[  217.213293][ T8463] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  217.240825][ T8473] FAT-fs (loop5): Directory bread(block 67) failed
[  217.272722][ T8473] FAT-fs (loop5): Directory bread(block 68) failed
[  217.317151][ T8473] FAT-fs (loop5): Directory bread(block 69) failed
[  217.327719][ T8473] FAT-fs (loop5): Directory bread(block 70) failed
[  217.334318][ T8473] FAT-fs (loop5): Directory bread(block 71) failed
[  217.363063][ T8473] FAT-fs (loop5): Directory bread(block 72) failed
[  217.370062][ T8473] FAT-fs (loop5): Directory bread(block 73) failed
[  217.508490][ T8463] XFS (loop6): Ending clean mount
[  217.563933][ T5836] XFS (loop6): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  217.646614][ T5836] XFS (loop6): Unmount and run xfs_repair
[  217.652421][ T5836] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  217.766843][ T5836] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  217.822733][ T5836] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  217.854706][ T8491] loop4: detected capacity change from 0 to 32768
[  217.873927][ T8491] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  217.882238][ T8491] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  217.912256][ T5836] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  217.945162][ T8491] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  217.954511][ T1186] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  217.962265][ T5836] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  217.970777][ T1186] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  218.015805][ T5836] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  218.071082][ T5836] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  218.098406][ T1186] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 127ms
[  218.106128][ T1186] gfs2: fsid=syz:syz.0: jid=0: Done
[  218.123786][ T5836] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  218.138696][ T8491] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  218.177117][ T5836] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  218.240647][ T8463] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  218.297206][ T8463] XFS (loop6): Failed to initialize disk quotas.
[  218.410444][ T8142] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  218.817477][ T5836] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  219.102784][ T5836] usb 3-1: config index 0 descriptor too short (expected 27419, got 10)
[  219.128720][ T5836] usb 3-1: config 0 has too many interfaces: 86, using maximum allowed: 32
[  219.165850][ T5836] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  219.187207][ T5836] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 86
[  219.223469][ T5836] usb 3-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice= e.b7
[  219.267695][ T5836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.291834][ T5836] usb 3-1: config 0 descriptor??
[  219.560691][ T5836] usb 3-1: string descriptor 0 read error: -71
[  219.578839][ T5836] usb 3-1: USB disconnect, device number 8
[  219.831033][ T8523] loop6: detected capacity change from 0 to 256
[  219.862936][ T8523] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  219.921003][ T8523] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  219.942261][ T8510] loop5: detected capacity change from 0 to 32768
[  220.007330][ T8527] loop4: detected capacity change from 0 to 64
[  220.334429][ T8532] netlink: 20 bytes leftover after parsing attributes in process `syz.2.778'.
[  220.573839][ T8540] loop6: detected capacity change from 0 to 512
[  220.627442][    T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  220.677250][ T8540] EXT4-fs error (device loop6): ext4_orphan_get:1398: inode #15: comm syz.6.780: inode has both inline data and extents flags
[  220.742817][ T8540] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.780: couldn't read orphan inode 15 (err -117)
[  220.780734][ T8540] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.801100][ T8546] loop5: detected capacity change from 0 to 16
[  220.819232][    T8] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  220.836699][    T8] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  220.856871][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  220.860418][ T8546] erofs: (device loop5): mounted with root inode @ nid 36.
[  220.876961][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  220.921879][   T28] audit: type=1800 audit(1768917479.245:18): pid=8546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.777" name="file1" dev="loop5" ino=86 res=0 errno=0
[  220.948224][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  220.993221][ T8142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.002812][    T8] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  221.002842][    T8] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  221.050014][    T8] usb 5-1: Product: syz
[  221.084862][    T8] usb 5-1: Manufacturer: syz
[  221.113809][    T8] cdc_wdm 5-1:1.0: skipping garbage
[  221.133107][    T8] cdc_wdm 5-1:1.0: skipping garbage
[  221.150855][    T8] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  221.173874][    T8] cdc_wdm 5-1:1.0: Unknown control protocol
[  221.396458][ T5836] usb 5-1: USB disconnect, device number 6
[  221.529621][ T8562] loop6: detected capacity change from 0 to 64
[  221.652424][   T28] audit: type=1800 audit(1768917479.975:19): pid=8562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.784" name="bus" dev="loop6" ino=21 res=0 errno=0
[  221.672555][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.777009][ T8568] loop5: detected capacity change from 0 to 8192
[  221.824388][ T8568] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  221.901383][ T8573] loop2: detected capacity change from 0 to 2048
[  221.910608][ T8568] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  221.920618][ T8568] REISERFS (device loop5): using ordered data mode
[  221.927852][ T8568] reiserfs: using flush barriers
[  221.936045][ T8568] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  221.954542][ T8568] REISERFS (device loop5): checking transaction log (loop5)
[  222.051884][ T8573] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.129358][ T8577] Bluetooth: MGMT ver 1.22
[  222.358377][ T8568] REISERFS (device loop5): Using tea hash to sort names
[  222.365855][ T8568] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  222.461551][   T48] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  222.489290][   T48] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  222.501761][   T48] EXT4-fs (loop2): This should not happen!! Data will be lost
[  222.501761][   T48] 
[  222.513512][   T48] EXT4-fs (loop2): Total free blocks count 0
[  222.519928][   T48] EXT4-fs (loop2): Free/Dirty block details
[  222.537125][   T48] EXT4-fs (loop2): free_blocks=4096
[  222.542413][   T48] EXT4-fs (loop2): dirty_blocks=16
[  222.571075][   T48] EXT4-fs (loop2): Block reservation details
[  222.596124][   T48] EXT4-fs (loop2): i_reserved_data_blocks=1
[  222.613577][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.286771][ T5816] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  223.502101][ T5816] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  223.517913][ T5816] usb 6-1: config 0 has no interface number 0
[  223.537345][ T5816] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  223.567587][ T5816] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.575803][ T5816] usb 6-1: Product: syz
[  223.600520][ T5816] usb 6-1: Manufacturer: syz
[  223.605298][ T5816] usb 6-1: SerialNumber: syz
[  223.628669][ T5816] usb 6-1: config 0 descriptor??
[  223.719277][ T8594] loop2: detected capacity change from 0 to 32768
[  223.797027][ T8594] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  223.872795][ T5816] usb 6-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  223.894762][ T5816] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  223.905612][ T5816] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  223.913775][ T5816] usb 6-1: media controller created
[  223.938789][ T5816] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  224.117595][ T5780] ocfs2: Unmounting device (7,2) on (node local)
[  224.241180][ T8607] loop4: detected capacity change from 0 to 32768
[  224.319481][ T8607] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  224.490108][ T8607] XFS (loop4): Ending clean mount
[  224.689507][ T6502] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  224.831484][ T8612] loop6: detected capacity change from 0 to 40427
[  224.873578][ T8612] F2FS-fs (loop6): Image doesn't support compression
[  224.912862][ T8612] F2FS-fs (loop6): heap/no_heap options were deprecated
[  224.959671][ T8612] F2FS-fs (loop6): invalid crc value
[  225.035965][ T8612] F2FS-fs (loop6): Found nat_bits in checkpoint
[  225.059441][ T5816] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  225.182765][ T8612] F2FS-fs (loop6): Start checkpoint disabled!
[  225.204611][ T5816] usb 6-1: USB disconnect, device number 3
[  225.237479][ T8612] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  225.434289][ T8612] syz.6.800: attempt to access beyond end of device
[  225.434289][ T8612] loop6: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  225.455321][ T8612] syz.6.800: attempt to access beyond end of device
[  225.455321][ T8612] loop6: rw=2049, sector=53264, nr_sectors = 8 limit=40427
[  225.472853][ T8612] syz.6.800: attempt to access beyond end of device
[  225.472853][ T8612] loop6: rw=2049, sector=53288, nr_sectors = 8 limit=40427
[  225.503740][ T8612] syz.6.800: attempt to access beyond end of device
[  225.503740][ T8612] loop6: rw=2049, sector=53320, nr_sectors = 16 limit=40427
[  225.518316][ T8612] syz.6.800: attempt to access beyond end of device
[  225.518316][ T8612] loop6: rw=2049, sector=53344, nr_sectors = 16 limit=40427
[  225.562465][ T8612] syz.6.800: attempt to access beyond end of device
[  225.562465][ T8612] loop6: rw=2049, sector=53384, nr_sectors = 16 limit=40427
[  225.854674][  T142] kworker/u4:5: attempt to access beyond end of device
[  225.854674][  T142] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  225.885082][ T8656] loop5: detected capacity change from 0 to 128
[  225.895375][  T142] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  225.935034][  T142] kworker/u4:5: attempt to access beyond end of device
[  225.935034][  T142] loop6: rw=2049, sector=40992, nr_sectors = 8 limit=40427
[  225.951281][  T142] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  226.186715][ T5836] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  226.393725][ T5836] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  226.414437][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.457595][ T5836] usb 5-1: config 0 descriptor??
[  226.676488][ T5836] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00
[  226.706325][ T5836] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  226.887384][ T5836] [drm:udl_init] *ERROR* Selecting channel failed
[  226.963719][ T5836] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[  226.992825][ T5836] [drm] Initialized udl on minor 2
[  227.015347][ T5836] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  227.076424][ T5836] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  227.099219][ T5816] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  227.128650][ T5836] usb 5-1: USB disconnect, device number 7
[  227.157712][ T5816] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  227.292694][ T8658] loop2: detected capacity change from 0 to 32768
[  227.319807][ T8658] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  227.346721][ T8658] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  227.389879][ T8658] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  227.643415][ T8663] loop5: detected capacity change from 0 to 32768
[  227.674602][ T8658] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  227.703682][ T8663] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  227.721533][ T8663] CPU: 1 PID: 8663 Comm: syz.5.808 Not tainted syzkaller #0
[  227.728906][ T8663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  227.739030][ T8663] Call Trace:
[  227.742357][ T8663]  <TASK>
[  227.745336][ T8663]  dump_stack_lvl+0x18c/0x250
[  227.750070][ T8663]  ? show_regs_print_info+0x20/0x20
[  227.755323][ T8663]  ? load_image+0x400/0x400
[  227.759896][ T8663]  sysfs_create_dir_ns+0x26e/0x2a0
[  227.765073][ T8663]  ? sysfs_warn_dup+0xa0/0xa0
[  227.769829][ T8663]  ? do_raw_spin_unlock+0x121/0x230
[  227.775080][ T8663]  kobject_add_internal+0x61c/0xcc0
[  227.780321][ T8663]  kobject_init_and_add+0x12c/0x1a0
[  227.785550][ T8663]  ? lockdep_softirqs_off+0x430/0x430
[  227.790944][ T8663]  ? kobject_add+0x240/0x240
[  227.795576][ T8663]  ? __init_swait_queue_head+0xa9/0x150
[  227.801146][ T8663]  gfs2_sys_fs_add+0x253/0x4b0
[  227.805940][ T8663]  ? gfs2_recover_set+0x250/0x250
[  227.811005][ T8663]  ? apply_workqueue_attrs+0x180/0x180
[  227.816500][ T8663]  gfs2_fill_super+0x12b6/0x1f30
[  227.821467][ T8663]  ? __might_sleep+0xe0/0xe0
[  227.826108][ T8663]  ? gfs2_reconfigure+0xb10/0xb10
[  227.831167][ T8663]  ? setup_bdev_super+0x56b/0x660
[  227.836221][ T8663]  get_tree_bdev+0x3f3/0x520
[  227.840840][ T8663]  ? end_current_label_crit_section+0x170/0x170
[  227.847123][ T8663]  ? gfs2_reconfigure+0xb10/0xb10
[  227.852190][ T8663]  ? setup_bdev_super+0x660/0x660
[  227.857257][ T8663]  gfs2_get_tree+0x51/0x1e0
[  227.861815][ T8663]  vfs_get_tree+0x8c/0x280
[  227.866264][ T8663]  do_new_mount+0x24b/0xa40
[  227.870802][ T8663]  __se_sys_mount+0x2e7/0x3d0
[  227.875511][ T8663]  ? __x64_sys_mount+0xc0/0xc0
[  227.880298][ T8663]  ? lockdep_hardirqs_on+0x98/0x150
[  227.885601][ T8663]  ? __x64_sys_mount+0x20/0xc0
[  227.890395][ T8663]  do_syscall_64+0x55/0xa0
[  227.894840][ T8663]  ? clear_bhb_loop+0x40/0x90
[  227.899549][ T8663]  ? clear_bhb_loop+0x40/0x90
[  227.904257][ T8663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  227.910186][ T8663] RIP: 0033:0x7f86ff39bf4a
[  227.914649][ T8663] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  227.934285][ T8663] RSP: 002b:00007f87001f5e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  227.942728][ T8663] RAX: ffffffffffffffda RBX: 00007f87001f5ee0 RCX: 00007f86ff39bf4a
[  227.950730][ T8663] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f87001f5ea0
[  227.958749][ T8663] RBP: 0000200000000400 R08: 00007f87001f5ee0 R09: 0000000000210401
[  227.966746][ T8663] R10: 0000000000210401 R11: 0000000000000246 R12: 0000200000012500
[  227.974738][ T8663] R13: 00007f87001f5ea0 R14: 00000000000125d8 R15: 0000200000000240
[  227.982746][ T8663]  </TASK>
[  227.985915][    C1] vkms_vblank_simulate: vblank timer overrun
[  228.087102][ T8663] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  228.166165][ T8663] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  229.091412][ T8718] loop5: detected capacity change from 0 to 256
[  229.538820][ T8734] tipc: Started in network mode
[  229.577312][ T8736] loop5: detected capacity change from 0 to 512
[  229.579969][ T8734] tipc: Node identity 74725f6c656e3a2, cluster identity 4711
[  229.594859][ T8736] EXT4-fs: Ignoring removed mblk_io_submit option
[  229.628417][ T8734] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  229.738508][ T8736] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.829: invalid indirect mapped block 10 (level 1)
[  229.836742][ T8736] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.829: invalid indirect mapped block 8 (level 1)
[  229.913622][ T8736] EXT4-fs (loop5): 1 truncate cleaned up
[  229.939991][ T8736] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.963408][ T8748] loop6: detected capacity change from 0 to 512
[  230.085614][ T8069] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.104127][ T8748] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.154688][ T8748] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  230.409818][ T8142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.710489][ T8773] loop4: detected capacity change from 0 to 512
[  230.746232][ T8773] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.839: inode has both inline data and extents flags
[  230.761736][ T8773] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.839: couldn't read orphan inode 15 (err -117)
[  230.781695][ T8773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.795545][ T8776] loop6: detected capacity change from 0 to 64
[  230.818203][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  230.995099][ T6502] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.043161][    T8] usb 3-1: Using ep0 maxpacket: 16
[  231.065178][    T8] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[  231.081973][    T8] usb 3-1: config 0 has no interface number 0
[  231.107672][    T8] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  231.154358][    T8] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  231.178443][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.186521][    T8] usb 3-1: Product: syz
[  231.212248][    T8] usb 3-1: Manufacturer: syz
[  231.236738][    T8] usb 3-1: SerialNumber: syz
[  231.252118][    T8] usb 3-1: config 0 descriptor??
