last executing test programs:

9m37.640200116s ago: executing program 1 (id=1284):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @empty}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x0)

9m37.388214298s ago: executing program 1 (id=1289):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000001e00010028bd70000400000002000000", @ANYRES32=0x0, @ANYBLOB="00000800140009"], 0x30}}, 0x200000d0)

9m37.168594399s ago: executing program 1 (id=1292):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad01409bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

9m36.842634341s ago: executing program 1 (id=1297):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

9m36.158210245s ago: executing program 1 (id=1308):
syz_mount_image$jfs(&(0x7f0000007ec0), &(0x7f00000000c0)='./file0\x00', 0x3800400, &(0x7f0000007f40)=ANY=[@ANYBLOB='quota,errors=remount-ro,integrity,iocharset=cp932,nodiscard,nointegrity,grpquota\x00quota,resize,iocharset=iso8859-5,uid=', @ANYRESDEC, @ANYBLOB="2c726573697a653d307831303030303030303030303030307d2e30332c713a5774613f726573697a651a56e6aa0cfdc1361a8095d633812c7533727130303030303030303000303030303030303030342c736d61636b66736861743d6574002678f9edfbac5d6325f9002c00c9cd79b9b92293ead0e20c94be716523930606cc6ef6c88ed5dd6c8fb81cc77b6196e3d43dae1271234514ac36477ecbee8fdb41016eedc67e20c664c5a7fc894a373915bab00ca4ee96075b21568a2a7ddaf0bfaccabc4ce931f6ca0083a746e4b15944c420bb6a11e245a5fdd02aeea3b6868b4b5d7375c21e9cea64c58a81b11fc39a1520d573f2aa8f913b25683b8f27ab138aef26b54add549a9ede6541680e1c"], 0xfe, 0x61d3, &(0x7f0000008140)="$eJzs3c1vHGcdB/DfvvqltLV6qEqFkJuWl1KaxEkJgQJND3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0XER09FbG2vr9aLLxyyH9/9499/98Mn3vrbHwbn/vunO73XJ6139+6v/vPne0fbZgAAAChNVVVVJ33Mfz59vu+23SkAYCry63+V5OWnvv71P9/6yyz1R61Wq9XqKdRN1Xj3mkVEbDRvU79ncDgeAE6Yjfi47S7QIvkXrR8RT7TdCWCmddruAMdia3t9tZPy7TRfD5Z32/O5IPvy3+g8uL5j0vQgo+eYTOvxtRm9eGZCfxam1IdZkvPvjuZ/bbd9mNY77vynZVL+w91Ln4qT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfn//5daPv47d/RNOZRPOv67PKU+AAAAAAAAAMDjdtTx/x4w/h8AAADMrPqzeu03T+0tm/RdbPXyq52IJ0fWBwqTLpZZbLsfAAAAAAAAAAAAAFCS/u45vFc7EYOIeHJxsaqq+qdptH5UR739SVf69kPJ2n6SBwCAXR89NXItfydiPiKupu/6GywuLlbV/MJitVgtzOX3s8O5+Wqh8bk2T+tlc8NDvCHuD6v6l803btd00Oflg9pHf199X8Oqd4iOPSaD9Nec0NxS2ACQ7L4abXlFOmWq6ulJbz5gH/v/KbQUS20/rph9bT9MAQAAgONXVVXVSV/n/Xw65t9tu1MAwFTk1//R4wJHqrsT2iMez+9Xq9VqtVr9qeqmarx7zSIiNpq3qd8zGI4fAE6Yjfi47S7QIvkXrR8Rz7XdCWCmddruAMdia3t9tZPy7TRfD9L47vlckH35b3R2bpdvP256kNFzTKb1+NqMXjwzoT/PTqkPsyTn3x3N/9pu+zCtd9z5T8uk/Ic7l8yVJ+ffG81/xOnJvzs2/1Ll/PuPlH9P/gAAAAAAMMPy//8vOf6bNxkAAAAAAAAATpyt7fXVfN1rPv7/uTHruf7zdMr5dx41/4U0L/8TLeffHcn/yyPr9Rrz99/c2///vb2++vs7//psnh42/7k800mPrE56RHTSPXX6aXqUrXvY5qA3rO9p0On2+umcn2rwTtyIm7EW5/et201/j732lX3tdU8H+9ov7GvvP9R+cV/7IH3vQLWQ28/GavwkbsbbO+1129wB2z9/QHt1QHvOv+f5v0g5/37jp85/MbV3Rqa1+x92H9rvm9Nx93Plxud/ef74N+dAm9F7sG1N9fadaaE/O3+TJ4bxs9trt87evX7nzq2VSJN9Sy9EmjxmOf/Bzs/c3vP/i7vt+Xm/ub/e/3D4yPnPis3oT8z/xcZ8vb0vT7lvbcj5D9NPzv/t1D5+/z/J+U/e/19poT8AAAAAAAAAAAAAAADwSaqq2rlE9EpEXErX/7R1bSYAMF1XIu5Fej9Qy8vVarVarVafvrqpGu+NZhERf23e5lJE/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpS213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+aWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOMvxM743Gcnjf99Jh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5v9AY77zO//mR4ddLGP91dMz7EuT8zzQez3X+XxpZr5l/9duZy3/jsCtuRndf/ufuvPfTc7ff/+DVG+9df3ft3bUfX1xZOX/x0qXLly+fe+fGzbXzu/8eT69nQM4/j33tPNCy5Pxz5vIvS87/C6mWf1ly/l9MtfzLkvPP7/fkX5acf/7sI/+y5PxfTrX8y5Lz/0qq5V+Wre31uTr/V1It/7Lk/f+rqZZ/WXL+r6Za/mXJ+Z9NtfzLkvM/l+pD5O/r4U+RnH8+wmX/L0vOfyXV8i9Lzv9CquVflpz/xVTLvyw5/9dSLf+y5Py/lmr5lyXnfynV8i9Lzv/rqZZ/WXL+l1Mt/7Lk/L+RavmXJef/zVTLvyw5/9dTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5v5Fq+Zdl7/v/zZgxYybPtP3MBAAAAAAAAAAAAACMmsbpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TevHUIMhODkb2CTmBCSJbu2E7/wb4oJrw1QCiQU+oLjetdmwW947RIokk0DJRJGpRVV04u2gFAbqaqIKi5oRWkuqr5clfaC3lRUlZAaVQEFVKS2otlq5jzP45nZ2Zld73h99jyfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnH+s42iKJp/Wn9tL4oXND/eOrW9ddnrrvUWAgAAAOv1v62/n7shXXBoFTdqW+ZvX/EPX19aWloq3j/6O+NfXFpKV0wVxfiWomhdFz31bx9otC8TPFZMNkbaPh8ZsPrRAdePDbh+fMD1EwOu3zLg+skB1y/bActsLX8e07qzXa0Pt5e7tLixGG9dt6vHrR5rbBkZiT/LaWm0brM0fqxYKE4U88Vsx/Llso3W8t+8tbmutxVxXSNt69rZPEJ++MmjcRsaYR/v6ljX5fuMvv+GYupHP/zk0T869+zNvebA3dBxf+V23nlbczs/HS4pt7VRbEn7JG7nSNt27uzxnIx2bGejdbvmx93b+dwqt3P08mZuqO7nfLIYaX387dZ+Gmv/sV7aTzvDZf91e1EUFy9vdvcyy9ZVjBTbOi4Zufz8TJZHZPM+mofSi4uxNR2nt67iOG3OuV2dx2n3ayI+/7eG242tsA3tT9P3PzWx7Hlf63EaNR/1Sq+V7mNw2K+VqhyD8bj4dutBP97zGNwVHv8n71j5GOx57PQ4BtPjbjsGbxt0DI5MjLa2OT0JjdZtLh+DuzuWH22tqdGaz9zR/xicOXfyzMzixz/x2oWTR47PH58/tXf37tm9+/YdOHBg5tjCifnZ8u8r3NvVt60YSa+B28K+i6+BV3ct236oLn15eK/DyT6vw+1dyw77dTjW/eAaG/OCXH5Ml6+Nh5o7ffLSSLHCa6z1/Ny1/tdhetxtr8Oxttdhz68pPV6HY6t4HTaXOXPX6r5nGWv702sbrtbXgu1tx2D39yPdx+Cwvx+pyjE4GY6Lf7lr5a8FO8P2Pj691u9HRpcdg+nhhvee5iXp+/3JA63R67i8pXnFdRPF+cX5s/c8euTcubO7izA2xEvajpXu43Vb22Mqlh2vI2s+Xg8tvOLxW3pcvj3sq8nXNv+aXPG5ai5z7z39n6vWV7fe+7Pj0j1FGEO20fuz11fz5v5MWbLP/mwu8+mZ9X8vnnJp2/vv+ArvvzH3P1+uL93VY6PjY+XrdzTtnfGO9+POp2qs9d7VaK37uZnVvR+Phz8b/X58Y5/34x1dyw77/Xi8+8HF9+PGoJ92rE/38zkZjpMTs/3fj5vL7Niz1mNyrO/78e1hNsL+f01ICikXtR07Kx23aV1jY+PhcY3FNXQep3s7lh8P2ay5rif3XNlxeuft5X2Npkd32UYdp1Ndyw77OE3vVysdp41BP327Mt3P52Q4Lm7c2/84bS7z9L3rf+/cGj9se++cGHQMjo9ONLd5PB2E5fv90tZ4DN5THC1OFyeKuda1E63jqdFa1/R9qzsGJ8KfjX6v3NHnGLyza9lhH4Pp69hKx15jbPmDH4Lu53MyHBdP3Nf/GGwu86b9w/3e9c5wSVqm7XvX7p+vrfQzr1u6dtPV/JlXczv/en//n802lzlxYK05s/9+ujtccl2P/dT9+l3pNTVXbMx+2hG289kDK++n5vY0l/niwVUeT4eKorjw0QdaP+8N/77yZ+e/8/WOf3fp9W86Fz76wA+uP/Y3a9l+ADa/58uxrfxa1/YvU6v5938AAABgU4i5fyTMRP4HAACA2oi5P/6v8ET+BwAAgNqIuX8szCST/L/jTc8uPH+hSM38pSBen3bDg+VyseM6Gz6fWrqsefkDX53/8V9cWN26R4qi+MmDv9Zz+R0Pxu0qTYXtfOrNnZcvv+GFVa3/kYcvL9feX/9SuP/4eFZ7GPSq4M4WRfHNGz7fWs/UBy615tMPPtKa77n4+GPNZZ47WH4eb//MS8rlfz+Ufw8dO9Jx+2fCfvhemLNv770/4u2+duk1O/e/7/L64u0at72w9bCf+GB5v/H35HzhsXL5uJ9X2v6//NyTX2su/+irem//hZHe2/9kuN+vhvnfLy+Xb38Omp/H230mbH9cX7zdPV/5Vs/tf+qz5fJn3lIu90iYcf13hs93veXZhfb99WjjSMfjKt5aLhfXP/ud32xdH+8v3n/39k8evtSxP7qPj6f/qbyfma7l4+VxPdGfd62/eT/tx2dc/5O/8UjHfh60/qfe88zLm/fbvf67u5Yb7bp9929s+oPPfL7n+uL2HPrTMx2P59C7w+s4rP+JD4bjMVz/P099vmO90SPv7nz/ict/afuFjscTve1H5fqfev3x1vz3qR//3nUvuP6FF1/Z3HdF8e33lvc3aP3H//B0x/Z/+aa7Ws9HvD529LvXv5K4/rMfmz51evH8wlzbXm397px3lNuzZXLrtub23hDeW7s/P3z63Ifmz07NTs0WxVR9f4XeFftKmD8ox8W13v6uh8PzecvvfnPbHf/4uXj5Pz9UXn7p7eXXrVeH5b4QLt9ePn9LjXWu/4lbb2q9vhtPl5939NiHYOeu/ziwqgXD4+/+viAe72de+qHWfmhe1/q6EV/X69z+786V9/ONsF+Xwm9mvu2my+trXz7+boRL7y1f7+vef+FtLj6vfxye73d+r7z/uF3x8X43fB/zrR2d73fx+PjGhZHu+2/9Fo+L4f2kuFheH5eK+/vSczf13Lz4e0iKize3Pv/tdD83r+lhrmTx44szJxZOnX905tz84rmZxY9/4vDJ0+dPnTvc+l2ehz886PaX35+2td6f5ub33VvMbi2K4nQxuwFvWFdn+5sfrW77zzx8dG7/7B1z88eOnD927uEz82ePH11cPDo/t3jHkWPH5j826PYLc/fv3nNw7/4908cX5u4/cPDg3oPTC6dONzej3KgB9s1+ZPrU2cOtmyzef+/B3ffdd+/s9MnTc/P375+dnT4/6Patr03TzVv/6vTZ+RNHzi2cnJ9eXPjE/P27D+7bt2fgbwM8eebY4tTM2fOnZs4vzp+dKR/L1LnWxc2vfYNuTz0t/mv5/Wy3RvmL+Ip33b0v/X7Wpq9+asW7Khfp+gWiz4bfRfP3LzpzYDWfx9w/HmaSSf4HAACAHMTcPxFmIv8DAABAbcTcvyXMRP4HAACA2oi5fzLMJJP8r/+v/7+6/n95vf5/Xv3/Mx8te6Wbvf8f+/P6/3m4xv3/da9f/1//v379/9X35zf79uv/6/+zXNX6/zH3by2KLPM/AAAA5CDm/m1hJvI/AAAA1EbM/deFmcj/AAAAUBsx978gzCST/K//v6r+/55Bhav69/+d/1//v9ic/f/45Oj/Z2PN/fv3PdTxqf5/oP+v/6//r/+v/8+6ja94TY/+f+tX81/t/n/M/deHmWSS/wEAACAHMfe/MMxE/gcAAIDaiLn/hjAT+R8AAABqI+b+7WEmmeR//X/n/9f/1/9ff/+/c42V6v+v9/z/bRuj/785OP9/f/r/A1xx/39S/38z9v/Hh7v91e7/D9x8/X+uiqqd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDaiLn/JWEm8j8AAADURsz9N4aZZJL/9f/1//X/9f9rff7/9fb/+57/v/xI/79a9P/70/8fwPn/8+r/D3n7q93/H/b5/8ff3H17/X96qVr/P+b+l4aZZJL/AQAAIAcx998