[  231.931947][    T8] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.214/input/input9
[  232.207263][ T5836] usb 3-1: USB disconnect, device number 9
[  232.450498][ T8815] netlink: 'syz.5.852': attribute type 11 has an invalid length.
[  232.469446][ T8811] loop4: detected capacity change from 0 to 2048
[  232.470770][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.5.852'.
[  232.501654][ T8811] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  233.062540][ T8837] team0: Device gtp0 is of different type
[  233.816216][ T8869] netlink: 4 bytes leftover after parsing attributes in process `syz.5.873'.
[  234.264130][ T8887] loop4: detected capacity change from 0 to 256
[  234.310553][ T8887] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  234.836818][ T5836] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  234.996268][ T8917] loop6: detected capacity change from 0 to 736
[  235.043329][ T5836] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  235.055901][ T5836] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  235.065890][ T5836] usb 5-1: config 220 has an invalid descriptor of length 36, skipping remainder of the config
[  235.079281][ T5836] usb 5-1: config 220 has no interface number 2
[  235.088252][ T5836] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  235.105630][ T5836] usb 5-1: config 220 interface 0 has no altsetting 0
[  235.115096][ T5836] usb 5-1: config 220 interface 76 has no altsetting 0
[  235.130632][ T5836] usb 5-1: config 220 interface 1 has no altsetting 0
[  235.143226][ T5836] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  235.158527][ T5836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.170194][ T5836] usb 5-1: Product: syz
[  235.174455][ T5836] usb 5-1: Manufacturer: syz
[  235.182195][ T5836] usb 5-1: SerialNumber: syz
[  235.441244][ T5836] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  235.455665][ T5836] usb 5-1: No valid video chain found.
[  235.468269][ T5836] usb 5-1: selecting invalid altsetting 0
[  235.495530][ T5836] usb 5-1: selecting invalid altsetting 0
[  235.502209][ T5836] usbtest: probe of 5-1:220.1 failed with error -22
[  235.516440][ T5836] usb 5-1: USB disconnect, device number 8
[  235.551007][ T8926] loop6: detected capacity change from 0 to 512
[  235.577422][ T8926] EXT4-fs: Ignoring removed i_version option
[  235.625003][ T8926] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  235.672385][ T8926] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.693375][ T8926] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.826437][ T8142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.195724][ T8949] netlink: 24 bytes leftover after parsing attributes in process `syz.4.896'.
[  236.611929][ T8957] loop4: detected capacity change from 0 to 4096
[  236.642320][ T8957] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  236.775649][ T8968] loop2: detected capacity change from 0 to 512
[  236.812375][ T8968] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  236.877366][ T8968] EXT4-fs (loop2): 1 truncate cleaned up
[  236.885632][ T8968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.911958][ T8968] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.905: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  236.946602][ T8968] EXT4-fs (loop2): Remounting filesystem read-only
[  237.072050][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.251237][ T8978] bridge_slave_0: left allmulticast mode
[  237.314073][ T8978] bridge_slave_0: left promiscuous mode
[  237.332921][ T8978] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.382145][ T8978] bridge_slave_1: left allmulticast mode
[  237.396714][ T8978] bridge_slave_1: left promiscuous mode
[  237.414578][ T8978] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.533806][ T8978] bond0: (slave bond_slave_0): Releasing backup interface
[  237.685487][ T8978] bond0: (slave bond_slave_1): Releasing backup interface
[  237.831718][ T8978] team0: Port device team_slave_0 removed
[  237.870954][ T8978] team0: Port device team_slave_1 removed
[  237.882825][ T8978] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.893258][ T8978] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.904836][ T8978] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  237.913329][ T8978] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.939446][ T8983] netlink: 'syz.6.906': attribute type 10 has an invalid length.
[  237.993712][ T8983] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.025356][ T8983] team0: Port device bond0 added
[  238.323415][ T9013] loop5: detected capacity change from 0 to 256
[  238.353383][ T9013] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  238.407971][ T9013] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  238.577058][ T5816] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  238.790447][ T5816] usb 7-1: Using ep0 maxpacket: 16
[  238.805039][ T5816] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.835266][ T9026] loop4: detected capacity change from 0 to 2048
[  238.846742][ T5816] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.868114][ T9027] loop2: detected capacity change from 0 to 4096
[  238.874600][ T5816] usb 7-1: config 0 interface 0 has no altsetting 0
[  238.903587][ T9026] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  238.916905][ T5816] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  238.933264][ T9027] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  238.944619][ T5816] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.978259][ T5816] usb 7-1: config 0 descriptor??
[  239.014088][ T6738] udevd[6738]: incorrect nilfs2 checksum on /dev/loop4
[  239.024377][ T9032] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  239.156248][   T28] audit: type=1800 audit(1768917497.475:20): pid=9026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.920" name="file1" dev="loop4" ino=15 res=0 errno=0
[  239.433598][ T5816] hid (null): report_id 3323596431 is invalid
[  239.447405][ T5816] hid (null): unknown global tag 0xe
[  239.466415][ T5816] hid (null): unknown global tag 0xe
[  239.496774][ T5816] hid (null): unknown global tag 0xe
[  239.515778][ T5816] hid (null): unknown global tag 0x63
[  239.531889][ T5816] hid (null): unknown global tag 0xd
[  239.714585][ T5855] usb 7-1: USB disconnect, device number 2
[  239.824756][ T9049] loop5: detected capacity change from 0 to 2048
[  239.869229][ T9049] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  239.905013][ T9049] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  240.241805][ T9062] loop5: detected capacity change from 0 to 256
[  240.309680][ T9062] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  240.408178][   T28] audit: type=1800 audit(1768917498.715:21): pid=9062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.929" name="file2" dev="loop5" ino=1048623 res=0 errno=0
[  240.489659][ T9069] loop2: detected capacity change from 0 to 128
[  240.504562][   T28] audit: type=1800 audit(1768917498.765:22): pid=9062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.929" name="file2" dev="loop5" ino=1048623 res=0 errno=0
[  240.699184][   T28] audit: type=1800 audit(1768917499.015:23): pid=9069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.931" name="file2" dev="loop2" ino=1048624 res=0 errno=0
[  240.719927][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.556119][ T9100] input: syz1 as /devices/virtual/input/input10
[  242.423485][ T9122] loop4: detected capacity change from 0 to 4096
[  242.736078][ T9110] loop2: detected capacity change from 0 to 32768
[  242.777258][ T9129] nbd: nbd5 already in use
[  242.788868][ T9110] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.943 (9110)
[  242.871792][ T9110] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  242.911140][ T9110] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  242.948011][ T9132] autofs4:pid:9132:autofs_fill_super: could not open pipe file descriptor
[  242.966654][ T9110] BTRFS info (device loop2): turning off barriers
[  242.990458][ T9110] BTRFS info (device loop2): setting nodatasum
[  243.026905][ T9110] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  243.068505][ T9110] BTRFS info (device loop2): use zstd compression, level 3
[  243.096325][ T9110] BTRFS info (device loop2): using free space tree
[  243.230329][ T9105] loop6: detected capacity change from 0 to 32768
[  243.265905][ T9105] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  243.307994][ T9105] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  243.363124][ T9105] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  243.546684][ T9105] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  243.707937][ T5780] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  244.148424][ T5755] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  244.363712][ T5755] usb 6-1: Using ep0 maxpacket: 8
[  244.389041][ T5755] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.427748][ T5755] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.476337][ T5755] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  244.524775][ T9144] loop4: detected capacity change from 0 to 32768
[  244.541817][ T5755] usb 6-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  244.591129][ T9144] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.950 (9144)
[  244.606715][ T5755] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.648696][ T5755] usb 6-1: config 0 descriptor??
[  244.700680][ T9144] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  244.746967][ T9144] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  244.797624][ T9144] BTRFS info (device loop4): enabling disk space caching
[  244.846544][ T9144] BTRFS info (device loop4): enabling auto defrag
[  244.853189][ T9144] BTRFS info (device loop4): doing ref verification
[  244.885569][ T9144] BTRFS info (device loop4): use no compression
[  244.904104][ T9144] BTRFS info (device loop4): force clearing of disk cache
[  244.912014][ T9144] BTRFS info (device loop4): disabling disk space caching
[  245.072278][ T5755] logitech 0003:046D:C293.000B: nested delimiters
[  245.081398][ T9144] BTRFS info (device loop4): enabling ssd optimizations
[  245.089037][ T5755] logitech 0003:046D:C293.000B: item 0 4 2 10 parsing failed
[  245.097354][ T9144] BTRFS info (device loop4): auto enabling async discard
[  245.106347][ T5755] logitech 0003:046D:C293.000B: parse failed
[  245.115633][ T5755] logitech: probe of 0003:046D:C293.000B failed with error -22
[  245.153832][ T9144] BTRFS info (device loop4): rebuilding free space tree
[  245.229637][ T9144] BTRFS info (device loop4): disabling free space tree
[  245.257197][ T9144] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  245.282789][ T5854] usb 6-1: USB disconnect, device number 4
[  245.300856][ T9207] loop6: detected capacity change from 0 to 1024
[  245.317312][ T9144] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  245.382346][ T9207] hfsplus: invalid length 32517 has been corrected to 255
[  245.442650][ T9210] autofs4:pid:9210:autofs_fill_super: could not open pipe file descriptor
[  245.585304][   T48] hfsplus: b-tree write err: -5, ino 4
[  245.822140][ T6502] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  246.506714][ T5755] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  246.747343][ T5755] usb 3-1: Using ep0 maxpacket: 8
[  246.764424][ T5755] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.796804][ T5755] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.826680][ T5755] usb 3-1: config 0 interface 0 has no altsetting 0
[  246.833511][ T5755] usb 3-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00
[  246.853839][ T5755] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.868817][ T9219] loop6: detected capacity change from 0 to 32768
[  246.898712][ T5755] usb 3-1: config 0 descriptor??
[  246.922968][ T9219] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.961 (9219)
[  246.950716][ T9241] loop5: detected capacity change from 0 to 4096
[  246.974705][ T9219] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  247.012727][ T9219] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  247.042443][ T9219] BTRFS info (device loop6): turning off barriers
[  247.049950][ T9219] BTRFS info (device loop6): setting nodatasum
[  247.068166][ T9219] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  247.084139][ T9219] BTRFS info (device loop6): use zstd compression, level 3
[  247.115408][ T9219] BTRFS info (device loop6): using free space tree
[  247.278790][ T9228] loop4: detected capacity change from 0 to 32768
[  247.370502][ T5755] ntrig 0003:1B96:0004.000C: unknown main item tag 0x0
[  247.447435][ T5755] ntrig 0003:1B96:0004.000C: unknown main item tag 0x0
[  247.458102][ T9228] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  247.488624][ T5755] ntrig 0003:1B96:0004.000C: unknown main item tag 0x0
[  247.550107][ T5755] ntrig 0003:1B96:0004.000C: unknown main item tag 0x0
[  247.581217][ T5755] ntrig 0003:1B96:0004.000C: unknown main item tag 0x0
[  247.646985][ T5755] ntrig 0003:1B96:0004.000C: hidraw0: USB HID v0.00 Device [HID 1b96:0004] on usb-dummy_hcd.2-1/input0
[  247.708468][ T5755] ntrig 0003:1B96:0004.000C: Firmware version: 4.6.18.42.6 (5a58 5e55)
[  247.716073][ T8142] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  247.800559][ T6502] ocfs2: Unmounting device (7,4) on (node local)
[  248.039148][ T5755] usb 3-1: USB disconnect, device number 10
[  249.290416][ T9282] loop5: detected capacity change from 0 to 32768
[  250.056771][    T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  250.226951][ T9308] loop2: detected capacity change from 0 to 40427
[  250.256704][    T8] usb 5-1: Using ep0 maxpacket: 16
[  250.279834][ T9308] F2FS-fs (loop2): Image doesn't support compression
[  250.308944][ T9308] F2FS-fs (loop2): heap/no_heap options were deprecated
[  250.319689][    T8] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  250.340410][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.349434][ T9308] F2FS-fs (loop2): invalid crc value
[  250.365101][    T8] usb 5-1: Product: syz
[  250.371689][ T9308] F2FS-fs (loop2): Found nat_bits in checkpoint
[  250.389460][    T8] usb 5-1: Manufacturer: syz
[  250.394123][    T8] usb 5-1: SerialNumber: syz
[  250.530725][ T9340] loop6: detected capacity change from 0 to 16
[  250.567759][ T9308] F2FS-fs (loop2): Start checkpoint disabled!
[  250.627557][ T9340] erofs: (device loop6): mounted with root inode @ nid 36.
[  250.655598][ T9308] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  250.684353][    T8] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  250.717963][    T8] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  250.746958][    T8] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  250.781393][    T8] usb 5-1: media controller created
[  250.833530][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  250.859675][ T9308] syz.2.977: attempt to access beyond end of device
[  250.859675][ T9308] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  250.927735][ T9308] syz.2.977: attempt to access beyond end of device
[  250.927735][ T9308] loop2: rw=2049, sector=53264, nr_sectors = 24 limit=40427
[  250.964335][    T8] zl10353_read_register: readreg error (reg=127, ret==-71)
[  250.979674][ T9308] syz.2.977: attempt to access beyond end of device
[  250.979674][ T9308] loop2: rw=2049, sector=53304, nr_sectors = 32 limit=40427
[  251.020077][ T9308] syz.2.977: attempt to access beyond end of device
[  251.020077][ T9308] loop2: rw=2049, sector=53368, nr_sectors = 8 limit=40427
[  251.120246][    T8] dvb_usb_gl861: probe of 5-1:157.0 failed with error -5
[  251.162205][    T8] usb 5-1: USB disconnect, device number 9
[  251.366115][   T12] kworker/u4:1: attempt to access beyond end of device
[  251.366115][   T12] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  251.416793][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  251.434936][   T12] kworker/u4:1: attempt to access beyond end of device
[  251.434936][   T12] loop2: rw=2049, sector=40984, nr_sectors = 8 limit=40427
[  251.461054][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  251.898738][ T9367] loop4: detected capacity change from 0 to 4096
[  251.937742][ T9367] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  252.134546][ T9373] loop2: detected capacity change from 0 to 1024
[  252.242945][ T9373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  252.257595][ T9373] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.417156][ T9373] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.987: bg 0: block 112: padding at end of block bitmap is not set
[  252.470705][ T9373] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 117
[  252.517484][ T9373] EXT4-fs (loop2): This should not happen!! Data will be lost
[  252.517484][ T9373] 
[  252.800016][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  253.506232][ T9398] loop2: detected capacity change from 0 to 32768
[  253.535478][ T9398] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  253.543901][ T9398] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  253.620555][ T9398] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  253.629974][ T5854] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  253.644121][ T5854] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  253.665841][ T9380] loop6: detected capacity change from 0 to 32768
[  253.818975][ T5854] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 174ms
[  253.872669][ T5854] gfs2: fsid=syz:syz.0: jid=0: Done
[  253.896411][ T9398] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  255.054437][ T9435] loop4: detected capacity change from 0 to 1024
[  255.242214][ T9435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  255.270522][ T9435] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.410887][ T9435] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1005: bg 0: block 112: padding at end of block bitmap is not set
[  255.479402][ T9435] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 117
[  255.508648][ T9435] EXT4-fs (loop4): This should not happen!! Data will be lost
[  255.508648][ T9435] 
[  255.735684][ T6502] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  255.955396][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  255.966606][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  256.355833][ T9455] loop5: detected capacity change from 0 to 32768
[  256.379761][ T9469] loop4: detected capacity change from 0 to 4096
[  256.436765][ T9469] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  256.466849][ T9455] 
[  256.466849][ T9455]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  256.466849][ T9455] 
[  256.548639][ T9455] ERROR: (device loop5): diWrite: ixpxd invalid
[  256.548639][ T9455] 
[  256.589420][ T9455] ERROR: (device loop5): txCommit: 
[  256.589420][ T9455] 
[  256.842970][ T8069] 
[  256.842970][ T8069]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  256.842970][ T8069] 
[  256.889586][ T8069] 
[  256.889586][ T8069]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  256.889586][ T8069] 
[  257.368851][ T9460] loop2: detected capacity change from 0 to 32768
[  257.460189][ T9460] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  257.486832][ T9460] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  257.570444][ T9460] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  257.695383][ T9460] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  258.048332][ T9482] loop4: detected capacity change from 0 to 32768
[  258.741644][ T9505] loop2: detected capacity change from 0 to 1024
[  258.765279][ T9505] EXT4-fs: Ignoring removed oldalloc option
[  258.858095][ T9505] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  258.877823][ T9505] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.999547][ T9517] bridge_slave_0: left allmulticast mode
[  259.005283][ T9517] bridge_slave_0: left promiscuous mode
[  259.045664][ T9517] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.098193][ T9505] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 7: comm syz.2.1017: lblock 7 mapped to illegal pblock 7 (length 9)
[  259.135899][ T9505] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117
[  259.176729][ T9505] EXT4-fs (loop2): This should not happen!! Data will be lost
[  259.176729][ T9505] 
[  259.187638][ T9517] bridge_slave_1: left allmulticast mode
[  259.187664][ T9517] bridge_slave_1: left promiscuous mode
[  259.187875][ T9517] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.210533][ T9522] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 7: comm syz.2.1017: lblock 7 mapped to illegal pblock 7 (length 1)
[  259.231951][   T28] audit: type=1800 audit(1768917517.555:24): pid=9522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1017" name="file1" dev="loop2" ino=15 res=0 errno=0
[  259.235676][ T9517] bond0: (slave bond_slave_0): Releasing backup interface
[  259.324562][ T9517] bond0: (slave bond_slave_1): Releasing backup interface
[  259.354274][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  259.459103][ T9517] team0: Port device team_slave_0 removed
[  259.532439][ T9517] team0: Port device team_slave_1 removed
[  259.553640][ T9517] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.561734][ T9517] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.572360][ T9517] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.580666][ T9517] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.599556][ T9521] netlink: 'syz.5.1019': attribute type 10 has an invalid length.
[  259.644848][ T9521] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.665266][ T9521] team0: Port device bond0 added
[  260.259370][ T9546] loop2: detected capacity change from 0 to 256
[  260.321159][ T9546] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  260.334921][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  260.371411][ T9546] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  260.557377][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  260.898866][ T9562] netlink: 'syz.4.1033': attribute type 11 has an invalid length.
[  260.916871][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  261.594985][ T9583] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  261.603036][ T9583] IPv6: NLM_F_CREATE should be set when creating new route
[  261.610433][ T9583] IPv6: NLM_F_CREATE should be set when creating new route
[  261.617742][ T9583] IPv6: NLM_F_CREATE should be set when creating new route
[  261.671498][ T9583] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  261.871115][ T9561] loop5: detected capacity change from 0 to 32768
[  261.882086][ T9592] loop4: detected capacity change from 0 to 1024
[  261.890327][ T9592] EXT4-fs: inline encryption not supported
[  261.912867][ T9592] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  261.946010][ T9561] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  262.065913][ T9592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.114602][ T9561] XFS (loop5): Ending clean mount
[  262.158812][ T9561] XFS (loop5): Quotacheck needed: Please wait.
[  262.262218][ T9561] XFS (loop5): Quotacheck: Done.
[  262.296636][   T28] audit: type=1800 audit(1768917520.615:25): pid=9561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1034" name="file1" dev="loop5" ino=9286 res=0 errno=0
[  262.347370][ T6502] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.462628][ T8069] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  262.686633][ T9613] erspan0: entered promiscuous mode
[  263.255032][ T9628] loop6: detected capacity change from 0 to 4096
[  263.283164][ T9628] ntfs: (device loop6): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  263.310785][ T9628] ntfs: (device loop6): ntfs_read_locked_inode(): $DATA attribute is missing.
[  263.335296][ T9628] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  263.364632][ T9628] ntfs: (device loop6): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  263.424922][ T9628] ntfs: volume version 3.1.
[  263.459647][ T9628] ntfs: (device loop6): load_and_init_quota(): Failed to find inode number for $Quota.
[  263.488259][   T23] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  263.495915][ T9628] ntfs: (device loop6): load_system_files(): Failed to load $Quota.  Will not be able to remount read-write.  Run chkdsk.
[  263.555691][ T9628] ntfs: (device loop6): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-2.  You might want to try to use the mount option nls=utf8.
[  263.603735][ T9628] ntfs: (device loop6): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  263.697155][   T23] usb 6-1: Using ep0 maxpacket: 32
[  263.704436][   T23] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  263.714296][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.729307][   T23] usb 6-1: config 0 descriptor??
[  263.928332][ T9639] loop6: detected capacity change from 0 to 64
[  263.955450][   T23] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  263.981365][   T23] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  264.019462][   T23] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  264.055991][   T23] usb 6-1: media controller created
[  264.144077][   T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  264.199833][   T23] az6027: usb out operation failed. (-71)
[  264.213477][   T23] az6027: usb out operation failed. (-71)
[  264.226339][   T23] stb0899_attach: Driver disabled by Kconfig
[  264.245300][   T23] az6027: no front-end attached
[  264.245300][   T23] 
[  264.290636][   T23] az6027: usb out operation failed. (-71)
[  264.307077][   T23] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  264.326820][   T23] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input11
[  264.374426][   T23] dvb-usb: schedule remote query interval to 400 msecs.
[  264.417584][   T23] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  264.442839][   T23] usb 6-1: USB disconnect, device number 5
[  264.598147][   T23] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  265.385430][ T9671] loop6: detected capacity change from 0 to 1764
[  265.477140][ T5836] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  265.687049][ T5836] usb 5-1: Using ep0 maxpacket: 16
[  265.719274][ T5836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.739595][ T5836] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  265.759097][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.785910][ T5836] usb 5-1: config 0 descriptor??
[  265.846694][ T5755] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  266.046876][ T5755] usb 7-1: Using ep0 maxpacket: 32
[  266.072565][ T5755] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  266.086622][ T5755] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.125838][ T5755] usb 7-1: config 0 descriptor??