UZiL/AwAAQG3E3P+yMBP5HwAAAGoj5v4dYSaZ5H/9f/1//X/9f/3/3usf3P8v6f9Xi/5/f/r/A+j/6//r/6+u/9/jm9/O/n/8aqn/n7uq9f9j7r85zCST/A8AAAA5iLn/ljAT+R8AAABqI+b+/xdmIv8DAABAbcTcvzPMJJP8r/+v/6//n1f//+4J/X/9/3rT/+9P/38A/X/9f/3/VZ7/f7m1nP9/y6A7ozaq1v+Puf/lYSaZ5H8AAADIQcz9rwgzkf8BAACgNmLuf2WYifwPAAAAtRFz/1SYSSb5X/+/Xv3/P/mrJ15Z6P/r/w9Yf037//Ew0P/PnP5/f/r/A+j/6//r/29I/598VK3/H3P/rWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx998eZiL/AwAAQG3E3L8rzCST/K//X6/+f6T/r//fb/017f8n+v950//voe1Fqv8/gP6//n/2/f/43a/+P8NRtf5/zP2vCjPJJP8DAABADmLuvyPMRP4HAACA2oi5/9VhJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f97r1//f3PS/+9vrf3/Cf1//X/9/8z6/87/z3BVrf8fc/9rwkwyyf8AAACQg5j77wozkf8BAACgNuL/3yz/36v8DwAAAHUUc/90mEkm+V//X/8/p/5/Q/9f/1//v/b0//tz/v8B9P/1/ze0///9js/69P8n2g73Fen/U0VV6//H3P/aMJNM8j8AAADkIOb+e8JM5H8AAACojZj7Z8JM5H8AAACojZj7Z8NMMsn/+v/6/zn1/53/X/9f/7/+9P/70/8fQP9f/79u5/8vCv1/rqmq9f9j7t8dZpJJ/gcAAIAcxNy/J8xE/gcAAIDaiLl/b5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9/97rr3j/v6H/35v+f3/6/wPo/+v/163/7/z/XGNV6//H3H9fmEkm+R8AAAByEHP/vjAT+R8AAABqI+b+/WEmIf/3+n/dAAAAwOYSc/+BMJNM/v1f/78m/f9f/7uOdev/6//3W/9w+v9b9f/DdP7/aqlp/7/7ZXHF9P8H0P/X/9f/1/9nqKrW/4+5/2CYSSb5HwAAAHIQc//rwkzkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/T4WZZJL/9f9r0v/vov+v/99v/c7/r/9fZzXt/w9Nrfr/I/r/+v/V2n79f/1/lrv6/f/40er6/zH33x9mkkn+BwAAgBzE3P/TYSbyPwAAANRGzP2vDzOR/wEAAKA2Yu4/FGZSt/z/st4X6//r/+v/6/9fnf7/64tuVez/Nw8e/f960f/vr1b9f+f/1/+v2Pbr/+v/s1zVzv8fc/8bwkzqlv8BAAAgYzH3PxBmIv8DAABAbcTc/8YwE/kfAAAAaiPm/jeFmWSS//X/9f/1//X/nf+/9/r1/zcn/f/+9P8H0P/X/9f/1/9nqKrW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKA2Yu5/a5iJ/A8AAAC1EXP/28JMMsn/+v/6//r/+v/6/73Xr/+/Oen/96f/P4D+v/6//r/+P0NVtf5/zP0/E2aSSf4HAACAHMTc/2CYifwPAAAAtRFz/9vDTOR/AAAAqI2Y+98RZpJJ/tf/1//X/9f/1//vvX79/81J/78//f8B9P/1//X/9f+5EltXuqJq/f+Y+98ZZpJJ/gcAAIAcxNz/s2Em8j8AAADURsz97wozkf8BAACgNmLu/7kwk0zyv/6//n+1+v9LF9pvp/+v/18Mq//fvJH+fxb0//vT/x+gR/9/i/6//r/+v/4/V6xq/f+Y+98dZpJJ/gcAAIAcxNz/njAT+R8AAABqI+b+94aZyP8AAABQGzH3PxRmkkn+1//Psv8/EnvL1ev/O/+//r/z/+v/r4/+f3/6/wM4/7/+v/6//j9DVbX+f8z9D4eZZJL/AQAAIAcx978vzET+BwAAgNqIuf/nw0zkfwAAAKiNmPvfH2aSSf7X/8+y/1/h8//Xrf8/1nF85NT/n2x7PtNxqf+v/78B9P/70/8fQP9f/7/K/f9wNG9d4fb6/1RR1fr/Mfd/IMwkk/wPAAAAOYi5/xfCTOR/AAAAqI2Y+38xzET+BwAAgNqIuf+Xwkwyyf/6//r/+v/O/+/8/73Xr/+/Oen/96f/P4D+v/5/lfv/A+j/U0VV6//H3P/LYSYrBr8f/OcqHiYAAABQITH3fzDMJJN//wcAAIAcxNx/OMxE/gcAAIDaiLn/kTCTTPK//n93/z+eUVX/X/9f/1//X/9/Mxpe//9l1xeF/r/+v/6//r/+v/4/61G1/n/M/UfCTDLJ/wAAAJCDmPt/JcxE/gcAAIDaiLn/aJiJ/A8AAAC1EXP/XJhJJvn/Gvb/x6vZ/3f+/yvt//9E/1//P9D/703/f2M4/39/+v8D6P/r/+v/6/8zVFXr/8fcPx9mkkn+BwAAgBpLPw6Ouf9YmIn8DwAAALURc//xMBP5HwAAAGoj5v4PhZlkkv+d/1//3/n/r0X/f6xjef3/kv6//v8w6P/3p/8/gP6//r/+v/4/Q1W1/n/M/QthJpnkfwAAAMhBzP0fDjOR/wEAAKA2Yu7/SJiJ/A8AAAC1EXP/iTCTTPK//r/+f+79/0ZRXHT+f/3/XuvX/9+c9P/70/8fQP9f/39T9f+f+K32z/T/qaKq9f9j7j8ZZpJJ/gcAAIAcxNx/Ksz/Y+8+miQ7szoOp0TbIAL4CKxZsYSV+Ahs2RHBmsAJ4ZGE9yC8N8J7GO9HMxrvNd6PxnursZqJqAlVn3PUVZV1b3dXduW973mezaE7upRZrZJafyp+c4v9DwAAAMPI3f8jcYv9DwAAAMPI3f+jcUuT/a//1/937/83e3n+/9Ffr/+/Rv+v/9+FE/39he2/7rQo/NT+/7u/5+4f1P/r//X/k/T/nv+v/+e4pfX/uft/LG5psv8BAACgg9z9Px632P8AAAAwjNz9PxG32P8AAAAwjNz9d8ctTfa//l//r//X/x/p/x/S/+v/183z/6fp/2fo//X/+n/9Pzu1tP4/d/9Pxi1N9j8AAAB0kLv/nrjF/gcAAIBh5O7/qbjF/gcAAIBh5O7/6bilyf7X/+v/9f9r6f8vef7/sc9H/6//30b/P03/P0P/r//X/+v/2aml9f+5+38mbmmy/wEAAKCD3P0/G7fY/wAAADCM3P0/F7fY/wAAADCM3P0/H7c02f9d+v9Hjv1Y/6//v/73ax39/zk9/1//r/9fuQc3T/47Qf9/kv5/xkz/v9no/6fccD+//dNbz/s/hf5f/89JS+v/c/f/QtzyfZvNpVv9JAEAAIBFyd3/i3FLk+//AwAAQAe5+++NW+x/AAAAGEbu/vvilib7v0v/f5z+X/9//e+X/l//v+319f/r5Pn/087e/3/Xd/zwD/Xt/z3/f5rn/++6/3/iK0P/z7otrf/P3X9/3NJk/wMAAEAHuft/KW6x/wEAAGAYuft/OW6x/wEAAGAYuft/JW5psv/1/6P1/99y5OOu6/8Paxf9v/5f/6//H53+f5rn/884/Nfc1fqh/l//7/n/+n/OZmn9f+7+X41bmux/AAAA6CB3/6/FLfY/AAAADCN3/6/HLfY/AAAADCN3/2/ELU32v/5/tP7/6Md5/n/1//d827Vfov/X/+v/B6f/n6b/nzHK8/9v8atm3/38Wd2u93+g/9f/c8uW1v/n7v/NuKXJ/gcAAIAOcvf/Vtxi/wMAAMAwcvf/dtxi/wMAAMAwcvf/TtzSZP/r//X/6+j/8xU8/1//f/v7/6T/Xyf9/zT9/4xR+v9bpP/3/H/9P7u2tP4/d//vxi1N9j8AAAB0kLv/9+IW+x8AAACGkbv/9+MW+x8AAACGkbv/D+KWJvtf/6//X0f/f+bn/+v/9f+e/9+E/n+a/n+G/l//r//X/7NTS+v/c/c/ELc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/+X/9/hv7/wkb/r//X/y+M/n+a/n+G/l//r//X/7NTC+r/r/uoK5s/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa//n8x/f9hzrfw/v/g5vr/q5vNZvD+3/P/T+3/r17397O+LvX/+v9zoP+fpv+fof/X/+v/9f/s1IL6/8Mf5+7/i7ilyf4HAACADnL3/2XcYv8DAADAMHL3/1XcYv8DAADAMHL3/3Xc0mT/6/8X0/8fWnj/7/n/+v8jf13P/79G/78s+v9p+v8Z+n/9v/5f/89OLa3/z93/N3HTpYu3/CkCAAAAC5O7/2/jlibf/wcAAIAOcvf/Xdxi/wMAAMBKPXDiZ3L3/33c0mT/6/932/9fuu7n9P/6/+NfH/p//b/+//bT/0/T/8/Q/+v/9f/6f3Zqaf1/7v5/iFua7H8AAADoIHf/g3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/2v//f8f/2//l//v/319f/rpP+fpv+fof/X/++3/7/85P+p/2cMN9H/Hxwc3Hvb+//c/f8ctzTZ/wAAANBB7v5/iVvsfwAAABhG7v5/jVvsfwAAABhG7v5/i1ua7H/9f9P+P7/U19X/37fZ6P/1//p//f80/f80/f8M/b/+3/P/9f/s1NKe/5+7/9/jlmPD786b+iwBAACAJcnd/x9xS5Pv/wMAAEAHufv/M26x/wEAAGAYufv/K25psv/1/037f8//1//r/8+7/398o/8/F6vo/6+e/vpL7//v1//r/ye06/+//3uP/FD/r/9v6fh/uB2ztP4/d/9/xy1N9j8AAAB0kLv/f+IW+x8AAACGkbv/f+MW+x8AAACGkbv//+KmC032v/5f/6//1//r/7e//jk////SZrPR/+/AKvr/CUvv/3fz/P/TY1H9v/5/ze9f/6//56Sl9f+5+/8/bmmy/wEAAKCD3P1PiVvsfwAAABhG7v6nxi32PwAAAAwjd//T4pYm+1//r//X/+v/h+//719F/+/5/zui/5+2jP7/dPp//f+a37/+X//PjdtX/5+7/+lxS5P9DwAAAB3k7n9G3GL/AwAAwDBy9z8zbrH/AQAAYBi5+58VtzTZ//p//f/N9P/5PvX/Y/X/lxfX/1858tdr8vx//f+O6P+n6f9n6P/1//r/B/T/7NLSnv+fu//ZcUuT/Q8AAAAd5O5/Ttz6f93a/wAAADCM3P3PjVvsfwAAABhG7v7nxS1N9r/+X//v+f/6/+Gf/6//b0X/P03/P0P/r//X/3v+Pzu1tP4/d//z45Ym+x8AAAA6yN3/grjF/gcAAIBh5O5/Ydxi/wMAAMAwcvc/FLc02f/6f/2//l//r/+/9vdQ/z8G/f+08+n/r+r/9f/Vz98R/xTo//X/cx/PmJbW/+fuf1Hc0mT/AwAAQAe5+18ct9j/AAAAMIzc/Q/HLfY/AAAArNKFLT+Xu/8lcUuT/a//1/+frf8/+rr6f/3/ZqX9/7bX1/+v0176//yi0P97/n/o0/9/55Efre35/8f//NL/6//ZvaX1/7n7Xxq3NNn/AAAA0EHu/pfFLfY/AAAADCN3/8vjFvsfAAAAhpG7/xVxS5P9r//X/3v+v/5f/7/99fX/6+T5/9P0/zP0//P9/Lb/Qa2wtv5/1+9f/6//56Sl9f+5+18ZtzTZ/wAAANBB7v5XxS32PwAAAAwjd/+r4xb7HwAAAIZxuPszLmu4//X/+n/9v/5f/7/99fX/66T/n6b/n6H/32s/v/b3r//X/3PS0vr/1xx+1JXNa+OWJvsfAAAAOsjd/7q4xf4HAACAYeTuf33cYv8DAADAMHL3vyFuabL/9f/6/3X0/wcHB/c26v/zHzT9/6H5/v9R/T9F/z9N/z9D/6//1//r/9mppfX/ufsfiVua7H8AAADoIHf/G+MW+x8AAACGkbv/TXGL/Q8AAADDyN3/5rilyf7X/y+g/7+i//f8f8//33j+v/5/R/T/0/T/M0bs/6/c+Ke/737+rPb9/vX/+n9OWlr/n7v/LXFLk/0PAAAAHeTuf2vcYv8DAADAMHL3vy1usf8BAABgGLn73x63NNn/+v/z6/+f+L3r8vz/q5vt71//r//X/+v/bzf9/zT9/4wR+/+bsO9+fu3vX/+v/+ek7P/vOPZn4r76/9z974hbjg6/i7fyuQIAAADLkLv/nXFLk+//AwAAQAe5+98Vt9j/AAAAMIzc/e+OW5rsf/3/Ap7/P2D/7/n/278+9P+L7v/v1P+PQf8/Tf8/Q/+v/99D/59/rozV/+dXs/6/u+z/j9tX/5+7/z1xS5P9DwAAAB3k7n9v3GL/AwAAwDBy978vbrH/AQAAYBi5+x+NW67b/9va7lHo//X/+n/9v/5/++vr/9dJ/z/tRvv/y5uz9f9J/6//1/97/r/+v7el9f+5+98ft/j+PwAAAKzOxVN+Pnf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/objlsTv39ZbOlf5f/z9E///wtx5+rP5f/7/R/7en/5/m+f8z9P+76Ofv0v+P0f9vNvp/zm5p/X/u/g/HLb7/DwAAAMPI3f+RuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v8z9v+Haebe+//4WP2//n+j/29P/z9N/z/jNvT/F4/+9Tv0/57/P0j/7/n/7MLS+v/c/R+PW5rsfwAAAOggd/8n4hb7HwAAAIaRu/+TcYv9DwAAAMPI3f+puKXJ/t9b/x+/1fr/1ff/y3j+f3ys/l//v9H/t6f/n6b/n+H5//p//b/+n51aWv+fu//TcUuT/Q8AAAAd5O7/TNxi/wMAAMAwcvd/Nm6x/wEAAGAYufs/F7c02f+e/6//1//r//X/219f/79O+v9p+v/t6m+U/l//r//X/7NTS+v/c/d/Pm5psv8BAACgg9z9X4hb7H8AAAAYRu7+x+IW+x8AAACGkbv/i3FLk/2v/9f/6//1//r/E69/10b/v1r6/2n77P9/4NvnX9bz//fe/+db0P/r//X/7MTS+v/c/V+KW5rsfwAAAOggd/+X4xb7HwAAAIaRu/8rcYv9DwAAAMPI3f/VuKXJ/p/p/y/XL9T/T9L/H33/+v/tXx/6/9X0/4f0/+uk/5/m+f8z9P+e/6//1/+zU0vr/3P3fy1uabL/AQAAoIPc/Y/HLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P97/n/a+r/79L/6//1//p//f8M/f80/f+MZfX/J/7zQv+/7Pev/9f/c9LS+v/c/d8MAAD//yBlU3A=")
mount$nfs(&(0x7f0000000100)='\xae', &(0x7f0000000080)='./file0\x00', 0x0, 0xa842, 0x0)