[  266.149129][ T5755] gspca_main: nw80x-2.14.0 probing 055f:d001
[  266.242569][ T5836] mcp2221 0003:04D8:00DD.000D: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  266.614233][ T9705] loop2: detected capacity change from 0 to 512
[  266.692878][ T9705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.746324][ T9705] ext4 filesystem being mounted at /287/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  266.789737][ T5755] usb 5-1: USB disconnect, device number 10
[  266.866713][ T5854] usb 7-1: USB disconnect, device number 3
[  266.886117][   T28] audit: type=1800 audit(1768917525.205:26): pid=9705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1087" name="file1" dev="loop2" ino=15 res=0 errno=0
[  267.022930][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.468404][ T9717] input: syz1 as /devices/virtual/input/input12
[  268.073221][ T9713] loop2: detected capacity change from 0 to 40427
[  268.080519][ T9729] loop4: detected capacity change from 0 to 64
[  268.100199][ T9713] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  268.116782][ T9713] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  268.226407][ T9713] F2FS-fs (loop2): Found nat_bits in checkpoint
[  268.371814][ T9713] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  268.386604][ T9713] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  268.432117][   T28] audit: type=1804 audit(1768917526.755:27): pid=9713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1090" name="/newroot/290/file2/file0" dev="loop2" ino=10 res=1 errno=0
[  268.518794][ T5780] syz-executor: attempt to access beyond end of device
[  268.518794][ T5780] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  268.554918][ T5780] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  268.671722][ T9727] loop5: detected capacity change from 0 to 40427
[  268.694644][ T9727] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  268.705056][ T9727] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  268.793521][ T9727] F2FS-fs (loop5): Found nat_bits in checkpoint
[  268.947398][ T9727] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  268.974406][ T9727] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  269.082577][ T9725] loop6: detected capacity change from 0 to 40427
[  269.098263][   T28] audit: type=1800 audit(1768917527.415:28): pid=9727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1097" name="bus" dev="loop5" ino=10 res=0 errno=0
[  269.136194][ T9725] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  269.175112][ T9725] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  269.221194][ T9725] F2FS-fs (loop6): invalid crc value
[  269.228274][ T8069] syz-executor: attempt to access beyond end of device
[  269.228274][ T8069] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  269.267350][ T9725] F2FS-fs (loop6): Found nat_bits in checkpoint
[  269.278797][ T8069] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  269.526196][ T9725] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  269.560787][ T9725] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  270.049854][ T9756] loop5: detected capacity change from 0 to 256
[  270.092435][ T9756] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  270.126697][ T9756] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  270.184318][ T9756] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  270.446651][ T9750] loop2: detected capacity change from 0 to 32768
[  270.478679][ T9750] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1101 (9750)
[  270.540767][ T9750] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  270.565466][ T9762] loop4: detected capacity change from 0 to 164
[  270.577645][ T9750] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  270.595198][ T9750] BTRFS info (device loop2): turning off barriers
[  270.617629][ T9750] BTRFS info (device loop2): setting nodatasum
[  270.623884][ T9750] BTRFS info (device loop2): use zlib compression, level 3
[  270.663295][ T9750] BTRFS info (device loop2): using free space tree
[  271.226953][ T5816] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  271.396353][ T5780] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  271.424280][ T5816] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  271.437907][ T5816] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.477132][ T5816] usb 6-1: config 0 descriptor??
[  271.500715][ T5816] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  271.712150][ T9799] syz.2.1116: attempt to access beyond end of device
[  271.712150][ T9799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  271.735989][ T5816] gp8psk: usb in 128 operation failed.
[  271.742680][ T9798] input: syz0 as /devices/virtual/input/input14
[  271.965361][ T5816] gp8psk: FW Version = 159.119.170 (0x9f77aa)  Build 2207/68/144
[  272.175368][ T5816] gp8psk: usb in 149 operation failed.
[  272.194705][ T5816] gp8psk: failed to get FPGA version
[  272.209686][ T5816] gp8psk: usb in 138 operation failed.
[  272.232389][ T5816] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  272.253982][ T5816] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  272.299354][ T5816] usb 6-1: USB disconnect, device number 6
[  273.625666][ T9836] loop6: detected capacity change from 0 to 4096
[  273.704950][ T9836] ntfs: volume version 3.1.
[  275.586547][    C0] sched: RT throttling activated
[  275.737353][ T9857] loop4: detected capacity change from 0 to 32768
[  275.761680][ T9861] loop5: detected capacity change from 0 to 131072
[  275.773769][ T9861] F2FS-fs (loop5): Invalid log sectorsize (67108873)
[  275.781636][ T9861] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  275.793111][ T9861] F2FS-fs (loop5): invalid crc value
[  275.869437][ T9861] F2FS-fs (loop5): Found nat_bits in checkpoint
[  275.876408][   T28] audit: type=1800 audit(1768917534.195:29): pid=9857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1144" name="file1" dev="loop4" ino=4 res=0 errno=0
[  275.910351][ T9857] syz.4.1144: attempt to access beyond end of device
[  275.910351][ T9857] loop4: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  275.968017][ T9857] metapage_write_end_io: I/O error
[  275.977927][ T9861] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  275.985114][ T9861] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  275.994854][ T9857] ERROR: (device loop4): diWrite: ixpxd invalid
[  275.994854][ T9857] 
[  276.010999][ T9857] ERROR: (device loop4): remounting filesystem as read-only
[  276.030830][ T9861] fscrypt (loop5, inode 8): Error -61 getting encryption context
[  276.046953][ T9857] ERROR: (device loop4): txCommit: 
[  276.046953][ T9857] 
[  276.078481][ T9857] blkno = 8ed2c, nblocks = 1
[  276.083537][ T9857] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map
[  276.083537][ T9857] 
[  276.115016][ T9880] loop2: detected capacity change from 0 to 4096
[  276.140796][ T9857] ERROR: (device loop4): dbAllocBits: leaf page corrupt
[  276.140796][ T9857] 
[  276.217087][ T9857] syz.4.1144: attempt to access beyond end of device
[  276.217087][ T9857] loop4: rw=34817, sector=4683776, nr_sectors = 4 limit=32768
[  276.262807][ T9857] syz.4.1144: attempt to access beyond end of device
[  276.262807][ T9857] loop4: rw=34817, sector=4683780, nr_sectors = 2072 limit=32768
[  276.310117][ T9880] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  276.334338][ T9857] syz.4.1144: attempt to access beyond end of device
[  276.334338][ T9857] loop4: rw=34817, sector=4685852, nr_sectors = 492 limit=32768
[  276.379516][  T113] blkno = 8ed2c, nblocks = 4
[  276.384241][  T113] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map
[  276.384241][  T113] 
[  276.411737][  T113] blkno = 8ef00, nblocks = 141
[  276.457012][  T113] ERROR: (device loop4): dbFree: block to be freed is outside the map
[  276.457012][  T113] 
[  276.520294][ T5780] ntfs3: loop2: ino=9, ntfs_sync_fs failed, -22.
[  276.941141][ T5755] kernel write not supported for file /adsp1 (pid: 5755 comm: kworker/0:3)
[  277.696997][ T5855] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  277.727725][ T9909] loop2: detected capacity change from 0 to 1024
[  277.886752][ T5855] usb 6-1: Using ep0 maxpacket: 32
[  277.893822][ T9909] hfsplus: request for non-existent node 62977 in B*Tree
[  277.906001][ T5855] usb 6-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  277.929975][ T9909] hfsplus: request for non-existent node 62977 in B*Tree
[  277.952057][ T5855] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.984002][ T5855] usb 6-1: Product: syz
[  277.999677][ T5855] usb 6-1: Manufacturer: syz
[  278.014988][ T5855] usb 6-1: SerialNumber: syz
[  278.051225][ T5855] usb 6-1: config 0 descriptor??
[  278.067639][ T9040] hfsplus: b-tree write err: -5, ino 3
[  278.307362][ T5855] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: version d4.15 found at bus 006 address 007
[  278.512982][ T5816] usb 6-1: USB disconnect, device number 7
[  278.525337][ T5755] kernel write not supported for file /671/net/sockstat (pid: 5755 comm: kworker/0:3)
[  279.259931][ T9930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1176'.
[  279.298627][ T9930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1176'.
[  279.420256][ T9934] input: syz0 as /devices/virtual/input/input16
[  279.989355][ T9927] loop2: detected capacity change from 0 to 40427
[  280.021134][ T9927] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  280.046664][ T9927] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  280.084804][ T9927] F2FS-fs (loop2): Found nat_bits in checkpoint
[  280.093369][ T9946] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1183'.
[  280.266028][ T9927] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  280.316987][ T9927] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  280.428496][   T28] audit: type=1800 audit(1768917538.755:30): pid=9927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1175" name="bus" dev="loop2" ino=10 res=0 errno=0
[  280.513222][ T5780] syz-executor: attempt to access beyond end of device
[  280.513222][ T5780] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  280.546986][ T5780] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  280.591932][ T9954] loop6: detected capacity change from 0 to 4096
[  280.618577][ T9954] ntfs3: loop6: Different NTFS sector size (1024) and media sector size (512).
[  280.821212][ T3042] kworker/u4:6: attempt to access beyond end of device
[  280.821212][ T3042] loop4: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  280.871619][ T3042] metapage_write_end_io: I/O error
[  280.887141][ T3042] JFS: metapage_get_blocks failed
[  280.926692][ T3042] JFS: metapage_get_blocks failed
[  281.353338][ T9966] loop5: detected capacity change from 0 to 1024
[  281.387725][ T9966] EXT4-fs: Ignoring removed nobh option
[  281.412805][ T9966] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  281.502375][ T9966] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #11: comm syz.5.1192: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  281.561465][ T9966] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.1192: couldn't read orphan inode 11 (err -117)
[  281.585230][ T9966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.770501][ T9966] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:478: comm syz.5.1192: Invalid block bitmap block 0 in block_group 0
[  281.826752][ T9966] Quota error (device loop5): write_blk: dquota write failed
[  281.850956][ T9966] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  281.929150][ T9966] EXT4-fs error (device loop5): ext4_acquire_dquot:6949: comm syz.5.1192: Failed to acquire dquot type 0
[  281.979124][ T9979] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.1192: Invalid inode bitmap blk 137438953472 in block_group 0
[  282.117591][   T11] EXT4-fs error (device loop5): __ext4_get_inode_loc:4489: comm kworker/u4:0: Invalid inode table block 8589934593 in block_group 0
[  282.181182][ T8069] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.192132][ T9988] netlink: 'syz.2.1198': attribute type 15 has an invalid length.
[  282.931548][T10004] loop2: detected capacity change from 0 to 8
[  282.990812][T10004] SQUASHFS error: lzo decompression failed, data probably corrupt
[  283.009507][T10004] SQUASHFS error: Failed to read block 0x91: -5
[  283.015836][T10004] SQUASHFS error: Unable to read metadata cache entry [8f]
[  283.036624][T10004] SQUASHFS error: Unable to read inode 0x11f
[  283.186189][ T9990] loop6: detected capacity change from 0 to 32768
[  283.199265][ T9990] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.1200 (9990)
[  283.252439][ T9990] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  283.281265][ T9990] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  283.305502][ T9990] BTRFS info (device loop6): turning off barriers
[  283.331024][ T9990] BTRFS info (device loop6): setting nodatasum
[  283.346861][ T9990] BTRFS info (device loop6): use zlib compression, level 3
[  283.365659][ T9990] BTRFS info (device loop6): using free space tree
[  283.482425][ T9992] loop5: detected capacity change from 0 to 40427
[  283.509445][ T9992] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  283.529753][ T9992] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  283.583987][ T9992] F2FS-fs (loop5): build fault injection attr: rate: 17008, type: 0x7ffff
[  283.636741][ T9992] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x1f8
[  283.688646][ T9992] F2FS-fs (loop5): invalid crc value
[  283.716790][ T9992] F2FS-fs (loop5): Found nat_bits in checkpoint
[  283.914954][ T9992] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  283.966613][ T9992] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  284.062454][ T9992] syz.5.1199: attempt to access beyond end of device
[  284.062454][ T9992] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  284.100786][ T8142] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  284.135532][ T9992] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  285.080285][T10040] loop2: detected capacity change from 0 to 4096
[  285.105605][T10040] ntfs: volume version 3.1.
[  286.017875][   T12] JFS: metapage_get_blocks failed
[  286.316695][ T5755] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  286.403993][T10052] loop5: detected capacity change from 0 to 32768
[  286.510480][ T5755] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  286.540459][ T5755] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.591384][ T5755] usb 3-1: config 0 descriptor??
[  286.849680][ T5755] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00
[  286.867426][ T5755] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  287.033599][T10061] loop6: detected capacity change from 0 to 32768
[  287.052432][ T5755] [drm:udl_init] *ERROR* Selecting channel failed
[  287.060246][T10061] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  287.071981][T10061] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  287.150693][T10061] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  287.166057][ T5755] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  287.206472][ T5755] [drm] Initialized udl on minor 2
[  287.253783][ T5755] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  287.288408][ T5755] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  287.311571][    T8] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  287.332472][ T5755] usb 3-1: USB disconnect, device number 11
[  287.354405][T10061] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  287.354609][    T8] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  287.947572][ T5755] kernel write not supported for file /input/event2 (pid: 5755 comm: kworker/0:3)
[  287.972752][T10084] loop6: detected capacity change from 0 to 256
[  288.024386][T10084] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  288.198750][ T5855] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  288.412423][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.449784][ T5855] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  288.483890][T10093] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1235'.
[  288.506629][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.567236][ T5855] usb 6-1: config 0 descriptor??
[  289.086900][ T5855] steelseries 0003:1038:12B6.000E: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.5-1/input0
[  289.503920][T10116] loop6: detected capacity change from 0 to 1024
[  289.554358][ T5855] usb 6-1: USB disconnect, device number 8
[  290.266738][ T5755] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  290.466869][ T5755] usb 7-1: Using ep0 maxpacket: 16
[  290.487404][ T5755] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[  290.495667][ T5755] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  290.523746][ T5755] usb 7-1: config 0 has no interface number 0
[  290.534561][ T5755] usb 7-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  290.548940][ T5755] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.561162][ T5755] usb 7-1: Product: syz
[  290.565390][ T5755] usb 7-1: Manufacturer: syz
[  290.570466][ T5755] usb 7-1: SerialNumber: syz
[  290.583787][ T5755] usb 7-1: config 0 descriptor??
[  290.816436][ T5755] usb 7-1: Found UVC 0.00 device syz (046d:08f3)
[  290.839613][ T5755] usb 7-1: No valid video chain found.
[  290.882589][ T5755] usb 7-1: USB disconnect, device number 4
[  291.058835][ T9040] JFS: metapage_get_blocks failed
[  291.306644][ T1186] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  291.496915][ T1186] usb 3-1: Using ep0 maxpacket: 32
[  291.510753][ T1186] usb 3-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  291.526914][ T1186] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.545848][ T1186] usb 3-1: Product: syz
[  291.554185][ T1186] usb 3-1: Manufacturer: syz
[  291.569130][ T1186] usb 3-1: SerialNumber: syz
[  291.586479][ T1186] usb 3-1: config 0 descriptor??
[  291.736646][ T5836] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  291.831804][ T1186] RobotFuzz Open Source InterFace, OSIF 3-1:0.0: version d4.15 found at bus 003 address 012
[  291.928099][ T5816] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  291.948255][ T5836] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  291.960371][ T5836] usb 7-1: config 0 has no interface number 0
[  291.980514][ T5836] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  292.000137][ T5836] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.021236][ T5836] usb 7-1: Product: syz
[  292.025462][ T5836] usb 7-1: Manufacturer: syz
[  292.042154][ T5836] usb 7-1: SerialNumber: syz
[  292.050602][ T5836] usb 7-1: config 0 descriptor??
[  292.074252][ T1186] usb 3-1: USB disconnect, device number 12
[  292.159367][ T5816] usb 6-1: config 0 has no interfaces?
[  292.165186][ T5816] usb 6-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  292.175044][ T5816] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.188009][ T5816] usb 6-1: config 0 descriptor??
[  292.276661][ T5836] usb 7-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  292.302974][T10181] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1272'.
[  292.311434][ T5836] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  292.322906][ T5836] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  292.331113][ T5836] usb 7-1: media controller created
[  292.357244][ T5836] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  292.377939][T10181] netlink: 58 bytes leftover after parsing attributes in process `syz.4.1272'.
[  292.441234][   T27] usb 6-1: USB disconnect, device number 9
[  293.227945][T10192] loop2: detected capacity change from 0 to 1024
[  293.478186][   T48] hfsplus: b-tree write err: -5, ino 4
[  293.485580][ T5836] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  293.577335][ T5836] usb 7-1: USB disconnect, device number 5
[  294.234337][T10197] loop5: detected capacity change from 0 to 32768
[  294.288007][T10195] loop2: detected capacity change from 0 to 40427
[  294.296457][T10195] F2FS-fs (loop2): Wrong segment_count / block_count (31 > 0)
[  294.311683][T10197] 
[  294.311683][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.311683][T10197] 
[  294.328833][T10195] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  294.384907][T10195] F2FS-fs (loop2): invalid crc value
[  294.417196][T10195] F2FS-fs (loop2): Found nat_bits in checkpoint
[  294.477293][T10197] 
[  294.477293][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.477293][T10197] 
[  294.516665][T10197] 
[  294.516665][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.516665][T10197] 
[  294.555524][T10197] 
[  294.555524][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.555524][T10197] 
[  294.576467][T10203] loop6: detected capacity change from 0 to 4096
[  294.577783][T10197] 
[  294.577783][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.577783][T10197] 
[  294.596392][T10197] 
[  294.596392][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.596392][T10197] 
[  294.608091][T10195] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  294.615801][T10197] 
[  294.615801][T10197]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.615801][T10197] 
[  294.626553][T10195] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  294.639486][T10203] ntfs3: loop6: Different NTFS sector size (2048) and media sector size (512).
[  294.680597][  T112] 
[  294.680597][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.680597][  T112] 
[  294.781105][ T8069] 
[  294.781105][ T8069]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.781105][ T8069] 
[  294.811598][ T8069] 
[  294.811598][ T8069]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  294.811598][ T8069] 
[  295.308812][T10211] loop6: detected capacity change from 0 to 512
[  295.354077][T10211] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  295.396423][T10211] EXT4-fs (loop6): 1 truncate cleaned up
[  295.433162][T10211] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.704826][T10223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1290'.
[  295.900259][ T8142] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  295.929184][ T8142] EXT4-fs (loop6): Remounting filesystem read-only
[  296.166856][   T27] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  296.284230][ T8142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.393804][   T27] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  296.428032][   T27] usb 3-1: config 0 has no interface number 0
[  296.465448][   T27] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  296.484376][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.502819][   T27] usb 3-1: Product: syz
[  296.517321][   T11] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.528105][   T27] usb 3-1: Manufacturer: syz
[  296.532739][   T27] usb 3-1: SerialNumber: syz
[  296.562833][   T27] usb 3-1: config 0 descriptor??
[  296.745899][   T11] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.821753][   T27] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  296.848925][   T27] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  296.866860][   T27] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  296.874968][   T27] usb 3-1: media controller created
[  296.917664][   T11] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.970006][   T27] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  297.033577][   T11] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.090333][   T27] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  297.125880][T10245] loop5: detected capacity change from 0 to 512
[  297.197252][   T27] usb 3-1: USB disconnect, device number 13
[  297.297814][T10245] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.330585][T10245] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  297.537025][   T11] tipc: Left network mode
[  297.676264][ T8069] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.842743][ T5080] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  297.883027][ T5080] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  297.893155][ T5080] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  297.904497][ T5080] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  297.913526][ T5080] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  297.922842][ T5080] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  298.439446][ T5816] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  298.658368][ T5816] usb 3-1: Using ep0 maxpacket: 16
[  298.669090][ T5816] usb 3-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  298.687343][ T5816] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.695410][ T5816] usb 3-1: Product: syz
[  298.716608][ T5816] usb 3-1: Manufacturer: syz
[  298.721277][ T5816] usb 3-1: SerialNumber: syz
[  298.940984][T10251] chnl_net:caif_netlink_parms(): no params data found
[  298.981582][ T5816] usb 3-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  299.009650][ T5816] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  299.026877][ T5816] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  299.047150][ T5816] usb 3-1: media controller created
[  299.098186][ T5816] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  299.237451][T10266] loop5: detected capacity change from 0 to 32768
[  299.324985][T10266] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  299.360247][ T5816] zl10353_read_register: readreg error (reg=127, ret==-110)
[  299.408890][ T5816] dvb_usb_gl861: probe of 3-1:157.0 failed with error -5
[  299.420095][ T5816] usb 3-1: USB disconnect, device number 14
[  299.639996][T10251] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.652621][T10251] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.660974][T10251] bridge_slave_0: entered allmulticast mode
[  299.668665][T10251] bridge_slave_0: entered promiscuous mode
[  299.685270][ T8069] ocfs2: Unmounting device (7,5) on (node local)
[  299.837463][T10251] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.844694][T10251] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.866838][T10251] bridge_slave_1: entered allmulticast mode
[  299.880595][T10251] bridge_slave_1: entered promiscuous mode
[  299.982845][   T11] hsr_slave_0: left promiscuous mode
[  300.002687][   T11] hsr_slave_1: left promiscuous mode
[  300.017430][ T5080] Bluetooth: hci2: command tx timeout
[  300.068596][   T11] veth1_macvtap: left promiscuous mode
[  300.074212][   T11] veth0_macvtap: left promiscuous mode
[  300.082393][   T11] veth1_vlan: left promiscuous mode
[  300.087840][   T11] veth0_vlan: left promiscuous mode
[  301.094645][ T5080] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  301.707511][T10311] loop5: detected capacity change from 0 to 32768
[  301.761155][T10311] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  301.771234][T10311] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  301.871170][T10311] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  301.919480][T10311] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  302.097351][ T5080] Bluetooth: hci2: command tx timeout
[  302.396010][   T11] team0 (unregistering): Port device bond0 removed
[  302.436288][   T11] bond0 (unregistering): Released all slaves
[  302.543298][T10251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  302.568255][T10251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.759669][T10251] team0: Port device team_slave_0 added
[  302.792946][T10251] team0: Port device team_slave_1 added
[  302.861106][T10251] batman_adv: batadv0: Adding interface: batadv_slave_0
[  302.883821][T10251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.935152][T10251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  302.990257][T10251] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.031889][T10251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.076842][ T5755] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  303.092755][T10251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.286747][T10251] hsr_slave_0: entered promiscuous mode
[  303.308410][ T5755] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  303.340454][ T5755] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.356972][T10251] hsr_slave_1: entered promiscuous mode
[  303.368266][ T5755] usb 5-1: config 0 descriptor??