9m35.37477817s ago: executing program 1 (id=1315):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000d40)={'ip6tnl0\x00', &(0x7f0000000c40)=@ethtool_drvinfo={0x3, "b8f7e2c3b4df921e675f1b1fc3c93074e4a71e75a6f48511cf96b2332aae175b", "0cd8ba72a122ff3b1038734caf931d56966c158f367cde59d891ae7e80c51b4b", "e8510ff3c81d0803b08014954f9caddfa92033559c0288c9271ef5c3e2cd06f0", "89a80537b3be136c90c023c340d4b887a5a159fbd4885626df79d82c6b9c4248", "8aa8a3d605c25bf163f5a6dbffa44bf51add4b922147918f636351d231e75383", "8c139ad8988a3d0698fdd28c", 0x1, 0x7, 0x80000001, 0x0, 0x7ff}})

9m34.722495584s ago: executing program 32 (id=1315):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000d40)={'ip6tnl0\x00', &(0x7f0000000c40)=@ethtool_drvinfo={0x3, "b8f7e2c3b4df921e675f1b1fc3c93074e4a71e75a6f48511cf96b2332aae175b", "0cd8ba72a122ff3b1038734caf931d56966c158f367cde59d891ae7e80c51b4b", "e8510ff3c81d0803b08014954f9caddfa92033559c0288c9271ef5c3e2cd06f0", "89a80537b3be136c90c023c340d4b887a5a159fbd4885626df79d82c6b9c4248", "8aa8a3d605c25bf163f5a6dbffa44bf51add4b922147918f636351d231e75383", "8c139ad8988a3d0698fdd28c", 0x1, 0x7, 0x80000001, 0x0, 0x7ff}})

9m17.977737858s ago: executing program 5 (id=1318):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x24, 0x18, 0x1, 0xfffffffe, 0x0, {0x2, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x1e, 0x4}]}, 0x24}}, 0x4)

9m17.57068509s ago: executing program 5 (id=1482):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='ext4\x00', 0x800800, 0x0)

9m16.830898035s ago: executing program 5 (id=1492):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=@setneightbl={0x24, 0x43, 0x401, 0x70bd26, 0x25dfdbfe, {0xa}, [@NDTA_NAME={0xf, 0x1, 'time_offset'}]}, 0x24}, 0x1, 0x0, 0x0, 0x2c0480c4}, 0x0)

9m15.482770663s ago: executing program 5 (id=1510):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xd, 0x4008032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

9m15.049679496s ago: executing program 33 (id=1510):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xd, 0x4008032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

9m14.27071856s ago: executing program 3 (id=1524):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a38000000160a01020000000000000000050000060900010073797a31000000000c00054000000000000000030900010073797a3100000000140000000e0a0104000000000000000001000000280000000e0a02010000000000000000020000090900020073797a310000000008000440000000015c000000000a010800000000000000000300000508000240000000030900010073797a3100000000080002400000000308000240000000000c00044000000000000000030900010073797a31000000000900010073797a31000000009c020000000a010106000000000000000a0000050900010073797a30000000000900010073797a3000000000da000600c07279be0e56ac616e7f286afd0ecce08ff7e82d37146c2ba784d89f9c632f94068fa710e11fffa1afe18542c89dfa9f7f4c70cb1271f3c87d55aba3077b477b92ecac4905592e8ac951502a434c38a7a15e1e189bdd4848918185a64c8049807a07b9ac6d77943dbaa332d88c3a1e377f62d28a6b04081da06772c0bbec20a0ab1d80bc3759599483f45c3db8461a0a6f0d6db87311ee7efa2f63860ff6cf6d0b014fdf034f2d1b7e6c01b2be46c402887af8bbe797f4f82171850e5a36953968003e876461a9b1065ff1a8eb230723a0013ce26dfa00000d000600d061e2b31f71393dc9000000740006004832c359576e5a1bc153bccd7c740aeb41b9b733fad32adb0f0833a76dc3acd09697800043cc1b9f6f57e90d9dd529e89941fc33b9a3ceac2e97052eb898f23865943f427c47684b093be81a9c415e8bcb8a22ca63dde00f59d52d3ea1cb10065a48893e440de7a61e88814ea7b6d0620c0004400000000000000003f00006008959ad765d050f550ea982a95a2d3aae97b7c9dd8f108da3668ddfb685daec226890d01432fcbb71d59f1a74b572d952b440cf31e2388a110f85db43c62b38b2cc9500281d078ae59efe40d4b981cf6b3d6d1afb968717dc731ee2a2d68cd2d23c9529172bb2532d816a68ab2eeff90d6183f54bc3cfd76c51a4d8a1e9d09f58674d0260e7b5a369bc7216c3c6e752b3c5e514624f3e2a2177ab1d04821838c5d4588e949e3de7869e86fa0bebbfe4e52d7895db966e7b626f0cfb0d2313e0876140dd89b2554925fa7d359924499b65cfd6939c7f5131ca8d5207ee2954470d147f725d0829226e8c3cd51a08000240000000020900010073797a300000000008010000020a0108000000000000000000000005f2000600bafb0882dc4f83d80af91131e732cc567f0e14dad66d608685c225ca5ec0ed1a7bb1d3586b0e2a811b93942b27c30fabb2b965426d9fb1444488d0d7cc0fd7b94ece0ff885ff9ea5b844e6de9d8ff72c7df0bc5160708546d721dda820f249f9681bcf3c685cb14dd29cb52ae898b83eaa59b62d06af15d122d5bd25d4098beadb2ebea1fbfa43364b92fdb9783a1852a0c513dff3f648eeede58f2fe62ff3e385e6695b03d63cf60be6bd28c6de84f693a6d2791b5369ba29d9b3f65be1570cf4bc3e31af5dd30dff47025df230e20c7a07e8a94d6c105dcadb4fe8a6b029976e4cc8d3a28b953c8e94d6a0fa4d000028000000080a01080000000000000000070000010900020073797a310000000008000b400000000420000000030a01030000000000200000030000070900010073797a31"], 0x4e4}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

9m14.012620752s ago: executing program 3 (id=1526):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0xf0, 0x67)

9m13.578658805s ago: executing program 3 (id=1527):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0xc, 0x1, 0x1, "dbbc845dd6dbd100f7d796caa3f9f8e303660bef490daa61c2dd72c605a0d432", 0x30385056})

9m13.239374287s ago: executing program 3 (id=1529):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='ext4\x00', 0x800800, 0x0)

9m12.573422261s ago: executing program 3 (id=1533):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="97020000000000005c00128009000100626f6e64000000004c00028008000a00000000001800088000000000e00000017f000001640101020000000005000100000000000800070001000000080009"], 0x8c}}, 0x0)

9m11.18271247s ago: executing program 3 (id=1543):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0xfd, 0x0, 0x7fff0000}]})
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

9m10.696046023s ago: executing program 34 (id=1543):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0xfd, 0x0, 0x7fff0000}]})
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

6m54.797402454s ago: executing program 6 (id=3137):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x2d, 0x2, 0x2, "d569e8e1dd2f1ae97ee8589301f453a0c04b1410b2eafa4496ba216b1e8ac11e"})

6m54.634374664s ago: executing program 6 (id=3129):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, &(0x7f0000001b40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x47, 0x0}}, 0x10)

6m54.312940727s ago: executing program 6 (id=3134):
r0 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

6m53.973603369s ago: executing program 6 (id=3140):
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f00000003c0)={[{@map_off}, {@check_strict}, {@overriderock}, {@map_off}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@map_off}, {@mode={'mode', 0x3d, 0x483}}]}, 0x1, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

6m53.66375844s ago: executing program 6 (id=3144):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000340))

6m53.076164734s ago: executing program 6 (id=3152):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20108c0, &(0x7f0000000c00)=ANY=[], 0x1, 0x61f5, &(0x7f00000075c0)="$eJzs3U1vHVf9B/DfffRD/k2tLqr+I4TctDyU0iROSggUaLsoCzZdoGxRItetIlJASUBpZRFX3rBgxSsAIbFEiCViwQvogi07VqyIZCOBumLQ2OfE48m9vXYd37n2fD6SPfObM9c+4++d++A7MycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjed7+/0omIGz9LC5Yi/i96Ed2IhbJejoiF5aW8fj8inoud5ng2IgZzEeXtd749HfFqRHx8NmJre321XHz5gP146w9/++0Pzrz9198PLv7nj/d6r41b7/79X/77Tw+Ots0AAADQNkVRFJ30Nv9cen/fbbpTAMBU5Of/IsnLT339q3+8/edZ6o9arVar1VOoq4rRHlSLiNio3qZ8zeDjeAA4YTbik6a7QIPk32r9iDjTdCeAmdZpugMci63t9dVOyrdTfT5Y3m3Px4Lsy3+j8+j8jnHTSerHmEzr/rUZvXhmTH8WptSHWZLz79bzv7HbPkzrHXf+0zIu/+HuqU+tk/Pv1fOvOT35d0fm31Y5//6h8u/JHwAAAAAAZlj+//9Sw5//zh19Uw7k0z7/XZ5SHwAAAAAAAADgSTvq+H+PGP8PAAAAZlb5Xr3067N7y8Zdi61cfr0T8VRtfaBl0skyi033AwAAAAAAAAAAAADapL97DO/1TsQgIp5aXCyKovyqqteHddTbnwI71yxouhPA9DX9IA8AALs+Pls7l78TMR8R16O7c62/weLiYlHMLywWi8XCXH49O5ybLxYq7+vztFw2NzzAC+L+sCh/2HzldlWT/l8wqb3+88rfNSx6B+jYEzJIf80xzQ2FDQDJ7rPRlmekU6YonvZpAwdi/z+FlmKp6fsVs6/puykAAABw/IqiKDrpct7n0vh+3aY7BQBMRX7+r38ucKS6O6Y94sn8fLVarVar1Z+pripGe1AtImKjepvyNYPh+AHghNmIT5ruAg2Sf6v1I+K5pjsBzLRO0x3gWGxtr692Ur6d6vNBGt89HwuyL/+Nzs7t8u1HTSepH2MyrfvXZvTimTH9eXZKfZglOf9uPf8bu+3DtN5x5z8t4/If7pwy1z45/149/5rTk393ZP5tlfPvHyr/nvwBAAAAAGCG5f//L/n8N28yAAAAAAAAAJw4W9vrq/m81/z5/+dGrOf8z9Mp5985bP4LaV7+J1rOv1vL/8u19XqV+Ydv7u3//9peX/3dvX/+f54eNP+5PNNJ96xOukd00m/q9NP0KFv3uM1Bb1j+pkGn2+unY36KwbtxK27HWlzat243/T322lf2tZc9Hexrv7yvvf9Y+5V97YN03YFiIbdfiNX4cdyOd3bay7a5Cds/P6G9mNCe8+95/G+lnH+/8lXmv5jaO7Vp6eFH3cf2++p01O9549bnf3Hp+Ddnos3oPdq2qnL7zjfQn/Jv8lYM46d31+5cuH/z3r07K5EmZ6pLL0eaPGE5/8HO19ze4/8Lu+35cb+6vz78aHjo/GfFZvTH5v9CZb7c3pem3Lcm5PyH6Svn/05qH73/n+T8x+//LzfQHwAAAAAAAAAAAAAAAPg0RVHsnCL6RkRcTef/NHVuJgAwXfn5v0jycrVarVar1aevripGe71aRMRfqrcpXzP8fNQPAwBm2X8j4u9Nd4LGyL/F8vX+yumLTXcGmKq7H3z4w5u3b6/dudt0TwAAAAAAAACAzyqP/7lcGf/5xYhYqq23b/zXN2P5qON/9vPMowFGn/BA32Nsdoe9bmW48edjZ3zuC+PG/z4fj4//ncfE7VW3Y4zBhPbhhPa5Ce3zI5fupTXyRI+KnP/zlfHOy/zP1YZfb8P4r/Ux79sg53++cn8u8/9Sbb1q/sVvZi7/jYOuuBndfflfvPf+Ty7e/eDDV269f/O9tffWfnRlZeXSlatXr127dvHdW7fXLu1+P55ez4Ccfx772nGg7ZLzz5nLv11y/l9ItfzbJef/xVTLv11y/vn1nvzbJeef3/vIv11y/i+lWv7tkvP/Sqrl3y5b2+tzZf4vp1r+7ZL3/6+mWv7tkvN/JdXyb5ec/4VUy79dcv4XU32A/F0e/hTJ+edPuOz/7ZLzX0m1/Nsl53851fJvl5z/lVTLv11y/q+mWv7tkvP/Wqrl3y45/6upln+75Py/nurD5L9wjP1iOnL+11Jt/2+XnP83Ui3/dsn5fzPV8m+XnP9rqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8v5Nq+bdLzv/1VMu/Xfau/2/GjBkzeabpRyYAAAAAAAAAAAAAoG4ahxM3vY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/uYuQ66/uBn1nv2muHEAMhOPkb2CQmhMRk13biF/5NMYEADVAKJBT6guN612bBb3jtEiiSTQMlEkZFFVXTi7aAojZSVRFVXNCK0lxUfbkq7QW9qagqITWqDAqoSG0F2WrmPM/jmdnZmVnveH32PJ+PlPx2Z86Z88yZ55yd366/cwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnnuc42iKJr/tf63tShe1Px689TW1m1vuNYjBAAAAFbrp63/P39DuuHgECu1LfN3r/rHry8uLi4WH9jwuxPjxWK6Y6ooJjYVReu+6Jl//2DjS23fB48Xk42xtu/HBmx+w4D7xwfcPzHg/o0D7t804P7JAfcv2QFLbC5/H9N6sB2tL7eWu7S4sZho3bejx1qPNzaNjcXf5bQ0WussThwt5ovjxVwx07F8uWyjtfw3b21u6+1F3NZY27a2N2fIDz91JI6hEfbxjo5tXX7M6PtvKqZ+9MNPHfnjs5du7lUH7oaOxyvHeedtzXF+JtxSjrVRbEr7JI5zrG2c23u8Jhs6xtlordf8unuczw85zg2Xh7mmul/zyWKs9fW3W/tpvP3Xemk/bQ+3/fftRVFcuDzs7mWWbKsYK7Z03DJ2+fWZLGdk8zGaU+mlxfiK5umtQ8zTZp3d0TlPu4+J+PrfGtYbX2YM7S/T9z+9ccnrvtJ5GjWf9XLHSvccHPWxUpU5GOfFt1tP+omec3BHeP6fumP5Odhz7vSYg+l5t83B2wbNwbGNG1pjTi9Co7XO5Tm4q2P5Da0tNVr1uTv6z8HpsydOTy984pOvnz9x+NjcsbmTe3btmtmzd+/+/funj84fn5sp/3+Fe7v6thRj6Ri4Ley7eAy8tmvZ9qm6+JXRHYeTfY7DrV3Ljvo4HO9+co21OSCXzuny2Hi4udMnL44VyxxjrdfnrtUfh+l5tx2H423HYc+fKT2Ow/EhjsPmMqfvGu49y3jbf73GcLV+Fmxtm4Pd70e65+Co349UZQ5Ohnnxr3ct/7NgexjvEztX+n5kw5I5mJ5uOPc0b0nv9yf3t0qveXlL847rNhbnFubO3PPY4bNnz+wqQlkTL2ubK93zdUvbcyqWzNexFc/Xg/OveuKWHrdvDftq8vXN/00u+1o1l7n3nv6vVeunW+/92XHr7iKUEVvr/dnrp3lzf6Zess/+bC7zmenVvxdPfWnb+XdimfNv7PtfKLeXHurxDRPj5fG7Ie2diY7zcedLNd46dzVa235+erjz8UT4b63Pxzf2OR9v61p21Ofjie4nF8/HjUG/7Vid7tdzMsyT4zP9z8fNZbbtXumcHO97Pr491EbY/68LnULqi9rmznLzNm1rfHwiPK/xuIXOebqnY/mJ0Js1t/X07iubp3feXj7WhvTsLlureTrVteyo52k6Xy03TxuDfvt2Zbpfz8kwL27c03+eNpd59t7Vnzs3xy/bzp0bB83BiQ0bm2OeSJOwPN8vbo5z8J7iSHGqOF7Mtu7d2JpPjda2dt433BzcGP5b63Pltj5z8M6uZUc9B9PPseXmXmN86ZMfge7XczLMiyfv6z8Hm8u8Zd9o37veGW5Jy7S9d+3+/dpyv/O6pWs3Xc3feTXH+Tf7+v9utrnM8f0r7TP776e7wy3X9dhP3cfvcsfUbLE2+2lbGOel/cvvp+Z4mst86cCQ8+lgURTnP/ZA6/e94e8rf37uO1/v+LtLr7/pnP/YAz+4/ujfrmT8AKx/L5RlS/mzru0vU8P8/R8AAABYF2LfPxZqov8HAACA2oh9f/xX4Yn+HwAAAGoj9v3joSaZ9P/b3nJp/oXzRUrmLwbx/rQbHiqXixnXmfD91OJlzdsfeGrux395frhtjxVF8ZOHfqPn8tseiuMqTYVxPvNg5+1LVzw/1PYffeTycu359S+Hx4/PZ9hp0CuCO1MUxTdv+EJrO1MfvNiqzz70aKu+98ITjzeXef5A+X1c/7mXlcv/QQj/Hjx6uGP958J++F6oM+/ovT/iel+7+Lrt+95/eXtxvcZtL2497Sc/VD5u/JycLz5eLh/383Lj/6vPP/215vKPvab3+M+P9R7/0+Fxn3rw0nxzxv3PK8vl21+D5vdxvc+G8cftPRXWv+er3+o5/mc+Vy5/+q3lco+GGrd/Z/h+x1svzbfvr8cahzueV/G2crm4/Znv/Hbr/vh48fG7xz956GLH/uieH8/+c/k4013Lx9vjdqK/6Np+83Ha52fc/tO/9WjHfh60/Wfe+9wrm4/bvf27u5bb0LV+9yc2/eFnv9Bze3E8B//sdMfzOfiecByH7T/5oTAfw/3/+8wXOrYbPfqezvNPXP7LW893PJ/o7T8qt//MG4+16n9M/fj3r3vR9S++8OrmviuKb7+vfLxB2z/2R6c6xv+Vm+5qvR7x/pjR797+cuL2z3x858lTC+fmZ9v2auuzc95ZjmfT5OYtzfHeEM6t3d8fOnX2w3NnpmamZopiqr4foXfFvhrqD8pyYaXr3/VIeD1v+b1vbrnjnz4fb/+Xh8vbL76j/Ln12rDcF8PtW8vXb7Gxyu0/eetNreO78Wz5fUeOfQS27/jP/UMtGJ5/9/uCON9Pv/zDrf3QvK/1cyMe16sc/3dny8f5Rtivi+GTmW+76fL22pePn41w8X3l8b7q/RdOc/F1/ZPwer/re+Xjx3HF5/vd8D7mW9s6z3dxfnzj/Fj347c+xeNCOJ8UF8r741Jxf198/qaew4ufQ1JcuLn1/e+kx7l5RU9zOQufWJg+Pn/y3GPTZ+cWzk4vfOKTh06cOnfy7KHWZ3ke+sig9S+fn7a0zk+zc3vvLWY2F0VxqphZgxPW1Rl/86vhxn/6kSOz+2bumJ07evjc0bOPnJ47c+zIwsKRudmFOw4fPTr38UHrz8/ev2v3gT37du88Nj97//4DB/Yc2Dl/8lRzGOWgBtg789GdJ88caq2ycP+9B3bdd9+9MztPnJqdu3/fzMzOc4PWb/1s2tlc+9d3npk7fvjs/Im5nQvzn5y7f9eBvXt3D/w0wBOnjy5MTZ85d3L63MLcmenyuUydbd3c/Nk3aH3qaeHfyvez3RrlB/EV7757b/p81qanPr3sQ5WLdH2A6KXwWTT/8JLT+4f5Pvb9E6EmmfT/AAAAkIPY928MNdH/AwAAQG3Evn9TqIn+HwAAAGoj9v2ToSaZ9P/y//L/w+X/y/tHmf/vlZ8v5P8rlf8//bEyV7re8/8xPy//n4drnP9f9fbl/+X/65f/Hz4/v97HL/8v/89SVcv/x75/c1Fk2f8DAABADmLfvyXURP8PAAAAtRH7/utCTfT/AAAAUBux739RqEkm/b/8/1D5/92DAlf1z/+P/vr/8v/y/2uS/48vjvx/Nlacv3//wx3fyv8H8v/y//L/8v/y/6zaxLL3XKv8f+z7rw81yaT/BwAAgBzEvv/FoSb6fwAAAKiN2PffEGqi/wcAAIDaiH3/1lCTTPp/+X/X/5f/l/+vdf5/tdf/bxuM/P/64Pr//cn/D3DF+f9J+f/1mP+fGO34q53/Hzh8+X+uiqpd/z/2/S8JNcmk/wcAAIAcxL7/paEm+n8AAACojdj3vyzURP8PAAAAtRH7/htDTTLp/+X/5f/l/+X/5f97b3/w9f/Lr+T/q0X+vz/5/wFc/z+v/P+Ix1/t/P+or/8/8WD3+vL/9FK1/H/s+18eapJJ/w8AAAA5iH3/TaEm+n8AAACojdj3vyLURP8PAAAAtRH7/m2hJpn0//L/VyP//9PW2vL/8v/d80P+v275/5L8f7XI//cn/z+A/L/8v/z/cPn/Hh9+Jf9PL1XL/8e+/+ZQk0z6fwAAAMhB7PtvCTVZpv9fHPJv2wAAAEB1xL7//4Wa+Ps/AAAA1Ebs+7eHmmTS/8v/u/6//H9e+f+7N8r/y//Xm/x/f/L/A8j/y//L/w95/f+lVpL/3zTowaiNquX/Y9//ylCTTPp/AAAAyEHs+18VaqL/BwAAgNqIff+rQ030/wAAAFAbse+fCjXJpP+X/69X/v9P//rJVxfy//L/A7Zf0/x/nAby/5mT/+9P/n8A+X/5f/n/Ncn/k4+q5f9j339rqEkm/T8AAADkIPb9t4Wa6P8BAACgNmLff3uoif4fAAAAaiP2/TtCTTLp/+X/65X/j+T/5f/7bb+m+f9E/j9v8v89tB2k8v8DyP/L/2ef/4/vfuX/GY2q5f9j3/+aUJNM+n8AAADIQez77wg10f8DAABAbcS+/7WhJvp/AAAAqI3Y998ZapJJ/y//L/8v/y//L//fe/vy/+uT/H9/K83/b5T/l/+X/88s/+/6/4xW1fL/se9/XahJJv0/AAAA5CD2/XeFmuj/AQAAoDbiv98s/92r/h8AAADqKPb9O0NNMun/5f/l/3PK/zfk/+X/5f9rT/6/P9f/H0D+X/5f/l/+n5GqWv4/9v2vDzXJpP8HAACAHMS+/55QE/0/AAAA1Ebs+6dDTfT/AAAAUBux758JNcmk/5f/l//PKf/v+v/y//L/9Sf/398o8v+L5+X/5f97k/+vYP6/KOT/uaaqlv+Pff+uUJNM+n8AAADIQez7d4ea6P8BAACgNmLfvyfURP8PAAAAtRH7/ntDTTLp/+X/5f/l/+X/5f97b1/+f32S/+/P9f8HkP+X/69b/t/1/7nGqpb/j33/faEmmfT/AAAAkIPY9+8NNdH/AwAAQG3Evn9fqEno/3v9u24AAABgfYl9//5Qk0z+/i//X5P8/2/+fce25f/l//ttfzT5/83y/6HK/1dLTfP/3YfFFZP/H0D+/6rl54uxkQzxmo1f/l/+nytTtfx/7PsPhJpk0v8DAABADmLf/4ZQE/0/AAAA1Ebs+/9/qIn+HwAAAGoj9v0/E2qSSf8v/1+T/H8X+X/5/37bd/1/+f86q2n+f2Rqlf8fk/9fT/l/1/+X/x+0PvV09fP/8avh8v+x778/1CST/h8AAAByEPv+nw010f8DAABAbcS+/42hJvp/AAAAqI3Y9x8MNcmk/5f/l/+/Wvn/C2Py/93zI6/8/xuLblXM/zcnj/x/vVQ4/z8xzPbl/13/X/5/Tcbf/aNmJOOX/5f/Z6mqXf8/9v1vCjXJpP8HAACAHMS+/4FQE/0/AAAA1Ebs+98caqL/BwAAgNqIff9bQk0y6f/l/+X/Xf9f/t/1/3tvX/5/fapw/n8o8v/y//L/63f88v/y/yxVtfx/7PsfDDXJpP8HAACAHMS+/62hJvp/AAAAqI3Y978t1ET/DwAAALUR+/63h5pk0v/L/8v/y//L/8v/996+/P/6JP/fn/z/APL/8v/y//L/jFTV8v+x7/+5UJNM+n8AAADIQez7Hwo10f8DAABAbcS+/x2hJvp/AAAAqI3Y978z1CST/l/+X/5f/l/+X/6/9/bl/9cn+f/+5P8HkP+X/5f/l/9npKqW/499/7tCTTLp/wEAACAHse//+VAT/T8AAADURuz73x1qov8HAACA2oh9/y+EmmTS/8v/y/9XK/+/eL59Pfl/+f9iVPn/5kry/1mQ/+9P/n+AHvn/TfL/8v/y//L/XLGq5f9j3/+eUJNM+n8AAADIQez73xtqov8HAACA2oh9//tCTfT/AAAAUBux73841CST/l/+P8v8f3rK1cv/u/6//L/r/8v/r478f3/y/wO4/r/8v/y//D8jVbX8f+z7Hwk1yaT/BwAAgBzEvv/9oSb6fwAAAKiN2Pf/YqiJ/h8AAABqI/b9Hwg1yaT/l//PMv9f4ev/1y3/P94xP3LK/0+2vZ5pXsr/y/+vAfn//uT/B5D/l/+vcv4/zObNy6wv/08VVS3/H/v+D4aaZNL/AwAAQA5i3/9LoSb6fwAAAKiN2Pf/cqiJ/h8AAABqI/b9vxJqkkn/X8P8/4VC/l/+vzL5/875kVP+3/X/l5L/Xxvy//3J/w8g/y//X+X8/wDy/1RR1fL/se//1VCTZRu/H/zXEE8TAAAAqJDY938o1CSTv/8DAABADmLffyjURP8PAAAAtRH7/kdDTTLp/2uY/1/l9f/jFVXl/+X/R53/H5P/l/+X/18Do8v/v+L6opD/l/+X/5f/l/+X/2c1qpb/j33/4VCTTPp/AAAAyEHs+38t1ET/DwAAALUR+/4joSb6fwAAAKiN2PfPhppk0v9fw/z/RDXz/67/f6X5/5/I/7v+fyD/35v8/9pw/f/+5P8HkP+X/5f/l/9npKqW/499/1yoSSb9PwAAANRY+nVw7PuPhpro/wEAAKA2Yt9/LNRE/w8AAAC1Efv+D4eaZNL/u/6//L/r/1+L/P94x/Ly/yX5f/n/UZD/70/+fwD5f/l/+X/5f0aqavn/2PfPh5pk0v8DAABADmLf/5FQE/0/AAAA1Ebs+z8aaqL/BwAAgNqIff/xUJNM+n/5f/n/3PP/jaK44Pr/o83/b5L/70n+f23I//cn/z+A/P9a5uevH8mgr934l5D/l/9nqarl/2PffyLUJJP+///Yu48mu85qj8MbY0vdI/gIjBkxhJH5CEyZUcWYaJODZXIGk3MwOedgosk552iTczTRUNWUW2stqfsc7S2pj/rs/b7PM1lXuhZ9hBtz/1f1qxcAAAB6kLv/vnGL/Q8AAADNyN1/v7jF/gcAAIBm5O6/f9zSyf7X/+v/e+//h628/3/wr2+t//f+/3r6/+Ox0t9fvv6vO1cUfs7+/y53vfpe+n/9v/5/lPf/9f/6fw6bW/+fu/8BcUsn+x8AAAB6kLv/gXGL/Q8AAADNyN1/Vdxi/wMAAEAzcvdfHbd0sv/1//p//b/+/0D/f6P+X/+/bN7/H6f/n6D/1//r//X/bNTc+v/c/Q+KWzrZ/wAAANCD3P0PjlvsfwAAAGhG7v6HxC32PwAAADQjd/9D45ZO9r/+X/+v/19K/3/C+/+Hfj/6f/3/Ovr/cfr/Cfp//b/+X//PRs2t/8/d/7C4pZP9DwAAAD3I3f/wuMX+BwAAgGbk7n9E3GL/AwAAQDNy9z8ybulk/+v/9f/6/6X0/8f0/r/+X/+/cNcPZ/6ZoP9fpf+fMNH/D4P+f8x59/Prf3vL+fznoP/X/7Nqbv1/7v5HxS13H4YTF/ubBAAAAGYld/+j45ZO/vwfAAAAepC7/5q4xf4HAACAZuTuPxW3dLL/9f/6f/2//l//v/7r6/+Xyfv/447e/9/5jve5d7/9v/f/x3n/f9P9/23fGfp/lm1u/X/u/mvjlk72PwAAAPQgd/9j4hb7HwAAAJqRu/+xcYv9DwAAAM3I3f+4uKWT/a//b63/v/2BX3dW/79fu+j/9f/6f/1/6/T/47z/P2H/H3O79UP9v/7f+//6f45mbv1/7v7Hxy2d7H8AAADoQe7+J8Qt9j8AAAA0I3f/E+MW+x8AAACakbv/SXFLJ/tf/99a/3/w13n/X/+/7uvr//X/LdP/j9P/T2jl/f+L/K7Zdj9/VNv+/Pp//T+r5tb/5+5/ctzSyf4HAACAHuTuf0rcYv8DAABAM3L3PzVusf8BAACgGbn7nxa3dLL/9f/6/2X0//kV5tT/7+3tHfoe0v+ftvT+P+n/l0n/P07/P6GV/v8ibbufX/rn1//r/1k1t/4/d//T45ZO9j8AAAD0IHf/M+IW+x8AAACakbv/mXGL/Q8AAADNyN3/rLilk/2v/9f/L6P/9/6//t/7//r/86P/H6f/n6D/1//r//X/bNTc+v/c/dfFLZ3sfwAAAOhB7v5nxy32PwAAADQjd/9z4hb7HwAAAJqRu/+5cUsn+1//r//X/+v/9f/rv77+f5n0/+P0/xM67/+HU/p//b/+n82aUf9/1q/aGZ4Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/9/2z6//2cr63+f3cYBv3/0Gn/v3vW38/6vtT/6/+Pgf5/nP5/Quf9/7b7+aV/fv2//p/Dds75v9nW+/+5+190+PN1sv8BAACgB7n7Xxy32P8AAADQjNz9L4lb7H8AAABoRu7+l8Ytnex//f9s+v99bfX/3v8//P3RU//v/f9V+v/jof8fp/+foP/X/+v/9f9s1FU3nf6/Zw/bVv+fu/9lcdOJKy76twgAAADMTO7+l8ctnfz5PwAAAPQgd/8r4hb7HwAAABbqupWfyd3/yrilk/2v/99s/3/irJ/T/+v/D39/6P/1//r/S0//P07/P0H/r//X/+v/2ai59f+5+18Vt3Sy/wEAAKAHufuvj1vsfwAAAGhG7v5Xxy32PwAAADQjd/9r4pZO9r/+3/v/+n/9/1T/f+Y5VP2//n/+9P/j9P8T9P/6/5HPf/i/nw7bQP9/8sz/qP+nDRfQ/+/t7V1zyfv/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+18ct9j8AAAA047bdvzsMwxv2f9Tf/tf/d9r/57f6svr/U8Og//f+v/5f/z9O/z9O/z9B/6//9/6//p+Nmtv7/7n73xi3dLL/AQAAoAe5+98Ut9j/AAAA0Izc/W+OW+x/AAAAaEbu/rfELZ3sf/1/p/2/9//1//r/4+7/bx30/8diEf3/7rm//tz7/2v1//r/Ed31//e424Ef6v/1/6yaW/+fu/+tcUsn+x8AAAB6kLv/bXGL/Q8AAADNyN3/9rjF/gcAAIBm5O5/R9x0eSf7X/+v/9f/6//1/+u//jG//39iGAb9/wYsov8fMff+fzPv/x/+T/kZ+n/9/5I/v/5f/8+qufX/ufvfGbd0sv8BAACgB7n73xW32P8AAADQjNz9745b7H8AAABoRu7+98Qtnex//b/+X/+v/2++/792Ef2/9/83RP8/bh79/7np//X/S/78+n/9P+dvW/1/7v73xi2d7H8AAADoQe7+98Ut9j8AAAA0I3f/++MW+x8AAACakbv/A3FLJ/tf/6//v5D+Pz+n/r+t/v/ksfT/p4bhvPv/nQP/ep28/6//3xD9/7jz6f/3v7f1//p//X+v/f91+n82aW7v/+fuvyFu6WT/AwAAQA9y938wbv2/bu1/AAAAaEbu/g/FLfY/AAAANCN3/4fjlk72v/5f/+/9f/1/8+//6/+7ov8f5/3/Cfp//b/+3/v/bNTc+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd/+NcUsn+1//r//X/+v/9f+n/x7q/9ug/x93PP3/rv5f/1/9/O3iPwX6f/3/1K+nTXPr/3P3fzxu6WT/AwAAQA9y938ibrH/AQAAoBm5+z8Zt9j/AAAAsEiXr/m53P2fils62f/6f/2//l//r/9f//X1/8u0lf4/vyn0/97/D/30/3c68KOlvf9/+L+/9P/6fzZvbv1/7v5Pxy2d7H8AAADoQe7+z8Qt9j8AAAA0I3f/Z+MW+x8AAACakbv/c3FLJ/tf/6//1//r//X/67++/n+ZvP8/Tv8/Qf+/1ffzl/759f/6f1bNrf/P3f/5uKWT/Q8AAAA9yN3/hbjF/gcAAIBm5O7/Ytxi/wMAAEAz9nd/xmUd7n/9v/5f/6//1/+v//r6/2XS/4/T/0/Q/+v/9f/6fzZqbv3/l/Z/1c7w5bilk/0PAAAAPcjd/5W4xf4HAACAZuTu/2rcYv8DAABAM3L3fy1u6WT/6//1/8vo//f29q7R/+v/D/5+zvT/N+v/Kfr/cfr/Cfp//b/+X//PRs2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy938rbulk/+v/Z9D/7+j/vf+v/x+8/7/a/192+h/K+v8Lo/8fp/+f0GL/v3P+v/1t9/NHdck+/47+X//PxZpb/5+7/9txSyf7HwAAAHqQu/87cYv9DwAAAM3I3f/duMX+BwAAgGbk7v9e3NLJ/tf/H1//f9u/d728/787rP/8+n/9v/7f+/+Xmv5/nP5/Qov9/wXQ/3v/X//Pps2t/8/d//245eDwu+LCfpcAAADAnOTu/0Hc0smf/wMAAEAPcvf/MG6x/wEAAKAZuft/FLd0sv/1/zN4/7/B/t/7/+u/P/T/s+7/L9P/t+EC+/sbDv+E/j/o//X/+n/9/5H6//xu1v/3bm79f+7+H8ctnex/AAAA6EHu/p/ELfY/AAAANCN3/01xi/0PAAAAzcjdf3Pcctb+X9d2t0L/r//X/+v/9f/rv77+f5m8/z/ufPv/k8PR+v/Uff+/s/Kvr/+/hLb9+fX/3v9n1dz6/9z9P41b/Pk/AAAALM4V5/j53P0/i1vsfwAAAGhG7v6fxy32PwAAADQjd/8v4pZbLtvWRzpW+n/9v/5f/6//X//19f/LpP8f5/3/Cd7/30Q/f6X+v43+fxj0/xzd3Pr/3P2/jFv8+T8AAAA0I3f/r+IW+x8AAACakbv/13GL/Q8AAADNyN3/m7ilk/2v/9f/H7H/308z9f+n6f9P0/+vp/8/Hvr/cfr/Cfp/7//r/73/z0bNrf/P3f/buKWT/Q8AAAA9yN3/u7jF/gcAAIBm5O7/fdxi/wMAAEAzcvf/IW7pZP9vrf+Pf6v1/4vv/73/r//X/+v/Z0X/P67R/n93GAb9/wZsu59f+ufX/+v/WTW3/j93/x/jlk72PwAAAPQgd/+f4hb7HwAAAJqRu//PcYv9DwAAAM3I3f+XuKWT/e/9f/2//l//r/9f//X1/8uk/x/XaP9/5Pf/62+U/l//r//X/7NRc+v/c/f/NW7pZP8DAABAD3L3/y1usf8BAACgGbn7b4lb7H8AAABoRu7+v8ctnex//b/+X/+v/9f/r//6+v9l0v+P22b/f887TH/ZbfX/Rf+fH0H/r//X/7MRc+v/c/f/I27pZP8DAABAD3L3/zNusf8BAACgGbn7/xW32P8AAADQjNz9/45bOtn/E/3/yfoL9f+j9P8HP7/+f/33h/5f/6//v/T0/+O8/z9B/+/9f/2//p+Nmlv/n7v/P3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/2/cYv8DAABAM3L3/y9u6WT/e/9/Sf3/lfp//b/+X/+v/5+g/x+n/5+g/9f/6//1/2zU3Pr/3P3/DwAA//+2vUye")
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