[  303.384866][ T5755] cp210x 5-1:0.0: cp210x converter detected
[  303.390509][T10251] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  303.416676][T10251] Cannot create hsr debugfs directory
[  303.592646][T10335] loop5: detected capacity change from 0 to 1024
[  303.639500][T10335] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  303.667446][T10335] EXT4-fs (loop5): required journal recovery suppressed and not mounted read-only
[  303.793867][ T5755] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32
[  304.018704][ T5755] cp210x 5-1:0.0: failed to get vendor val 0x370c size 15: -71
[  304.040615][ T5755] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  304.064931][ T5755] usb 5-1: cp210x converter now attached to ttyUSB0
[  304.107538][ T5755] usb 5-1: USB disconnect, device number 11
[  304.165853][ T5755] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  304.176831][ T5080] Bluetooth: hci2: command tx timeout
[  304.193225][ T5755] cp210x 5-1:0.0: device disconnected
[  304.782592][T10251] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  304.809954][T10251] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  304.897096][T10251] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  304.929872][T10251] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  304.983049][T10366] loop2: detected capacity change from 0 to 512
[  305.006675][T10366] EXT4-fs: Ignoring removed nomblk_io_submit option
[  305.013410][T10366] EXT4-fs: Ignoring removed nomblk_io_submit option
[  305.069586][T10366] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  305.130196][T10366] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  305.247245][T10366] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  305.397421][T10366] EXT4-fs (loop2): 1 truncate cleaned up
[  305.427561][T10366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.462852][T10251] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.530491][T10366] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #2: block 4: comm syz.2.1330: lblock 0 mapped to illegal pblock 4 (length 1)
[  305.571557][T10251] 8021q: adding VLAN 0 to HW filter on device team0
[  305.596958][T10366] EXT4-fs (loop2): Remounting filesystem read-only
[  305.643235][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.650481][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.694612][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.701868][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.728540][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.838215][T10251] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  306.196582][   T28] audit: type=1107 audit(1768917564.505:31): pid=10395 uid=0 auid=0 ses=1 subj=unconfined msg=''
[  306.259447][ T5080] Bluetooth: hci2: command tx timeout
[  306.448260][T10251] 8021q: adding VLAN 0 to HW filter on device batadv0
[  306.854279][T10420] loop5: detected capacity change from 0 to 512
[  306.872780][T10420] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  306.994951][   T28] audit: type=1800 audit(1768917565.315:32): pid=10420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1341" name="file1" dev="loop5" ino=1048631 res=0 errno=0
[  307.022377][T10420] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  307.079383][T10420] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 548)
[  307.419978][T10251] veth0_vlan: entered promiscuous mode
[  307.507671][T10251] veth1_vlan: entered promiscuous mode
[  307.641068][T10251] veth0_macvtap: entered promiscuous mode
[  307.674069][T10251] veth1_macvtap: entered promiscuous mode
[  307.734220][T10251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.748723][T10410] loop2: detected capacity change from 0 to 32768
[  307.775926][T10251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.787458][T10410] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1338 (10410)
[  307.813152][T10251] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.842999][T10410] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  307.864714][T10251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.897246][T10410] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  307.906123][T10410] BTRFS info (device loop2): metadata ratio 2
[  307.913230][T10251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.934831][T10251] batman_adv: batadv0: Interface activated: batadv_slave_1
[  307.948176][T10410] BTRFS info (device loop2): allowing degraded mounts
[  307.955010][T10410] BTRFS info (device loop2): force zlib compression, level 3
[  307.979285][T10251] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.004947][T10410] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  308.016201][T10251] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.036708][T10410] BTRFS info (device loop2): use zstd compression, level 3
[  308.044083][T10410] BTRFS info (device loop2): force clearing of disk cache
[  308.047589][T10251] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.076580][T10251] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.105740][T10410] BTRFS info (device loop2): turning on flush-on-commit
[  308.149534][T10410] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  308.217590][T10410] BTRFS info (device loop2): trying to use backup root at mount time
[  308.286867][T10410] BTRFS info (device loop2): using free space tree
[  308.489655][ T9040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.560660][ T9040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.586335][T10410] BTRFS info (device loop2): enabling ssd optimizations
[  308.601345][T10410] BTRFS info (device loop2): rebuilding free space tree
[  308.699150][ T4406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.726803][ T4406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.114459][T10437] loop5: detected capacity change from 0 to 32768
[  309.155549][T10437] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1344 (10437)
[  309.216686][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  309.255867][T10437] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  309.316717][T10437] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  309.336482][T10437] BTRFS info (device loop5): using free space tree
[  309.508939][T10437] BTRFS info (device loop5): enabling ssd optimizations
[  309.533265][T10437] BTRFS info (device loop5): auto enabling async discard
[  309.738809][ T5780] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  310.294331][   T48] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  310.307053][ T8069] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  310.898494][T10493] loop6: detected capacity change from 0 to 4096
[  310.929896][T10493] ntfs: (device loop6): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  311.008417][T10493] ntfs: (device loop6): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  311.041313][T10499] loop2: detected capacity change from 0 to 1024
[  311.070542][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.110966][T10499] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  311.137788][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  311.137898][T10499] EXT4-fs (loop2): required journal recovery suppressed and not mounted read-only
[  311.158728][ T1186] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  311.219568][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.268945][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  311.352980][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.391699][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  311.430876][ T1186] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.451344][ T1186] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  311.487867][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.500920][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  311.501617][ T1186] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  311.563625][ T1186] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.582958][ T1186] usb 6-1: config 0 descriptor??
[  311.596737][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.605506][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x2, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  311.626092][ T1186] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  311.636684][ T1186] dvb-usb: bulk message failed: -22 (3/0)
[  311.656791][ T1186] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  311.668983][ T1186] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  311.676243][ T1186] usb 6-1: media controller created
[  311.686141][ T1186] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  311.701233][T10493] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  311.729446][T10493] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x2, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  311.764958][ T1186] dvb-usb: bulk message failed: -22 (6/0)
[  311.787119][ T1186] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  311.810802][ T1186] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input17
[  311.828189][T10493] ntfs: volume version 3.1.
[  311.883153][ T1186] dvb-usb: schedule remote query interval to 150 msecs.
[  311.910055][ T1186] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  312.070549][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  312.077661][    T9] dvb-usb: error while querying for an remote control event.
[  312.156934][ T5836] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  312.236727][ T1186] dvb-usb: bulk message failed: -22 (1/0)
[  312.242554][ T1186] dvb-usb: error while querying for an remote control event.
[  312.365944][ T5836] usb 3-1: Using ep0 maxpacket: 16
[  312.373444][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.390846][ T5836] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  312.404035][   T27] usb 6-1: USB disconnect, device number 10
[  312.416813][ T1186] dvb-usb: bulk message failed: -22 (1/0)
[  312.422687][ T1186] dvb-usb: error while querying for an remote control event.
[  312.428088][ T5836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.474067][ T5836] usb 3-1: config 0 descriptor??
[  312.588464][   T27] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  312.941151][ T5836] mcp2221 0003:04D8:00DD.000F: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  313.480894][   T27] usb 3-1: USB disconnect, device number 15
[  313.907857][T10513] loop6: detected capacity change from 0 to 32768
[  313.926775][T10513] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 scanned by syz.6.1355 (10513)
[  313.994675][T10513] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  314.037707][T10513] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  314.056228][T10513] BTRFS info (device loop6): using free space tree
[  314.231234][T10541] loop2: detected capacity change from 0 to 128
[  314.274323][T10513] BTRFS info (device loop6): enabling ssd optimizations
[  314.330501][T10513] BTRFS info (device loop6): auto enabling async discard
[  314.341088][T10541] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  314.445844][T10541] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.529691][T10541] fscrypt (loop2, inode 12): Mutually exclusive encryption flags (0x1a)
[  314.656078][ T5780] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  314.720963][T10550] loop5: detected capacity change from 0 to 256
[  314.729384][T10251] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  314.740762][T10550] exfat: Deprecated parameter 'namecase'
[  314.768997][T10550] exfat: Deprecated parameter 'namecase'
[  314.857761][T10550] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  314.947863][T10550] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  315.256180][T10559] netlink: 'syz.6.1367': attribute type 5 has an invalid length.
[  315.898528][T10575] loop5: detected capacity change from 0 to 256
[  315.923413][T10576] loop6: detected capacity change from 0 to 1764
[  316.214958][T10583] netlink: 'syz.2.1378': attribute type 5 has an invalid length.
[  316.706797][ T1186] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  316.919065][ T1186] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.965411][ T1186] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  316.985294][ T1186] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.002843][ T1186] usb 3-1: config 0 descriptor??
[  317.015170][ T1186] pwc: Askey VC010 type 2 USB webcam detected.
[  317.384297][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  317.394855][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  317.629793][ T1186] pwc: recv_control_msg error -71 req 02 val 2700
[  317.640333][ T1186] pwc: recv_control_msg error -71 req 02 val 2c00
[  317.660470][ T1186] pwc: recv_control_msg error -71 req 04 val 1000
[  317.677126][ T1186] pwc: recv_control_msg error -71 req 04 val 1300
[  317.696834][ T1186] pwc: recv_control_msg error -71 req 04 val 1400
[  317.703963][ T1186] pwc: recv_control_msg error -71 req 02 val 2000
[  317.727989][ T1186] pwc: recv_control_msg error -71 req 02 val 2100
[  317.750803][ T1186] pwc: recv_control_msg error -71 req 04 val 1500
[  317.789385][ T1186] pwc: recv_control_msg error -71 req 02 val 2500
[  317.806997][ T1186] pwc: recv_control_msg error -71 req 02 val 2400
[  317.817943][ T1186] pwc: recv_control_msg error -71 req 02 val 2600
[  317.835156][ T1186] pwc: recv_control_msg error -71 req 02 val 2900
[  317.855033][ T1186] pwc: recv_control_msg error -71 req 02 val 2800
[  317.873543][ T1186] pwc: recv_control_msg error -71 req 04 val 1100
[  317.891711][ T1186] pwc: recv_control_msg error -71 req 04 val 1200
[  317.913111][ T1186] pwc: Registered as video103.
[  317.932112][ T1186] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input18
[  317.997282][ T1186] usb 3-1: USB disconnect, device number 16
[  318.022556][T10608] netlink: 'syz.5.1388': attribute type 1 has an invalid length.
[  318.046715][T10608] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1388'.
[  318.257609][T10612] netlink: 'syz.5.1390': attribute type 5 has an invalid length.
[  318.676688][ T5836] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  318.862557][T10625] loop2: detected capacity change from 0 to 8192
[  318.889946][ T5836] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  318.917211][ T5836] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  318.930138][T10625] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  318.960005][T10628] netlink: 4444 bytes leftover after parsing attributes in process `syz.6.1396'.
[  318.986727][T10625] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  319.006838][ T5836] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  319.015943][ T5836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  319.024329][T10625] REISERFS (device loop2): using ordered data mode
[  319.054079][T10625] reiserfs: using flush barriers
[  319.093376][T10625] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  319.110570][ T5836] usb 6-1: SerialNumber: syz
[  319.135568][T10625] REISERFS (device loop2): checking transaction log (loop2)
[  319.151755][T10625] REISERFS (device loop2): Using r5 hash to sort names
[  319.161915][T10625] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  319.397490][ T5836] usb 6-1: 0:2 : does not exist
[  319.448192][ T5836] usb 6-1: USB disconnect, device number 11
[  319.456626][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  319.576304][T10634] vcan0: tx drop: invalid da for name 0x00000000000000f0
[  319.622496][ T6738] udevd[6738]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  320.136652][ T5755] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  320.326628][ T5755] usb 7-1: Using ep0 maxpacket: 8
[  320.343973][ T5755] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  320.373907][ T5755] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.420406][ T5755] pvrusb2: Hardware description: Terratec Grabster AV400
[  320.466791][ T5755] pvrusb2: **********
[  320.477924][ T5755] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  320.497464][ T5755] pvrusb2: Important functionality might not be entirely working.
[  320.516109][ T5755] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  320.530480][ T5755] pvrusb2: **********
[  320.625706][ T2318] pvrusb2: Invalid write control endpoint
[  320.721488][ T5836] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  320.750876][T10657] loop2: detected capacity change from 0 to 512
[  320.773067][ T2318] pvrusb2: Invalid write control endpoint
[  320.790216][ T2318] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  320.820239][ T2318] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  320.829891][ T2318] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  320.843921][ T2318] pvrusb2: Device being rendered inoperable
[  320.854654][ T2318] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  320.864685][ T2318] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b)
[  320.874731][ T2318] pvrusb2: Attached sub-driver cx25840
[  320.893228][ T2318] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  320.916076][ T1186] usb 7-1: USB disconnect, device number 6
[  320.934993][ T5836] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  320.954110][T10657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.982702][ T2318] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  320.993665][ T5836] usb 6-1: config 0 interface 0 has no altsetting 0
[  321.004907][T10657] ext4 filesystem being mounted at /373/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.015580][ T5836] usb 6-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00
[  321.044125][ T5836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.097511][ T5836] usb 6-1: config 0 descriptor??