6m52.645908527s ago: executing program 35 (id=3152):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20108c0, &(0x7f0000000c00)=ANY=[], 0x1, 0x61f5, &(0x7f00000075c0)="$eJzs3U1vHVf9B/DfffRD/k2tLqr+I4TctDyU0iROSggUaLsoCzZdoGxRItetIlJASUBpZRFX3rBgxSsAIbFEiCViwQvogi07VqyIZCOBumLQ2OfE48m9vXYd37n2fD6SPfObM9c+4++d++A7MycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjed7+/0omIGz9LC5Yi/i96Ed2IhbJejoiF5aW8fj8inoud5ng2IgZzEeXtd749HfFqRHx8NmJre321XHz5gP146w9/++0Pzrz9198PLv7nj/d6r41b7/79X/77Tw+Ots0AAADQNkVRFJ30Nv9cen/fbbpTAMBU5Of/IsnLT339q3+8/edZ6o9arVar1VOoq4rRHlSLiNio3qZ8zeDjeAA4YTbik6a7QIPk32r9iDjTdCeAmdZpugMci63t9dVOyrdTfT5Y3m3Px4Lsy3+j8+j8jnHTSerHmEzr/rUZvXhmTH8WptSHWZLz79bzv7HbPkzrHXf+0zIu/+HuqU+tk/Pv1fOvOT35d0fm31Y5//6h8u/JHwAAAAAAZlj+//9Sw5//zh19Uw7k0z7/XZ5SHwAAAAAAAADgSTvq+H+PGP8PAAAAZlb5Xr3067N7y8Zdi61cfr0T8VRtfaBl0skyi033AwAAAAAAAAAAAADapL97DO/1TsQgIp5aXCyKovyqqteHddTbnwI71yxouhPA9DX9IA8AALs+Pls7l78TMR8R16O7c62/weLiYlHMLywWi8XCXH49O5ybLxYq7+vztFw2NzzAC+L+sCh/2HzldlWT/l8wqb3+88rfNSx6B+jYEzJIf80xzQ2FDQDJ7rPRlmekU6YonvZpAwdi/z+FlmKp6fsVs6/puykAAABw/IqiKDrpct7n0vh+3aY7BQBMRX7+r38ucKS6O6Y94sn8fLVarVar1Z+pripGe1AtImKjepvyNYPh+AHghNmIT5ruAg2Sf6v1I+K5pjsBzLRO0x3gWGxtr692Ur6d6vNBGt89HwuyL/+Nzs7t8u1HTSepH2MyrfvXZvTimTH9eXZKfZglOf9uPf8bu+3DtN5x5z8t4/If7pwy1z45/149/5rTk393ZP5tlfPvHyr/nvwBAAAAAGCG5f//L/n8N28yAAAAAAAAAJw4W9vrq/m81/z5/+dGrOf8z9Mp5985bP4LaV7+J1rOv1vL/8u19XqV+Ydv7u3//9peX/3dvX/+f54eNP+5PNNJ96xOukd00m/q9NP0KFv3uM1Bb1j+pkGn2+unY36KwbtxK27HWlzat243/T322lf2tZc9Hexrv7yvvf9Y+5V97YN03YFiIbdfiNX4cdyOd3bay7a5Cds/P6G9mNCe8+95/G+lnH+/8lXmv5jaO7Vp6eFH3cf2++p01O9549bnf3Hp+Ddnos3oPdq2qnL7zjfQn/Jv8lYM46d31+5cuH/z3r07K5EmZ6pLL0eaPGE5/8HO19ze4/8Lu+35cb+6vz78aHjo/GfFZvTH5v9CZb7c3pem3Lcm5PyH6Svn/05qH73/n+T8x+//LzfQHwAAAAAAAAAAAAAAAPg0RVHsnCL6RkRcTef/NHVuJgAwXfn5v0jycrVarVar1aevripGe71aRMRfqrcpXzP8fNQPAwBm2X8j4u9Nd4LGyL/F8vX+yumLTXcGmKq7H3z4w5u3b6/dudt0TwAAAAAAAACAzyqP/7lcGf/5xYhYqq23b/zXN2P5qON/9vPMowFGn/BA32Nsdoe9bmW48edjZ3zuC+PG/z4fj4//ncfE7VW3Y4zBhPbhhPa5Ce3zI5fupTXyRI+KnP/zlfHOy/zP1YZfb8P4r/Ux79sg53++cn8u8/9Sbb1q/sVvZi7/jYOuuBndfflfvPf+Ty7e/eDDV269f/O9tffWfnRlZeXSlatXr127dvHdW7fXLu1+P55ez4Ccfx772nGg7ZLzz5nLv11y/l9ItfzbJef/xVTLv11y/vn1nvzbJeef3/vIv11y/i+lWv7tkvP/Sqrl3y5b2+tzZf4vp1r+7ZL3/6+mWv7tkvN/JdXyb5ec/4VUy79dcv4XU32A/F0e/hTJ+edPuOz/7ZLzX0m1/Nsl53851fJvl5z/lVTLv11y/q+mWv7tkvP/Wqrl3y45/6upln+75Py/nurD5L9wjP1iOnL+11Jt/2+XnP83Ui3/dsn5fzPV8m+XnP9rqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8v5Nq+bdLzv/1VMu/Xfau/2/GjBkzeabpRyYAAAAAAAAAAAAAoG4ahxM3vY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/uYuQ66/uBn1nv2muHEAMhOPkb2CQmhMRk13biF/5NMYEADVAKJBT6guN612bBb3jtEiiSTQMlEkZFFVXTi7aAojZSVRFVXNCK0lxUfbkq7QW9qagqITWqDAqoSG0F2WrmPM/jmdnZmVnveH32PJ+PlPx2Z86Z88yZ55yd366/cwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnnuc42iKJr/tf63tShe1Px689TW1m1vuNYjBAAAAFbrp63/P39DuuHgECu1LfN3r/rHry8uLi4WH9jwuxPjxWK6Y6ooJjYVReu+6Jl//2DjS23fB48Xk42xtu/HBmx+w4D7xwfcPzHg/o0D7t804P7JAfcv2QFLbC5/H9N6sB2tL7eWu7S4sZho3bejx1qPNzaNjcXf5bQ0WussThwt5ovjxVwx07F8uWyjtfw3b21u6+1F3NZY27a2N2fIDz91JI6hEfbxjo5tXX7M6PtvKqZ+9MNPHfnjs5du7lUH7oaOxyvHeedtzXF+JtxSjrVRbEr7JI5zrG2c23u8Jhs6xtlordf8unuczw85zg2Xh7mmul/zyWKs9fW3W/tpvP3Xemk/bQ+3/fftRVFcuDzs7mWWbKsYK7Z03DJ2+fWZLGdk8zGaU+mlxfiK5umtQ8zTZp3d0TlPu4+J+PrfGtYbX2YM7S/T9z+9ccnrvtJ5GjWf9XLHSvccHPWxUpU5GOfFt1tP+omec3BHeP6fumP5Odhz7vSYg+l5t83B2wbNwbGNG1pjTi9Co7XO5Tm4q2P5Da0tNVr1uTv6z8HpsydOTy984pOvnz9x+NjcsbmTe3btmtmzd+/+/funj84fn5sp/3+Fe7v6thRj6Ri4Ley7eAy8tmvZ9qm6+JXRHYeTfY7DrV3Ljvo4HO9+co21OSCXzuny2Hi4udMnL44VyxxjrdfnrtUfh+l5tx2H423HYc+fKT2Ow/EhjsPmMqfvGu49y3jbf73GcLV+Fmxtm4Pd70e65+Co349UZQ5Ohnnxr3ct/7NgexjvEztX+n5kw5I5mJ5uOPc0b0nv9yf3t0qveXlL847rNhbnFubO3PPY4bNnz+wqQlkTL2ubK93zdUvbcyqWzNexFc/Xg/OveuKWHrdvDftq8vXN/00u+1o1l7n3nv6vVeunW+/92XHr7iKUEVvr/dnrp3lzf6Zess/+bC7zmenVvxdPfWnb+XdimfNv7PtfKLeXHurxDRPj5fG7Ie2diY7zcedLNd46dzVa235+erjz8UT4b63Pxzf2OR9v61p21Ofjie4nF8/HjUG/7Vid7tdzMsyT4zP9z8fNZbbtXumcHO97Pr491EbY/68LnULqi9rmznLzNm1rfHwiPK/xuIXOebqnY/mJ0Js1t/X07iubp3feXj7WhvTsLlureTrVteyo52k6Xy03TxuDfvt2Zbpfz8kwL27c03+eNpd59t7Vnzs3xy/bzp0bB83BiQ0bm2OeSJOwPN8vbo5z8J7iSHGqOF7Mtu7d2JpPjda2dt433BzcGP5b63Pltj5z8M6uZUc9B9PPseXmXmN86ZMfge7XczLMiyfv6z8Hm8u8Zd9o37veGW5Jy7S9d+3+/dpyv/O6pWs3Xc3feTXH+Tf7+v9utrnM8f0r7TP776e7wy3X9dhP3cfvcsfUbLE2+2lbGOel/cvvp+Z4mst86cCQ8+lgURTnP/ZA6/e94e8rf37uO1/v+LtLr7/pnP/YAz+4/ujfrmT8AKx/L5RlS/mzru0vU8P8/R8AAABYF2LfPxZqov8HAACA2oh9f/xX4Yn+HwAAAGoj9v3joSaZ9P/b3nJp/oXzRUrmLwbx/rQbHiqXixnXmfD91OJlzdsfeGrux395frhtjxVF8ZOHfqPn8tseiuMqTYVxPvNg5+1LVzw/1PYffeTycu359S+Hx4/PZ9hp0CuCO1MUxTdv+EJrO1MfvNiqzz70aKu+98ITjzeXef5A+X1c/7mXlcv/QQj/Hjx6uGP958J++F6oM+/ovT/iel+7+Lrt+95/eXtxvcZtL2497Sc/VD5u/JycLz5eLh/383Lj/6vPP/215vKPvab3+M+P9R7/0+Fxn3rw0nxzxv3PK8vl21+D5vdxvc+G8cftPRXWv+er3+o5/mc+Vy5/+q3lco+GGrd/Z/h+x1svzbfvr8cahzueV/G2crm4/Znv/Hbr/vh48fG7xz956GLH/uieH8/+c/k4013Lx9vjdqK/6Np+83Ha52fc/tO/9WjHfh60/Wfe+9wrm4/bvf27u5bb0LV+9yc2/eFnv9Bze3E8B//sdMfzOfiecByH7T/5oTAfw/3/+8wXOrYbPfqezvNPXP7LW893PJ/o7T8qt//MG4+16n9M/fj3r3vR9S++8OrmviuKb7+vfLxB2z/2R6c6xv+Vm+5qvR7x/pjR797+cuL2z3x858lTC+fmZ9v2auuzc95ZjmfT5OYtzfHeEM6t3d8fOnX2w3NnpmamZopiqr4foXfFvhrqD8pyYaXr3/VIeD1v+b1vbrnjnz4fb/+Xh8vbL76j/Ln12rDcF8PtW8vXb7Gxyu0/eetNreO78Wz5fUeOfQS27/jP/UMtGJ5/9/uCON9Pv/zDrf3QvK/1cyMe16sc/3dny8f5Rtivi+GTmW+76fL22pePn41w8X3l8b7q/RdOc/F1/ZPwer/re+Xjx3HF5/vd8D7mW9s6z3dxfnzj/Fj347c+xeNCOJ8UF8r741Jxf198/qaew4ufQ1JcuLn1/e+kx7l5RU9zOQufWJg+Pn/y3GPTZ+cWzk4vfOKTh06cOnfy7KHWZ3ke+sig9S+fn7a0zk+zc3vvLWY2F0VxqphZgxPW1Rl/86vhxn/6kSOz+2bumJ07evjc0bOPnJ47c+zIwsKRudmFOw4fPTr38UHrz8/ev2v3gT37du88Nj97//4DB/Yc2Dl/8lRzGOWgBtg789GdJ88caq2ycP+9B3bdd9+9MztPnJqdu3/fzMzOc4PWb/1s2tlc+9d3npk7fvjs/Im5nQvzn5y7f9eBvXt3D/w0wBOnjy5MTZ85d3L63MLcmenyuUydbd3c/Nk3aH3qaeHfyvez3RrlB/EV7757b/p81qanPr3sQ5WLdH2A6KXwWTT/8JLT+4f5Pvb9E6EmmfT/AAAAkIPY928MNdH/AwAAQG3Evn9TqIn+HwAAAGoj9v2ToSaZ9P/y//L/w+X/y/tHmf/vlZ8v5P8rlf8//bEyV7re8/8xPy//n4drnP9f9fbl/+X/65f/Hz4/v97HL/8v/89SVcv/x75/c1Fk2f8DAABADmLfvyXURP8PAAAAtRH7/utCTfT/AAAAUBux739RqEkm/b/8/1D5/92DAlf1z/+P/vr/8v/y/2uS/48vjvx/Nlacv3//wx3fyv8H8v/y//L/8v/y/6zaxLL3XKv8f+z7rw81yaT/BwAAgBzEvv/FoSb6fwAAAKiN2PffEGqi/wcAAIDaiH3/1lCTTPp/+X/X/5f/l/+vdf5/tdf/bxuM/P/64Pr//cn/D3DF+f9J+f/1mP+fGO34q53/Hzh8+X+uiqpd/z/2/S8JNcmk/wcAAIAcxL7/paEm+n8AAACojdj3vyzURP8PAAAAtRH7/htDTTLp/+X/5f/l/+X/5f97b3/w9f/Lr+T/q0X+vz/5/wFc/z+v/P+Ix1/t/P+or/8/8WD3+vL/9FK1/H/s+18eapJJ/w8AAAA5iH3/TaEm+n8AAACojdj3vyLURP8PAAAAtRH7/m2hJpn0//L/VyP//9PW2vL/8v/d80P+v275/5L8f7XI//cn/z+A/L/8v/z/cPn/Hh9+Jf9PL1XL/8e+/+ZQk0z6fwAAAMhB7PtvCTVZpv9fHPJv2wAAAEB1xL7//4Wa+Ps/AAAA1Ebs+7eHmmTS/8v/u/6//H9e+f+7N8r/y//Xm/x/f/L/A8j/y//L/w95/f+lVpL/3zTowaiNquX/Y9//ylCTTPp/AAAAyEHs+18VaqL/BwAAgNqIff+rQ030/wAAAFAbse+fCjXJpP+X/69X/v9P//rJVxfy//L/A7Zf0/x/nAby/5mT/+9P/n8A+X/5f/n/Ncn/k4+q5f9j339rqEkm/T8AAADkIPb9t4Wa6P8BAACgNmLff3uoif4fAAAAaiP2/TtCTTLp/+X/65X/j+T/5f/7bb+m+f9E/j9v8v89tB2k8v8DyP/L/2ef/4/vfuX/GY2q5f9j3/+aUJNM+n8AAADIQez77wg10f8DAABAbcS+/7WhJvp/AAAAqI3Y998ZapJJ/y//L/8v/y//L//fe/vy/+uT/H9/K83/b5T/l/+X/88s/+/6/4xW1fL/se9/XahJJv0/AAAA5CD2/XeFmuj/AQAAoDbiv98s/92r/h8AAADqKPb9O0NNMun/5f/l/3PK/zfk/+X/5f9rT/6/P9f/H0D+X/5f/l/+n5GqWv4/9v2vDzXJpP8HAACAHMS+/55QE/0/AAAA1Ebs+6dDTfT/AAAAUBux758JNcmk/5f/l//PKf/v+v/y//L/9Sf/398o8v+L5+X/5f97k/+vYP6/KOT/uaaqlv+Pff+uUJNM+n8AAADIQez7d4ea6P8BAACgNmLfvyfURP8PAAAAtRH7/ntDTTLp/+X/5f/l/+X/5f97b1/+f32S/+/P9f8HkP+X/69b/t/1/7nGqpb/j33/faEmmfT/AAAAkIPY9+8NNdH/AwAAQG3Evn9fqEno/3v9u24AAABgfYl9//5Qk0z+/i//X5P8/2/+fce25f/l//ttfzT5/83y/6HK/1dLTfP/3YfFFZP/H0D+/6rl54uxkQzxmo1f/l/+nytTtfx/7PsPhJpk0v8DAABADmLf/4ZQE/0/AAAA1Ebs+/9/qIn+HwAAAGoj9v0/E2qSSf8v/1+T/H8X+X/5/37bd/1/+f86q2n+f2Rqlf8fk/9fT/l/1/+X/x+0PvV09fP/8avh8v+x778/1CST/h8AAAByEPv+nw010f8DAABAbcS+/42hJvp/AAAAqI3Y9x8MNcmk/5f/l/+/Wvn/C2Py/93zI6/8/xuLblXM/zcnj/x/vVQ4/z8xzPbl/13/X/5/Tcbf/aNmJOOX/5f/Z6mqXf8/9v1vCjXJpP8HAACAHMS+/4FQE/0/AAAA1Ebs+98caqL/BwAAgNqIff9bQk0y6f/l/+X/Xf9f/t/1/3tvX/5/fapw/n8o8v/y//L/63f88v/y/yxVtfx/7PsfDDXJpP8HAACAHMS+/62hJvp/AAAAqI3Y978t1ET/DwAAALUR+/63h5pk0v/L/8v/y//L/8v/996+/P/6JP/fn/z/APL/8v/y//L/jFTV8v+x7/+5UJNM+n8AAADIQez7Hwo10f8DAABAbcS+/x2hJvp/AAAAqI3Y978z1CST/l/+X/5f/l/+X/6/9/bl/9cn+f/+5P8HkP+X/5f/l/9npKqW/499/7tCTTLp/wEAACAHse//+VAT/T8AAADURuz73x1qov8HAACA2oh9/y+EmmTS/8v/y/9XK/+/eL59Pfl/+f9iVPn/5kry/1mQ/+9P/n+AHvn/TfL/8v/y//L/XLGq5f9j3/+eUJNM+n8AAADIQez73xtqov8HAACA2oh9//tCTfT/AAAAUBux73841CST/l/+P8v8f3rK1cv/u/6//L/r/8v/r478f3/y/wO4/r/8v/y//D8jVbX8f+z7Hwk1yaT/BwAAgBzEvv/9oSb6fwAAAKiN2Pf/YqiJ/h8AAABqI/b9Hwg1yaT/l//PMv9f4ev/1y3/P94xP3LK/0+2vZ5pXsr/y/+vAfn//uT/B5D/l/+vcv4/zObNy6wv/08VVS3/H/v+D4aaZNL/AwAAQA5i3/9LoSb6fwAAAKiN2Pf/cqiJ/h8AAABqI/b9vxJqkkn/X8P8/4VC/l/+vzL5/875kVP+3/X/l5L/Xxvy//3J/w8g/y//X+X8/wDy/1RR1fL/se//1VCTZRu/H/zXEE8TAAAAqJDY938o1CSTv/8DAABADmLffyjURP8PAAAAtRH7/kdDTTLp/2uY/1/l9f/jFVXl/+X/R53/H5P/l/+X/18Do8v/v+L6opD/l/+X/5f/l/+X/2c1qpb/j33/4VCTTPp/AAAAyEHs+38t1ET/DwAAALUR+/4joSb6fwAAAKiN2PfPhppk0v9fw/z/RDXz/67/f6X5/5/I/7v+fyD/35v8/9pw/f/+5P8HkP+X/5f/l/9npKqW/499/1yoSSb9PwAAANRY+nVw7PuPhpro/wEAAKA2Yt9/LNRE/w8AAAC1Efv+D4eaZNL/u/6//L/r/1+L/P94x/Ly/yX5f/n/UZD/70/+fwD5f/l/+X/5f0aqavn/2PfPh5pk0v8DAABADmLf/5FQE/0/AAAA1Ebs+z8aaqL/BwAAgNqIff/xUJNM+n/5f/n/3PP/jaK44Pr/o83/b5L/70n+f23I//cn/z+A/P9a5uevH8mgr934l5D/l/9nqarl/2PffyLUJJP+///Yu48mu85qj8MbY0vdI/gIjBkxhJH5CEyZUcWYaJODZXIGk3MwOedgosk552iTczTRUNWUW2stqfsc7S2pj/rs/b7PM1lXuhZ9hBtz/1f1qxcAAAB6kLv/vnGL/Q8AAADNyN1/v7jF/gcAAIBm5O6/f9zSyf7X/+v/e+//h628/3/wr2+t//f+/3r6/+Ox0t9fvv6vO1cUfs7+/y53vfpe+n/9v/5/lPf/9f/6fw6bW/+fu/8BcUsn+x8AAAB6kLv/gXGL/Q8AAADNyN1/Vdxi/wMAAEAzcvdfHbd0sv/1//p//b/+/0D/f6P+X/+/bN7/H6f/n6D/1//r//X/bNTc+v/c/Q+KWzrZ/wAAANCD3P0PjlvsfwAAAGhG7v6HxC32PwAAADQjd/9D45ZO9r/+X/+v/19K/3/C+/+Hfj/6f/3/Ovr/cfr/Cfp//b/+X//PRs2t/8/d/7C4pZP9DwAAAD3I3f/wuMX+BwAAgGbk7n9E3GL/AwAAQDNy9z8ybulk/+v/9f/6/6X0/8f0/r/+X/+/cNcPZ/6ZoP9fpf+fMNH/D4P+f8x59/Prf3vL+fznoP/X/7Nqbv1/7v5HxS13H4YTF/ubBAAAAGYld/+j45ZO/vwfAAAAepC7/5q4xf4HAACAZuTuPxW3dLL/9f/6f/2//l//v/7r6/+Xyfv/447e/9/5jve5d7/9v/f/x3n/f9P9/23fGfp/lm1u/X/u/mvjlk72PwAAAPQgd/9j4hb7HwAAAJqRu/+xcYv9DwAAAM3I3f+4uKWT/a//b63/v/2BX3dW/79fu+j/9f/6f/1/6/T/47z/P2H/H3O79UP9v/7f+//6f45mbv1/7v7Hxy2d7H8AAADoQe7+J8Qt9j8AAAA0I3f/E+MW+x8AAACakbv/SXFLJ/tf/99a/3/w13n/X/+/7uvr//X/LdP/j9P/T2jl/f+L/K7Zdj9/VNv+/Pp//T+r5tb/5+5/ctzSyf4HAACAHuTuf0rcYv8DAABAM3L3PzVusf8BAACgGbn7nxa3dLL/9f/6/2X0//kV5tT/7+3tHfoe0v+ftvT+P+n/l0n/P07/P6GV/v8ibbufX/rn1//r/1k1t/4/d//T45ZO9j8AAAD0IHf/M+IW+x8AAACakbv/mXGL/Q8AAADNyN3/rLilk/2v/9f/L6P/9/6//t/7//r/86P/H6f/n6D/1//r//X/bNTc+v/c/dfFLZ3sfwAAAOhB7v5nxy32PwAAADQjd/9z4hb7HwAAAJqRu/+5cUsn+1//r//X/+v/9f/rv77+f5n0/+P0/xM67/+HU/p//b/+n82aUf9/1q/aGZ4Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/9/2z6//2cr63+f3cYBv3/0Gn/v3vW38/6vtT/6/+Pgf5/nP5/Quf9/7b7+aV/fv2//p/Dds75v9nW+/+5+190+PN1sv8BAACgB7n7Xxy32P8AAADQjNz9L4lb7H8AAABoRu7+l8Ytnex//f9s+v99bfX/3v8//P3RU//v/f9V+v/jof8fp/+foP/X/+v/9f9s1FU3nf6/Zw/bVv+fu/9lcdOJKy76twgAAADMTO7+l8ctnfz5PwAAAPQgd/8r4hb7HwAAABbqupWfyd3/yrilk/2v/99s/3/irJ/T/+v/D39/6P/1//r/S0//P07/P0H/r//X/+v/2ai59f+5+18Vt3Sy/wEAAKAHufuvj1vsfwAAAGhG7v5Xxy32PwAAADQjd/9r4pZO9r/+3/v/+n/9/1T/f+Y5VP2//n/+9P/j9P8T9P/6/5HPf/i/nw7bQP9/8sz/qP+nDRfQ/+/t7V1zyfv/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+18ct9j8AAAA047bdvzsMwxv2f9Tf/tf/d9r/57f6svr/U8Og//f+v/5f/z9O/z9O/z9B/6//9/6//p+Nmtv7/7n73xi3dLL/AQAAoAe5+98Ut9j/AAAA0Izc/W+OW+x/AAAAaEbu/rfELZ3sf/1/p/2/9//1//r/4+7/bx30/8diEf3/7rm//tz7/2v1//r/Ed31//e424Ef6v/1/6yaW/+fu/+tcUsn+x8AAAB6kLv/bXGL/Q8AAADNyN3/9rjF/gcAAIBm5O5/R9x0eSf7X/+v/9f/6//1/+u//jG//39iGAb9/wYsov8fMff+fzPv/x/+T/kZ+n/9/5I/v/5f/8+qufX/ufvfGbd0sv8BAACgB7n73xW32P8AAADQjNz9745b7H8AAABoRu7+98Qtnex//b/+X/+v/2++/792Ef2/9/83RP8/bh79/7np//X/S/78+n/9P+dvW/1/7v73xi2d7H8AAADoQe7+98Ut9j8AAAA0I3f/++MW+x8AAACakbv/A3FLJ/tf/6//v5D+Pz+n/r+t/v/ksfT/p4bhvPv/nQP/ep28/6//3xD9/7jz6f/3v7f1//p//X+v/f91+n82aW7v/+fuvyFu6WT/AwAAQA9y938wbv2/bu1/AAAAaEbu/g/FLfY/AAAANCN3/4fjlk72v/5f/+/9f/1/8+//6/+7ov8f5/3/Cfp//b/+3/v/bNTc+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd/+NcUsn+1//r//X/+v/9f+n/x7q/9ug/x93PP3/rv5f/1/9/O3iPwX6f/3/1K+nTXPr/3P3fzxu6WT/AwAAQA9y938ibrH/AQAAoBm5+z8Zt9j/AAAAsEiXr/m53P2fils62f/6f/2//l//r/9f//X1/8u0lf4/vyn0/97/D/30/3c68KOlvf9/+L+/9P/6fzZvbv1/7v5Pxy2d7H8AAADoQe7+z8Qt9j8AAAA0I3f/Z+MW+x8AAACakbv/c3FLJ/tf/6//1//r//X/67++/n+ZvP8/Tv8/Qf+/1ffzl/759f/6f1bNrf/P3f/5uKWT/Q8AAAA9yN3/hbjF/gcAAIBm5O7/Ytxi/wMAAEAz9nd/xmUd7n/9v/5f/6//1/+v//r6/2XS/4/T/0/Q/+v/9f/6fzZqbv3/l/Z/1c7w5bilk/0PAAAAPcjd/5W4xf4HAACAZuTu/2rcYv8DAABAM3L3fy1u6WT/6//1/8vo//f29q7R/+v/D/5+zvT/N+v/Kfr/cfr/Cfp//b/+X//PRs2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy938rbulk/+v/Z9D/7+j/vf+v/x+8/7/a/192+h/K+v8Lo/8fp/+f0GL/v3P+v/1t9/NHdck+/47+X//PxZpb/5+7/9txSyf7HwAAAHqQu/87cYv9DwAAAM3I3f/duMX+BwAAgGbk7v9e3NLJ/tf/H1//f9u/d728/787rP/8+n/9v/7f+/+Xmv5/nP5/Qov9/wXQ/3v/X//Pps2t/8/d//245eDwu+LCfpcAAADAnOTu/0Hc0smf/wMAAEAPcvf/MG6x/wEAAKAZuft/FLd0sv/1/zN4/7/B/t/7/+u/P/T/s+7/L9P/t+EC+/sbDv+E/j/o//X/+n/9/5H6//xu1v/3bm79f+7+H8ctnex/AAAA6EHu/p/ELfY/AAAANCN3/01xi/0PAAAAzcjdf3Pcctb+X9d2t0L/r//X/+v/9f/rv77+f5m8/z/ufPv/k8PR+v/Uff+/s/Kvr/+/hLb9+fX/3v9n1dz6/9z9P41b/Pk/AAAALM4V5/j53P0/i1vsfwAAAGhG7v6fxy32PwAAADQjd/8v4pZbLtvWRzpW+n/9v/5f/6//X//19f/LpP8f5/3/Cd7/30Q/f6X+v43+fxj0/xzd3Pr/3P2/jFv8+T8AAAA0I3f/r+IW+x8AAACakbv/13GL/Q8AAADNyN3/m7ilk/2v/9f/H7H/308z9f+n6f9P0/+vp/8/Hvr/cfr/Cfp/7//r/73/z0bNrf/P3f/buKWT/Q8AAAA9yN3/u7jF/gcAAIBm5O7/fdxi/wMAAEAzcvf/IW7pZP9vrf+Pf6v1/4vv/73/r//X/+v/Z0X/P67R/n93GAb9/wZsu59f+ufX/+v/WTW3/j93/x/jlk72PwAAAPQgd/+f4hb7HwAAAJqRu//PcYv9DwAAAM3I3f+XuKWT/e/9f/2//l//r/9f//X1/8uk/x/XaP9/5Pf/62+U/l//r//X/7NRc+v/c/f/NW7pZP8DAABAD3L3/y1usf8BAACgGbn7b4lb7H8AAABoRu7+v8ctnex//b/+X/+v/9f/r//6+v9l0v+P22b/f887TH/ZbfX/Rf+fH0H/r//X/7MRc+v/c/f/I27pZP8DAABAD3L3/zNusf8BAACgGbn7/xW32P8AAADQjNz9/45bOtn/E/3/yfoL9f+j9P8HP7/+f/33h/5f/6//v/T0/+O8/z9B/+/9f/2//p+Nmlv/n7v/P3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/2/cYv8DAABAM3L3/y9u6WT/e/9/Sf3/lfp//b/+X/+v/5+g/x+n/5+g/9f/6//1/2zU3Pr/3P3/DwAA//+2vUye")
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.700696563s ago: executing program 8 (id=8475):
rseq(&(0x7f0000000180)={0x0, 0x0, 0x0, 0x2}, 0x20, 0x0, 0x0)
syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=")