[  321.107775][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  321.107788][   T28] audit: type=1800 audit(1768917579.435:33): pid=10657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1409" name="file1" dev="loop2" ino=15 res=0 errno=0
[  321.155707][T10652] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  321.215476][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.641569][ T5836] uclogic 0003:28BD:0078.0010: interface is invalid, ignoring
[  321.654257][T10666] loop6: detected capacity change from 0 to 2048
[  321.703130][T10666] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  321.760114][T10669] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.871171][ T5816] usb 6-1: USB disconnect, device number 12
[  322.525226][T10671] loop2: detected capacity change from 0 to 32768
[  322.590507][T10671] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  322.664956][T10671] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  322.955959][T10688] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  323.164784][T10692] loop5: detected capacity change from 0 to 128
[  323.175978][ T5780] ocfs2: Unmounting device (7,2) on (node local)
[  323.461740][T10692] syz.5.1421: attempt to access beyond end of device
[  323.461740][T10692] loop5: rw=2049, sector=185, nr_sectors = 856 limit=128
[  323.608646][ T9040] kworker/u4:8: attempt to access beyond end of device
[  323.608646][ T9040] loop5: rw=1, sector=145, nr_sectors = 40 limit=128
[  323.929171][T10704] loop6: detected capacity change from 0 to 2048
[  323.980065][T10707] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  324.137309][T10704] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  324.219218][T10704] Remounting filesystem read-only
[  324.225747][T10704] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  324.267342][T10704] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  324.302730][T10709] loop5: detected capacity change from 0 to 4096
[  324.328543][T10704] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  324.379589][T10704] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  324.415875][T10709] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.446701][   T28] audit: type=1800 audit(1768917582.755:34): pid=10704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1427" name="file2" dev="loop6" ino=16 res=0 errno=0
[  324.451181][T10710] NILFS (loop6): error -2 truncating bmap (ino=16)
[  324.480497][T10711] NILFS (loop6): mounting fs with errors
[  324.625279][T10707] NILFS (loop6): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[  324.663794][T10707] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=16)
[  324.687470][T10707] Remounting filesystem read-only
[  324.692679][ T3042] NILFS (loop6): discard dirty page: offset=0, ino=3
[  324.706914][ T3042] NILFS (loop6): discard dirty block: blocknr=42, size=1024
[  324.746892][ T3042] NILFS (loop6): discard dirty block: blocknr=43, size=1024
[  324.754251][ T3042] NILFS (loop6): discard dirty block: blocknr=44, size=1024
[  324.806699][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  324.815670][ T3042] NILFS (loop6): discard dirty page: offset=4096, ino=6
[  324.862313][ T3042] NILFS (loop6): discard dirty block: blocknr=39, size=1024
[  324.873984][ T8069] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.897488][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  324.906725][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  324.915639][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  324.946796][ T3042] NILFS (loop6): discard dirty page: offset=0, ino=5
[  324.953592][ T3042] NILFS (loop6): discard dirty block: blocknr=41, size=1024
[  325.034313][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  325.035525][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  325.043424][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  325.043480][ T3042] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  325.094862][T10251] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  325.127115][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  325.152311][T10251] NILFS (loop6): discard dirty page: offset=0, ino=16
[  325.159841][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  325.187275][T10251] NILFS (loop6): discard dirty block: blocknr=23, size=1024
[  325.194646][T10251] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  325.206105][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  325.236766][T10251] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  325.245713][T10251] NILFS (loop6): discard dirty block: blocknr=26, size=1024
[  325.253577][   T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  325.261263][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  325.403698][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.451282][T10720] loop6: detected capacity change from 0 to 512
[  325.507790][T10720] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.567649][T10720] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.653335][T10251] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.665969][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.832016][T10724] loop6: detected capacity change from 0 to 1024
[  325.845088][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.861636][T10724] EXT4-fs: Ignoring removed orlov option
[  325.906075][T10724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.062670][T10251] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.128633][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.498152][T10714] chnl_net:caif_netlink_parms(): no params data found
[  326.514667][T10718] loop5: detected capacity change from 0 to 40427
[  326.524669][T10718] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  326.558814][T10718] F2FS-fs (loop5): invalid crc value
[  326.580978][T10718] F2FS-fs (loop5): Found nat_bits in checkpoint
[  326.777939][T10718] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  326.818954][T10729] loop2: detected capacity change from 0 to 32768
[  326.889554][   T12] tipc: Left network mode
[  326.895869][T10729] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  327.107623][ T8069] syz-executor: attempt to access beyond end of device
[  327.107623][ T8069] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  327.166305][ T8069] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  327.248256][T10729] XFS (loop2): Ending clean mount
[  327.269551][T10729] XFS (loop2): Quotacheck needed: Please wait.
[  327.376479][T10714] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.389400][   T51] Bluetooth: hci1: command tx timeout
[  327.403387][T10714] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.420474][T10714] bridge_slave_0: entered allmulticast mode
[  327.431051][T10729] XFS (loop2): Quotacheck: Done.
[  327.468411][T10714] bridge_slave_0: entered promiscuous mode
[  327.652117][T10714] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.676075][T10714] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.698758][T10714] bridge_slave_1: entered allmulticast mode
[  327.715125][T10714] bridge_slave_1: entered promiscuous mode
[  327.761720][ T5780] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  327.906608][    T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  327.922072][T10714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  328.004928][T10714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.149901][    T9] usb 7-1: Using ep0 maxpacket: 16
[  328.157496][    T9] usb 7-1: config 223 has too many interfaces: 142, using maximum allowed: 32
[  328.166905][    T9] usb 7-1: config 223 has an invalid descriptor of length 0, skipping remainder of the config
[  328.200966][    T9] usb 7-1: config 223 has 1 interface, different from the descriptor's value: 142
[  328.246446][    T9] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  328.286773][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.294840][    T9] usb 7-1: Product: syz
[  328.334760][    T9] usb 7-1: Manufacturer: syz
[  328.339998][ T5755] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  328.356731][    T9] usb 7-1: SerialNumber: syz
[  328.422147][T10714] team0: Port device team_slave_0 added
[  328.567413][T10714] team0: Port device team_slave_1 added
[  328.577018][ T5755] usb 6-1: Using ep0 maxpacket: 32
[  328.584729][ T5755] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  328.596572][ T5755] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.634701][ T5755] usb 6-1: config 0 descriptor??
[  328.648996][    T9] usb 7-1: 0:2 : does not exist
[  328.715814][    T9] usb 7-1: USB disconnect, device number 7
[  328.889285][ T5755] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  328.923144][ T5755] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  328.948560][ T5755] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  328.967073][ T5755] usb 6-1: media controller created
[  329.021683][ T5755] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  329.115329][T10714] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.130360][ T5755] az6027: usb out operation failed. (-71)
[  329.155608][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.182476][ T5755] az6027: usb out operation failed. (-71)
[  329.190257][ T5755] stb0899_attach: Driver disabled by Kconfig
[  329.196294][ T5755] az6027: no front-end attached
[  329.196294][ T5755] 
[  329.204217][T10714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.221833][ T5755] az6027: usb out operation failed. (-71)
[  329.247746][ T5755] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  329.262627][ T5755] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input19
[  329.264252][T10714] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.287216][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.312817][ T5755] dvb-usb: schedule remote query interval to 400 msecs.
[  329.336654][ T5755] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  329.349392][T10714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.363068][ T5755] usb 6-1: USB disconnect, device number 13
[  329.457821][   T51] Bluetooth: hci1: command tx timeout
[  329.549048][ T5755] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  329.686470][T10714] hsr_slave_0: entered promiscuous mode
[  329.694759][T10714] hsr_slave_1: entered promiscuous mode
[  329.703416][T10714] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  329.713063][T10714] Cannot create hsr debugfs directory
[  329.906675][    T9] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  330.056142][   T12] hsr_slave_0: left promiscuous mode
[  330.107591][   T12] hsr_slave_1: left promiscuous mode
[  330.174475][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  330.190295][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.212643][    T9] usb 3-1: New USB device found, idVendor=056a, idProduct=f43b, bcdDevice=ff.ff
[  330.232254][    T9] usb 3-1: New USB device strings: Mfr=255, Product=0, SerialNumber=0
[  330.248450][    T9] usb 3-1: Manufacturer: syz
[  330.254874][   T12] veth1_macvtap: left promiscuous mode
[  330.263532][    T9] usb 3-1: config 0 descriptor??
[  330.269016][   T12] veth0_macvtap: left promiscuous mode
[  330.284821][   T12] veth1_vlan: left promiscuous mode
[  330.294492][   T12] veth0_vlan: left promiscuous mode
[  330.503576][T10781] loop2: detected capacity change from 0 to 512
[  330.532296][T10781] EXT4-fs: quotafile must be on filesystem root
[  330.691363][T10783] loop6: detected capacity change from 0 to 32768
[  330.807794][    T9] wacom 0003:056A:F43B.0011: Unknown device_type for 'syz'. Ignoring.
[  331.060036][ T5755] usb 3-1: USB disconnect, device number 17
[  331.536691][   T51] Bluetooth: hci1: command tx timeout
[  332.959584][T10813] loop6: detected capacity change from 0 to 131072
[  333.008850][T10813] F2FS-fs (loop6): Found nat_bits in checkpoint
[  333.086488][T10813] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  333.174695][T10813] F2FS-fs (loop6): lookup inode (7) has corrupted xattr
[  333.623016][   T51] Bluetooth: hci1: command tx timeout
[  333.773430][   T12] team0 (unregistering): Port device bond0 removed
[  333.860337][T10823] loop2: detected capacity change from 0 to 32768
[  333.893682][   T12] bond0 (unregistering): Released all slaves
[  333.907662][T10823] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  334.023109][T10823] XFS (loop2): Ending clean mount
[  334.194046][ T5780] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  334.982953][T10714] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  335.027580][T10714] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  335.069656][T10714] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  335.114027][T10714] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  335.492571][T10714] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.549476][T10714] 8021q: adding VLAN 0 to HW filter on device team0
[  335.640606][ T9040] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.647844][ T9040] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.725514][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.732886][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.442233][T10714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.626761][ T5854] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  336.829069][ T5854] usb 3-1: Using ep0 maxpacket: 32
[  336.848875][ T5854] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  336.864521][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.889698][ T5854] usb 3-1: config 0 descriptor??
[  336.921090][T10898] loop6: detected capacity change from 0 to 512
[  336.943774][T10874] loop5: detected capacity change from 0 to 32768
[  336.999763][T10898] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.024146][T10874] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  337.086560][   T28] audit: type=1800 audit(1768917595.405:35): pid=10898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1469" name="file1" dev="loop6" ino=15 res=0 errno=0
[  337.143711][ T5854] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  337.158176][ T5854] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  337.168414][ T5854] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  337.175613][ T5854] usb 3-1: media controller created
[  337.200123][ T5854] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  337.280949][T10874] XFS (loop5): Ending clean mount
[  337.334282][T10874] XFS (loop5): Quotacheck needed: Please wait.
[  337.354961][ T5854] az6027: usb out operation failed. (-71)
[  337.378403][ T5854] az6027: usb out operation failed. (-71)
[  337.392004][ T5854] stb0899_attach: Driver disabled by Kconfig
[  337.407470][ T5854] az6027: no front-end attached
[  337.407470][ T5854] 
[  337.425572][ T5854] az6027: usb out operation failed. (-71)
[  337.433533][T10714] veth0_vlan: entered promiscuous mode
[  337.455304][ T5854] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  337.463528][T10874] XFS (loop5): Quotacheck: Done.
[  337.484245][T10714] veth1_vlan: entered promiscuous mode
[  337.521195][ T5854] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input23
[  337.598423][T10251] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.609155][ T5854] dvb-usb: schedule remote query interval to 400 msecs.
[  337.616149][ T5854] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  337.678026][ T5854] usb 3-1: USB disconnect, device number 18
[  337.713562][T10714] veth0_macvtap: entered promiscuous mode
[  337.750236][T10714] veth1_macvtap: entered promiscuous mode
[  337.801598][ T8069] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  337.829745][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.893283][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.918927][ T5854] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  337.928492][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.957644][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.010847][T10714] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.079982][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.116976][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.153740][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.167346][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.238295][T10714] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.289038][T10714] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.303911][T10714] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.314550][T10714] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.327831][T10714] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.631850][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.663867][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.742430][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.777304][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.005480][T10939] loop2: detected capacity change from 0 to 2048
[  339.112017][T10945] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  339.191474][T10939] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  339.239508][T10939] Remounting filesystem read-only
[  339.254375][T10925] loop6: detected capacity change from 0 to 32768
[  339.279026][T10939] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  339.318952][T10939] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  339.339789][T10948] NILFS (loop2): mounting fs with errors
[  339.393015][T10939] Remounting filesystem read-only
[  339.432404][T10925] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  339.475656][T10939] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  339.509675][T10939] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  339.546752][   T28] audit: type=1800 audit(1768917597.865:36): pid=10939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1476" name="file2" dev="loop2" ino=16 res=0 errno=0
[  339.576964][T10946] NILFS (loop2): error -2 truncating bmap (ino=16)
[  339.652142][T10925] 
[  339.654545][T10925] ======================================================
[  339.661603][T10925] WARNING: possible circular locking dependency detected
[  339.668664][T10925] syzkaller #0 Not tainted
[  339.673103][T10925] ------------------------------------------------------
[  339.680161][T10925] syz.6.1472/10925 is trying to acquire lock:
[  339.686255][T10925] ffff88805cb5b498 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_xattr_set+0xba4/0x13e0
[  339.698508][T10925] 
[  339.698508][T10925] but task is already holding lock:
[  339.705903][T10925] ffff888076721538 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  339.715445][T10925] 
[  339.715445][T10925] which lock already depends on the new lock.