2.157829436s ago: executing program 8 (id=8482):
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000019c0), 0x40, 0x0)
preadv(r0, &(0x7f0000003140)=[{&(0x7f0000002bc0)=""/130, 0x82}], 0x1, 0xb, 0x10001)

2.011968827s ago: executing program 7 (id=8486):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x2014c00, &(0x7f0000000040)={[{@min_batch_time={'min_batch_time', 0x3d, 0x2}}]}, 0x1, 0x4ec, &(0x7f0000001a00)="$eJzs3VFrHFsdAPD/TLK3aZvr5qLIteC9FxtJL9rd5MZ7G0RqBdGnglrfY0w2IWSTDdlNbULRFD+AIKKCTz75IvgBBOlHEKGg76JFEW31wQftyM5ObNPuJkuTZnXz+8HpnDNndv7nTLNnd3YOMwGcWe9ExI2IGImIdyOiXKxPizRfpPZ2jx/dXWynJLLs1l+TSIp1+/tql0cj4mJE7EXEWER87csR30xejNvc2V1bqNdrW0W52lrfrDZ3dq+uri+s1FZqG7OzMx/MXZt7f246Kxyrn5ci4voXH/7wez/70vVfffpbv5//85Vvt5v1uY922h0Ri8cK0ENn36X8WOxrH6OtVxFsAEaK/pQG3RAAAPoyGRGXI+IT+ff/cozk3+YAAACAYZJ9fjz+lURkAAAAwNBKI2I8krRSzPcdjzStVDpzeD8SF9J6o9n61HJje2OpXRcxEaV0ebVemy7mCk9EKWmXZ/L80/J7z5VnI+KNiPhB+Xxeriw26kuD/vEDAAAAzoiLbx88//9HOc3zAAAAwJCZ6FkAAAAAhoVTfgAAABh+zv8BAABgqH3l5s12yvaf4710e2d7rXH76lKtuVZZ316sLDa2NisrjcZKfs++9aP2V280Nj8TG9t3qq1as1Vt7uzOrze2N1rzqwcegQ0AAACcojfevv+7JCL2Pns+T1HcBxDggD8OugHASRoZdAOAgRkddAOAgSkduYURAoZdckR9z8k7vz75tgAAAK/G1MdevP7/WlF39G8DwP8zc30A4OxxdQ/OrpIZgHDmTXYW53rVj0WPSQB9X//PspdqGAAAcGLG85SkleJa4HikaaUS8Xr+WIBSsrxar01HxIci4rfl0rl2eSZ/ZXLknGEAAAAAAAAAAAAAAAAAAAAAAAAAoCPLksgAAACAoRaR/inJ7+YfMVWeHH/+94HXkn+W42FR+MmtH91ZaLW2Ztrr/1bO6yOi9eNi/XuZRwIAAADA/4DOeXqxnBl0awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNo8f3V3cT6cZ9y9fiIiJbvFHYyxfjkUpIi78PYnRZ16XRMTICcTfuxcRb3aLn8STLMsmilZ0i3/+FcefyA9N9/hpRFw8gfhwlt1vjz83ur3/0ngnX3Z//40W6bh6j3/pf8e/kR7jz+t9xrj04BfVnvHvRVwa7T7+7MdPesS/3Gf8b3x9d7dXXfbTiKmunz/JgVjV1vpmtbmze3V1fWGltlLbmJ2d+WDu2tz7c9PV5dV6rfi3a4zvf/yXTw7r/4Ue8SeO6P9kn/3/94M7jz7cyZa6xb9yufvn75s94qfFZ98ni3y7fmo/v9fJP+utn//mrcP6v9Sj/0f9/1/ps//vfvW7f+hzUwDgFDR3dtcW6vXa1iGZsT62kZE5Tib7Tufv8Xj76fny9OV2mA36sLx8JuKY++kxYJw7zdEJAAA4SU+/9A+6JQAAAAAAAAAAAAAAAAAAAHB2ncbdyJ6PuTeYrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOo/AQAA//+KZt0m")
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00')

1.786735968s ago: executing program 8 (id=8487):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={0x14, 0x27, 0x9, 0xffffffff, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x48091}, 0x0)

1.747725728s ago: executing program 0 (id=8488):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="320200007d01000005f1000000000400000000000000040000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7825ffffff81020200000000000000bc920000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8105"], 0x232)

1.747140579s ago: executing program 4 (id=8489):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0xffffffffffffffff)

1.53972267s ago: executing program 0 (id=8491):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000040)={[{@redirect_dir_follow, 0x3a}], [], 0x2f})

1.49300362s ago: executing program 7 (id=8492):
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount$afs(&(0x7f0000000080)=@cell={0x25, '', 'syz0', '.backup'}, &(0x7f0000000200)='./bus\x00', &(0x7f0000000240), 0x0, 0x0)

1.48730175s ago: executing program 2 (id=8493):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x1]}, 0x8)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1.477316401s ago: executing program 4 (id=8494):
r0 = socket$inet(0xa, 0x801, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000001500)=""/4110, &(0x7f0000000000)=0x100e)

1.386712451s ago: executing program 8 (id=8495):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x65f, 0xffffffff, 0x3})

1.222703102s ago: executing program 2 (id=8496):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x8001, 0x0)
ioctl$FBIOPUTCMAP(r0, 0x4605, &(0x7f00000001c0)={0x4, 0x1, &(0x7f00000000c0)=[0x7], &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)})

1.195246282s ago: executing program 7 (id=8497):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x20006, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x47, 0x2, 0x3, "d109000000000000000000000000fefffffffffff2ffffff0400", 0x32525942})

1.132398143s ago: executing program 0 (id=8498):
r0 = socket(0x18, 0x0, 0x1)
getsockopt$nfc_llcp(r0, 0x111, 0x0, 0x0, 0x90aa62107f0000)

1.131847572s ago: executing program 8 (id=8499):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@newsa={0xf0, 0x10, 0x1, 0x8000000, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@empty, 0x2, 0x0, 0x4e20, 0x50, 0xff80, 0x20, 0x0, 0x16}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x33}, @in=@local, {0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x5680000000, 0x0, 0x0, 0x10000}, {0x401, 0x9}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x90}}, 0xf0}}, 0x24000058)

1.115575043s ago: executing program 4 (id=8500):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @private}}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2a}}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x38}}}}]}]}, 0x88}}, 0x0)

916.684384ms ago: executing program 2 (id=8501):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="320200007d01000005f1000000000400000000000000040000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7825ffffff81020200000000000000bc920000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8105"], 0x232)

916.193144ms ago: executing program 7 (id=8502):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x70}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)

863.173784ms ago: executing program 8 (id=8503):
syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000040)='./bus\x00', 0x2, &(0x7f0000000180)={[{@balloc_test4}, {@usrjquota_file, 0x4}, {@acl}, {@notail}, {@usrjquota, 0x3d}]}, 0x2, 0x110f, &(0x7f0000001140)="$eJzs2LFqFEEYB/D/7B2Y7mTTL4IWFhISzs4qRYRrrW0kpDJVrooI4rv4OJLKPuQBLAKWwshusp5IIGAuhoPfD2Z3+OabmW/KmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCVV/1nu0naMdIkKUnXnS0uknRj/PHXSZOSN0eL5cHJ/PUyyWRIL33rZ/XT0u493Wrn7bzda19u7z9rl6cf3r87Pj46uV6mpMv55foPUq7rudHW+vcDAACATVHvbPb3ktP/uz8AAABwm7U+JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8gzpb9dskP2utaZKUpOvOFhdJuocsEAAAALizkiZvZzfFMzwDrLzIt1kZ4mP7Ufqc3XwZ5j9apR429184AAAAbJTprRnlj/v480xTa/00jj3JNDs7V/3+1w98308mpwfZ/X0n/zx8zy8/Ho6t1Mk9nQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXO3BAAgAAACDo/+t2BAoAAAAAAAAAAAAAAAAAAAAAAB8FAAD//6zC3aE=")
symlink(&(0x7f000000a900)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

858.300704ms ago: executing program 4 (id=8504):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000040)='\x00', 0x1)

766.897344ms ago: executing program 0 (id=8505):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd0, 0x0, 0x0)

696.023445ms ago: executing program 2 (id=8506):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000580)={0x0, 0x10, &(0x7f00000000c0), {0xfffffffe, 0x0, 0x2036315a, 0x0, 0x0, 0xf, 0x0, 0xffffffff}})

695.617875ms ago: executing program 7 (id=8507):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)={0x30, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x80c}]}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x8004}, 0x20000800)

599.998126ms ago: executing program 4 (id=8508):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fdatasync(0xffffffffffffffff)

369.272807ms ago: executing program 0 (id=8509):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x25000}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}, @IFLA_IFNAME={0x14, 0x3, 'sit0\x00'}]}, 0x50}}, 0x0)

320.190188ms ago: executing program 2 (id=8510):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="54000000020601080000000000010000000020080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x54}}, 0x2800c0c4)

218.398108ms ago: executing program 4 (id=8511):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000002700), 0x2042, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000002740)={0x1e0, 0x4, 0x578, 0xf0, 0x1, 0x1, 0x0, 0x2, {0x40, 0x743}, {0x9c, 0xffff}, {0x38c, 0x898}, {0x9, 0x1e2}, 0x2, 0x10, 0x0, 0xb833, 0x1, 0x0, 0xa, 0xf2, 0x7, 0xc3, 0x4, 0x3, 0x8, 0x100, 0x2, 0x1})

195.653448ms ago: executing program 7 (id=8512):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000850000002a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

10.720879ms ago: executing program 0 (id=8513):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)

0s ago: executing program 2 (id=8514):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x33, 0x0, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