[  339.715445][T10925] 
[  339.725881][T10925] 
[  339.725881][T10925] the existing dependency chain (in reverse order) is:
[  339.734929][T10925] 
[  339.734929][T10925] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[  339.742801][T10925]        down_read+0x46/0x2e0
[  339.747528][T10925]        ocfs2_init_acl+0x30a/0x770
[  339.752777][T10925]        ocfs2_mknod+0x140f/0x2300
[  339.758037][T10925]        ocfs2_mkdir+0x196/0x430
[  339.763020][T10925]        vfs_mkdir+0x296/0x440
[  339.767830][T10925]        do_mkdirat+0x1dc/0x450
[  339.772726][T10925]        __x64_sys_mkdirat+0x89/0xa0
[  339.778047][T10925]        do_syscall_64+0x55/0xa0
[  339.783024][T10925]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  339.789488][T10925] 
[  339.789488][T10925] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  339.798054][T10925]        down_read+0x46/0x2e0
[  339.802861][T10925]        ocfs2_start_trans+0x3a8/0x6f0
[  339.808390][T10925]        ocfs2_reserve_suballoc_bits+0x7ad/0x44c0
[  339.814847][T10925]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  339.821753][T10925]        ocfs2_extend_dir+0xcca/0x48b0
[  339.827244][T10925]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  339.833873][T10925]        ocfs2_symlink+0xba8/0x2700
[  339.839108][T10925]        vfs_symlink+0x138/0x2b0
[  339.844087][T10925]        do_symlinkat+0x1ba/0x400
[  339.849140][T10925]        __x64_sys_symlink+0x7e/0x90
[  339.854481][T10925]        do_syscall_64+0x55/0xa0
[  339.859455][T10925]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  339.865915][T10925] 
[  339.865915][T10925] -> #2 (sb_internal#4){.+.+}-{0:0}:
[  339.873447][T10925]        ocfs2_start_trans+0x2a9/0x6f0
[  339.879041][T10925]        ocfs2_reserve_suballoc_bits+0x7ad/0x44c0
[  339.885509][T10925]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  339.892409][T10925]        ocfs2_extend_dir+0xcca/0x48b0
[  339.897901][T10925]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  339.904519][T10925]        ocfs2_symlink+0xba8/0x2700
[  339.909839][T10925]        vfs_symlink+0x138/0x2b0
[  339.914818][T10925]        do_symlinkat+0x1ba/0x400
[  339.919872][T10925]        __x64_sys_symlink+0x7e/0x90
[  339.925181][T10925]        do_syscall_64+0x55/0xa0
[  339.930149][T10925]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  339.936614][T10925] 
[  339.936614][T10925] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  339.947182][T10925]        down_write+0x97/0x200
[  339.951989][T10925]        __ocfs2_flush_truncate_log+0x352/0x1130
[  339.958368][T10925]        ocfs2_flush_truncate_log+0x4f/0x60
[  339.964304][T10925]        ocfs2_sync_fs+0x11d/0x330
[  339.969455][T10925]        sync_filesystem+0x1c2/0x220
[  339.974788][T10925]        generic_shutdown_super+0x6f/0x2b0
[  339.980642][T10925]        kill_block_super+0x44/0x90
[  339.985868][T10925]        deactivate_locked_super+0x97/0x100
[  339.991806][T10925]        cleanup_mnt+0x43b/0x4d0
[  339.996780][T10925]        task_work_run+0x1d4/0x260
[  340.001938][T10925]        exit_to_user_mode_loop+0xe6/0x110
[  340.007785][T10925]        exit_to_user_mode_prepare+0xee/0x180
[  340.013901][T10925]        syscall_exit_to_user_mode+0x1a/0x50
[  340.019940][T10925]        do_syscall_64+0x61/0xa0
[  340.024912][T10925]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.031386][T10925] 
[  340.031386][T10925] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}:
[  340.041947][T10925]        __lock_acquire+0x2df1/0x7d40
[  340.047361][T10925]        lock_acquire+0x19e/0x420
[  340.052435][T10925]        down_write+0x97/0x200
[  340.057240][T10925]        ocfs2_xattr_set+0xba4/0x13e0
[  340.062658][T10925]        __vfs_setxattr+0x431/0x470
[  340.067909][T10925]        __vfs_setxattr_noperm+0x12d/0x5e0
[  340.073780][T10925]        vfs_setxattr+0x16b/0x2f0
[  340.078847][T10925]        path_setxattr+0x3f3/0x5d0
[  340.084000][T10925]        __x64_sys_setxattr+0xbb/0xd0
[  340.089420][T10925]        do_syscall_64+0x55/0xa0
[  340.094404][T10925]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.100864][T10925] 
[  340.100864][T10925] other info that might help us debug this:
[  340.100864][T10925] 
[  340.111122][T10925] Chain exists of:
[  340.111122][T10925]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  340.111122][T10925] 
[  340.128125][T10925]  Possible unsafe locking scenario:
[  340.128125][T10925] 
[  340.135603][T10925]        CPU0                    CPU1
[  340.141009][T10925]        ----                    ----
[  340.146406][T10925]   lock(&oi->ip_xattr_sem);
[  340.151041][T10925]                                lock(&journal->j_trans_barrier);
[  340.158888][T10925]                                lock(&oi->ip_xattr_sem);
[  340.166086][T10925]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
[  340.173412][T10925] 
[  340.173412][T10925]  *** DEADLOCK ***
[  340.173412][T10925] 
[  340.181581][T10925] 3 locks held by syz.6.1472/10925:
[  340.186842][T10925]  #0: ffff888079cba418 (sb_writers#16){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  340.196142][T10925]  #1: ffff888076721818 (&sb->s_type->i_mutex_key#23){+.+.}-{3:3}, at: vfs_setxattr+0x144/0x2f0
[  340.206642][T10925]  #2: ffff888076721538 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  340.216608][T10925] 
[  340.216608][T10925] stack backtrace:
[  340.222516][T10925] CPU: 0 PID: 10925 Comm: syz.6.1472 Not tainted syzkaller #0
[  340.229998][T10925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  340.240096][T10925] Call Trace:
[  340.243417][T10925]  <TASK>
[  340.246378][T10925]  dump_stack_lvl+0x18c/0x250
[  340.251095][T10925]  ? load_image+0x400/0x400
[  340.255651][T10925]  ? show_regs_print_info+0x20/0x20
[  340.260893][T10925]  ? print_circular_bug+0x12b/0x1a0
[  340.266165][T10925]  check_noncircular+0x2fc/0x400
[  340.271154][T10925]  ? look_up_lock_class+0x75/0x140
[  340.273539][T10959] loop5: detected capacity change from 0 to 128
[  340.276302][T10925]  ? print_deadlock_bug+0x5d0/0x5d0
[  340.287780][T10925]  ? lockdep_lock+0xf5/0x230
[  340.292408][T10925]  ? lockdep_unlock+0x146/0x2e0
[  340.297294][T10925]  ? _find_first_zero_bit+0xd3/0x100
[  340.302632][T10925]  __lock_acquire+0x2df1/0x7d40
[  340.307529][T10925]  ? ocfs2_inode_lock_full_nested+0xcdf/0x1b70
[  340.313734][T10925]  ? do_raw_spin_unlock+0x121/0x230
[  340.318976][T10925]  ? verify_lock_unused+0x140/0x140
[  340.324216][T10925]  ? free_unref_page+0x190/0x2e0
[  340.329229][T10925]  lock_acquire+0x19e/0x420
[  340.333777][T10925]  ? ocfs2_xattr_set+0xba4/0x13e0
[  340.338858][T10925]  ? __might_sleep+0xe0/0xe0
[  340.343490][T10925]  ? read_lock_is_recursive+0x20/0x20
[  340.348898][T10925]  ? _raw_spin_unlock+0x28/0x40
[  340.353799][T10925]  ? ocfs2_inode_lock_tracker+0x437/0x700
[  340.359558][T10925]  ? ocfs2_xattr_block_find+0x15b/0x4d0
[  340.365147][T10925]  down_write+0x97/0x200
[  340.369422][T10925]  ? ocfs2_xattr_set+0xba4/0x13e0
[  340.374482][T10925]  ? down_read_killable+0x340/0x340
[  340.379720][T10925]  ? ocfs2_xattr_ibody_find+0xcb/0x7c0
[  340.385226][T10925]  ocfs2_xattr_set+0xba4/0x13e0
[  340.390125][T10925]  ? __ocfs2_xattr_set_handle+0xf40/0xf40
[  340.395886][T10925]  ? __lock_acquire+0x1347/0x7d40
[  340.400954][T10925]  ? verify_lock_unused+0x140/0x140
[  340.406204][T10925]  ? ____kasan_slab_free+0x126/0x1e0
[  340.411529][T10925]  ? aa_get_newest_label+0xfd/0x5c0
[  340.416779][T10925]  ? end_current_label_crit_section+0x170/0x170
[  340.423074][T10925]  ? posix_xattr_acl+0x60/0xb0
[  340.427888][T10925]  ? ocfs2_xattr_trusted_get+0x40/0x40
[  340.433398][T10925]  __vfs_setxattr+0x431/0x470
[  340.438125][T10925]  __vfs_setxattr_noperm+0x12d/0x5e0
[  340.443455][T10925]  vfs_setxattr+0x16b/0x2f0
[  340.448014][T10925]  ? xattr_permission+0x470/0x470
[  340.453078][T10925]  ? __mnt_want_write+0x223/0x2a0
[  340.458146][T10925]  ? path_setxattr+0x3a1/0x5d0
[  340.462985][T10925]  path_setxattr+0x3f3/0x5d0
[  340.467617][T10925]  ? simple_xattrs_free+0x150/0x150
[  340.472863][T10925]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  340.478895][T10925]  ? lock_chain_count+0x20/0x20
[  340.483783][T10925]  __x64_sys_setxattr+0xbb/0xd0
[  340.488676][T10925]  do_syscall_64+0x55/0xa0
[  340.493129][T10925]  ? clear_bhb_loop+0x40/0x90
[  340.497842][T10925]  ? clear_bhb_loop+0x40/0x90
[  340.502558][T10925]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  340.508248][T10941] loop7: detected capacity change from 0 to 32768
[  340.508472][T10925] RIP: 0033:0x7fcc23b9acb9
[  340.519331][T10925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.538971][T10925] RSP: 002b:00007fcc24984028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  340.547427][T10925] RAX: ffffffffffffffda RBX: 00007fcc23e15fa0 RCX: 00007fcc23b9acb9
[  340.555435][T10925] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000200000000000
[  340.563443][T10925] RBP: 00007fcc23c08bf7 R08: 0000000000000000 R09: 0000000000000000
[  340.571444][T10925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.572611][T10941] 
[  340.572611][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  340.572611][T10941] 
[  340.579430][T10925] R13: 00007fcc23e16038 R14: 00007fcc23e15fa0 R15: 00007ffdb9541998
[  340.579454][T10925]  </TASK>
[  340.621168][ T5780] NILFS (loop2): discard dirty page: offset=4096, ino=6
[  340.649284][ T5780] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[  340.664595][T10925] OCFS2: ERROR (device loop6): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 73 has invalid next free chain record 12, but only 1 total
[  340.686753][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.696918][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.705875][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.715163][ T5780] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  340.724672][ T5780] NILFS (loop2): discard dirty page: offset=0, ino=16
[  340.731606][ T5780] NILFS (loop2): discard dirty block: blocknr=23, size=1024
[  340.739120][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.748143][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.757206][T10925] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  340.767175][ T5780] NILFS (loop2): discard dirty block: blocknr=26, size=1024
[  340.774556][T10925] OCFS2: File system is now read-only.
[  340.781859][ T5780] NILFS (loop2): discard dirty page: offset=0, ino=3
[  340.782213][T10959] syz.5.1480: attempt to access beyond end of device
[  340.782213][T10959] loop5: rw=2049, sector=169, nr_sectors = 872 limit=128
[  340.800111][T10925] (syz.6.1472,10925,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  340.812793][ T5780] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[  340.820586][ T5780] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[  340.843237][ T5780] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[  340.863083][T10925] (syz.6.1472,10925,0):ocfs2_claim_metadata:2018 ERROR: status = -30
[  340.876882][T10941] 
[  340.876882][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  340.876882][T10941] 
[  340.887583][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  340.917603][T10941] 
[  340.917603][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  340.917603][T10941] 
[  340.951156][T10925] (syz.6.1472,10925,0):ocfs2_claim_metadata:2031 ERROR: status = -30
[  340.971552][T10941] 
[  340.971552][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  340.971552][T10941] 
[  341.009086][T10925] (syz.6.1472,10925,0):ocfs2_create_xattr_block:2887 ERROR: status = -30
[  341.027715][T10941] 
[  341.027715][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.027715][T10941] 
[  341.050685][T10925] (syz.6.1472,10925,0):ocfs2_xattr_block_set:2968 ERROR: status = -30
[  341.067589][T10941] 
[  341.067589][T10941]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.067589][T10941] 
[  341.121990][  T113] 
[  341.121990][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.121990][  T113] 
[  341.186930][   T11] 
[  341.186930][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.186930][   T11] 
[  341.199914][   T11] 
[  341.199914][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.199914][   T11] 
[  341.212349][  T112] 
[  341.212349][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.212349][  T112] 
[  341.224584][T10251] ocfs2: Unmounting device (7,6) on (node local)
[  341.235629][T10714] 
[  341.235629][T10714]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.235629][T10714] 
[  341.248280][T10714] 
[  341.248280][T10714]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  341.248280][T10714]