923229][T21527] netlink: 'syz.0.7198': attribute type 11 has an invalid length.
[  673.941350][T21527] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7198'.
[  674.026282][T21531] netlink: 268 bytes leftover after parsing attributes in process `syz.2.7201'.
[  674.238878][T21503] loop7: detected capacity change from 0 to 32768
[  674.310650][T21503] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  674.311609][T21542] binder: 21540:21542 ioctl c018620c 0 returned -14
[  674.342338][T21503] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  674.410343][T21503] (syz.7.7183,21503,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=281474976710721, rec_len=32768, name_len=1
[  674.544158][T21503] (syz.7.7183,21503,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  674.583221][T21503] (syz.7.7183,21503,0):ocfs2_mknod:298 ERROR: status = -2
[  674.613660][T21503] (syz.7.7183,21503,0):ocfs2_mknod:502 ERROR: status = -2
[  674.620864][T21503] (syz.7.7183,21503,0):ocfs2_create:676 ERROR: status = -2
[  674.842395][ T8114] ocfs2: Unmounting device (7,7) on (node local)
[  675.171643][   T27] audit: type=1326 audit(904.139:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21564 comm="syz.4.7214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  675.218573][   T27] audit: type=1326 audit(904.169:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21564 comm="syz.4.7214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  675.299945][   T27] audit: type=1326 audit(904.209:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21564 comm="syz.4.7214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  675.378070][   T27] audit: type=1326 audit(904.209:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21564 comm="syz.4.7214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  675.502904][   T27] audit: type=1326 audit(904.209:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21564 comm="syz.4.7214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  675.595991][   T27] audit: type=1326 audit(904.479:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21571 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  675.682851][   T27] audit: type=1326 audit(904.479:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21571 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  675.797053][   T27] audit: type=1326 audit(904.499:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21571 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  675.913586][   T27] audit: type=1326 audit(904.499:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21571 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  676.024078][   T27] audit: type=1326 audit(904.499:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21571 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  676.254400][T21556] loop0: detected capacity change from 0 to 32768
[  676.330711][T21556] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  676.342722][T21556] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  676.404370][T21595] loop8: detected capacity change from 0 to 64
[  676.439187][T21595] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  676.478161][T21595] minix_free_inode: bit 3 already cleared
[  676.512022][T21556] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  676.561381][   T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  676.569754][   T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  676.790407][   T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 220ms
[  676.828407][   T14] gfs2: fsid=syz:syz.0: jid=0: Done
[  676.834771][T21556] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  676.856979][T21602] netlink: 2 bytes leftover after parsing attributes in process `syz.7.7231'.
[  676.998132][T21588] loop2: detected capacity change from 0 to 32768
[  677.092389][T21588] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  677.122227][T21588] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  677.269857][T21588] (syz.2.7225,21588,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=281474976710721, rec_len=32768, name_len=1
[  677.339570][T21588] (syz.2.7225,21588,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  677.385060][T21588] (syz.2.7225,21588,1):ocfs2_mknod:298 ERROR: status = -2
[  677.399724][T21588] (syz.2.7225,21588,1):ocfs2_mknod:502 ERROR: status = -2
[  677.408681][T21588] (syz.2.7225,21588,1):ocfs2_create:676 ERROR: status = -2
[  677.537373][ T4278] ocfs2: Unmounting device (7,2) on (node local)
[  677.880153][T21630] loop7: detected capacity change from 0 to 64
[  677.910441][T21630] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  678.000500][T21630] minix_free_inode: bit 3 already cleared
[  678.326088][T21642] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7251'.
[  678.348484][T21642] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7251'.
[  678.999090][T21668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7273'.
[  679.061620][T21671] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7275'.
[  679.663077][    C1] sd 0:0:1:0: [sda] tag#5678 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  679.673563][    C1] sd 0:0:1:0: [sda] tag#5678 CDB: Read(6) 08 00 00 00 03 44
[  680.136957][T21657] loop2: detected capacity change from 0 to 32768
[  680.210522][T21657] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  680.248643][T21657] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  680.329231][T21657] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  680.391099][ T5883] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  680.402665][ T5883] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  680.589118][ T5883] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 186ms
[  680.612360][ T5883] gfs2: fsid=syz:syz.0: jid=0: Done
[  680.664551][T21657] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  681.090606][T21737] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7293'.
[  681.362332][T21741] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7299'.
[  681.446109][T21747] loop4: detected capacity change from 0 to 1024
[  681.508545][T21747] EXT4-fs: Ignoring removed orlov option
[  681.629673][T21747] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  682.077751][T21759] loop2: detected capacity change from 0 to 2048
[  682.094203][T15387] EXT4-fs (loop4): unmounting filesystem.
[  682.206512][T21759] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  682.305901][T21766] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7310'.
[  683.448819][T21798] netlink: zone id is out of range
[  683.485021][T21769] loop4: detected capacity change from 0 to 32768
[  683.522219][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  683.522237][   T27] audit: type=1800 audit(912.489:193): pid=21769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.7309" name="file1" dev="loop4" ino=4 res=0 errno=0
[  683.774832][T21806] loop8: detected capacity change from 0 to 2048
[  683.813046][T21806] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  684.399588][T21822] loop8: detected capacity change from 0 to 4096
[  685.213558][T21841] loop8: detected capacity change from 0 to 4096
[  685.329226][T21848] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  685.726959][T21858] netlink: 'syz.4.7352': attribute type 13 has an invalid length.
[  685.931251][T21862] loop7: detected capacity change from 0 to 512
[  685.986902][T21862] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  686.055312][T21862] EXT4-fs (loop7): 1 truncate cleaned up
[  686.083967][T21862] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  686.227750][T21862] EXT4-fs error (device loop7): ext4_get_parent:1910: comm syz.7.7366: inode #2: comm syz.7.7366: iget: illegal inode #
[  686.325255][ T8114] EXT4-fs (loop7): unmounting filesystem.
[  686.341417][T21837] loop2: detected capacity change from 0 to 40427
[  686.424365][T21837] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  686.432903][T21837] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  686.495755][T21837] F2FS-fs (loop2): Found nat_bits in checkpoint
[  686.713284][T21837] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  686.720419][T21837] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  687.821707][T21908] loop4: detected capacity change from 0 to 4096
[  687.878290][T21908] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  688.482643][   T22] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  688.566937][T21932] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7388'.
[  688.684995][   T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  688.717993][   T22] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  688.774874][   T22] usb 9-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18
[  688.812349][   T22] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.831061][   T22] usb 9-1: Product: syz
[  688.860398][   T22] usb 9-1: Manufacturer: syz
[  688.867331][T21942] ipt_CLUSTERIP: Please specify destination IP
[  688.872649][   T22] usb 9-1: SerialNumber: syz
[  688.895618][   T22] usb 9-1: config 0 descriptor??
[  689.165534][T21920] loop2: detected capacity change from 0 to 32768
[  689.210999][T21920] __jfs_setxattr: xattr_size = 2175, new_size = 14921
[  689.358508][   T22] usb 9-1: USB disconnect, device number 11
[  689.524143][T21954] xt_hashlimit: size too large, truncated to 1048576
[  689.531008][T21954] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  689.659580][T21958] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  690.116466][T21970] netlink: 'syz.0.7406': attribute type 4 has an invalid length.
[  690.152809][T21970] netlink: 'syz.0.7406': attribute type 3 has an invalid length.
[  690.222775][T21970] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7406'.
[  690.255762][T21974] netlink: 'syz.7.7420': attribute type 12 has an invalid length.
[  690.321430][T21978] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7409'.
[  690.505079][T21985] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7411'.
[  690.543775][T21988] netlink: 6 bytes leftover after parsing attributes in process `syz.4.7415'.
[  690.563125][T21988] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  690.618515][T21988] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  691.313368][T22007] netlink: 'syz.2.7427': attribute type 12 has an invalid length.
[  691.388251][T22003] xt_CT: No such helper "pptp"
[  691.471417][T22013] nfs: Deprecated parameter 'nointr'
[  691.880037][T22024] device wlan0 entered promiscuous mode
[  691.907124][T22024] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  691.981127][   T27] audit: type=1326 audit(920.949:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22028 comm="syz.8.7437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8bd78f6c9 code=0x7ffc0000
[  692.016127][   T27] audit: type=1326 audit(920.989:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22028 comm="syz.8.7437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8bd78f6c9 code=0x7ffc0000
[  692.065036][T22025] loop2: detected capacity change from 0 to 4096
[  692.099693][T22025] ntfs3: loop2: ino=3, Correct links count -> 2.
[  692.141194][   T27] audit: type=1326 audit(921.019:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22028 comm="syz.8.7437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fc8bd78f6c9 code=0x7ffc0000
[  692.335624][   T27] audit: type=1326 audit(921.019:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22028 comm="syz.8.7437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8bd78f6c9 code=0x7ffc0000
[  692.826059][T22047] xt_CT: No such helper "pptp"
[  692.968300][T22060] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  693.022887][T22060] overlayfs: missing 'lowerdir'
[  693.668580][   T14] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  693.697778][T22092] loop0: detected capacity change from 0 to 1024
[  693.745017][    T7] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  693.807134][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  693.813653][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  693.864583][   T14] usb 9-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  693.875386][   T41] hfsplus: b-tree write err: -5, ino 4
[  693.898777][   T14] usb 9-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  693.938693][   T14] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.947339][    T7] usb 8-1: Using ep0 maxpacket: 32
[  693.957740][    T7] usb 8-1: config 0 has an invalid interface number: 61 but max is 1
[  693.986889][T22100] loop4: detected capacity change from 0 to 164
[  693.987616][    T7] usb 8-1: config 0 has no interface number 1
[  694.004528][   T14] gspca_main: stv0680-2.14.0 probing 041e:4007
[  694.033591][T22100] iso9660: Corrupted directory entry in block 0 of inode 1920
[  694.047351][    T7] usb 8-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  694.088878][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.107424][    T7] usb 8-1: Product: syz
[  694.121939][    T7] usb 8-1: Manufacturer: syz
[  694.137321][    T7] usb 8-1: SerialNumber: syz
[  694.152057][    T7] usb 8-1: config 0 descriptor??
[  694.293799][    T7] viperboard 8-1:0.61: version 0.00 found at bus 008 address 020
[  694.355600][    T7] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  694.398486][    T7] viperboard-i2c: probe of viperboard-i2c.2.auto failed with error -5
[  694.430589][T22112] loop2: detected capacity change from 0 to 512
[  694.446517][    T7] viperboard 8-1:0.0: version 0.00 found at bus 008 address 020
[  694.452379][T22112] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  694.492123][    T7] viperboard-i2c viperboard-i2c.5.auto: failure setting i2c_bus_freq to 100
[  694.505478][    T7] viperboard-i2c: probe of viperboard-i2c.5.auto failed with error -5
[  694.542821][    T7] usb 8-1: USB disconnect, device number 20
[  694.551891][T22112] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  694.642843][T22112] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.7487: corrupted xattr block 32
[  694.698280][T22120] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  694.705640][T22120] IPv6: NLM_F_CREATE should be set when creating new route
[  694.712978][T22120] IPv6: NLM_F_CREATE should be set when creating new route
[  694.720279][T22120] IPv6: NLM_F_CREATE should be set when creating new route
[  694.749445][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  695.091093][   T14] stv0680 9-1:4.0: STV(e): camera ping failed!!
[  695.298713][   T14] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  695.312691][   T14] stv0680 9-1:4.0: last error: 85,  command = 0x7f
[  695.331343][T22138] loop0: detected capacity change from 0 to 512
[  695.355019][   T14] usb 9-1: USB disconnect, device number 12
[  695.395437][T22142] netlink: 'syz.7.7491': attribute type 27 has an invalid length.
[  695.429274][T22138] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  695.599966][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  695.633590][T22154] loop7: detected capacity change from 0 to 64
[  695.697602][T22154] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  695.866244][T22161] netlink: 'syz.4.7498': attribute type 21 has an invalid length.
[  696.039917][T22165] loop7: detected capacity change from 0 to 1024
[  696.145003][T22165] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  696.243067][T22165] EXT4-fs error (device loop7): ext4_lookup:1858: inode #15: comm syz.7.7500: casefold flag without casefold feature
[  696.321402][   T27] audit: type=1400 audit(925.289:198): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=22177 comm="syz.2.7504"
[  696.473660][ T8114] EXT4-fs (loop7): unmounting filesystem.
[  696.621573][T22190] netlink: 'syz.7.7509': attribute type 9 has an invalid length.
[  696.673971][   T27] audit: type=1326 audit(925.649:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.2.7510" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x0
[  696.919391][T22200] autofs4:pid:22200:autofs_fill_super: called with bogus options
[  697.292981][T22215] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7524'.
[  697.302019][T22215] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7524'.
[  697.838966][T22238] loop4: detected capacity change from 0 to 128
[  697.877762][T22238] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  697.903111][T22242] loop7: detected capacity change from 0 to 256
[  697.973546][T22238] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  698.162200][T22247] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  698.191790][T22245] loop8: detected capacity change from 0 to 4096
[  698.216678][T22251] netlink: 'syz.7.7541': attribute type 8 has an invalid length.
[  698.353521][T22245] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  698.398465][T22259] loop2: detected capacity change from 0 to 512
[  698.405889][T22259] EXT4-fs: Ignoring removed mblk_io_submit option
[  698.412459][T22259] EXT4-fs: Ignoring removed orlov option
[  698.419108][T22259] ext4: Bad value for 'data'
[  698.422378][T22257] loop4: detected capacity change from 0 to 64
[  698.486117][ T4383] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  698.633717][T12379] EXT4-fs (loop8): unmounting filesystem.
[  699.374238][T22290] tmpfs: Bad value for 'mpol'
[  699.445274][   T22] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  699.542483][   T27] audit: type=1326 audit(928.509:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22295 comm="syz.0.7564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  699.565854][   T27] audit: type=1326 audit(928.509:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22295 comm="syz.0.7564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  699.587633][    C1] vkms_vblank_simulate: vblank timer overrun
[  699.621604][   T27] audit: type=1326 audit(928.519:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22295 comm="syz.0.7564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  699.653007][   T22] usb 5-1: Using ep0 maxpacket: 16
[  699.663778][   T22] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  699.679911][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  699.707341][   T22] usb 5-1: Product: syz
[  699.713156][   T27] audit: type=1326 audit(928.519:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22295 comm="syz.0.7564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  699.750527][   T22] usb 5-1: Manufacturer: syz
[  699.764924][   T22] usb 5-1: SerialNumber: syz
[  699.780428][   T22] r8152-cfgselector 5-1: config 0 descriptor??
[  699.787078][T22304] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7565'.
[  699.794927][   T27] audit: type=1326 audit(928.519:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22295 comm="syz.0.7564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  699.827348][T22302] loop7: detected capacity change from 0 to 2048
[  699.862490][T22307] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  699.909440][T22302] CPU: 0 PID: 22302 Comm: syz.7.7566 Not tainted syzkaller #0
[  699.917616][T22302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  699.927747][T22302] Call Trace:
[  699.931138][T22302]  <TASK>
[  699.934188][T22302]  dump_stack_lvl+0x168/0x22e
[  699.938992][T22302]  ? show_regs_print_info+0x12/0x12
[  699.944278][T22302]  nilfs_btree_do_lookup+0x96f/0xaf0
[  699.949652][T22302]  ? __kasan_slab_alloc+0x6b/0x80
[  699.954776][T22302]  ? nilfs_btree_alloc_path+0x600/0x600
[  699.960388][T22302]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  699.966004][T22302]  nilfs_btree_lookup_contig+0xfa/0xc00
[  699.971629][T22302]  ? __might_sleep+0xd0/0xd0
[  699.976314][T22302]  ? read_lock_is_recursive+0x10/0x10
[  699.981755][T22302]  ? __might_sleep+0xd0/0xd0
[  699.986412][T22302]  ? nilfs_btree_lookup+0x70/0x70
[  699.991490][T22302]  ? lockdep_init_map_type+0x9d/0x880
[  699.996919][T22302]  ? down_read+0x1a8/0x2d0
[  700.001402][T22302]  nilfs_bmap_lookup_contig+0x87/0x160
[  700.006913][T22302]  nilfs_get_block+0x1f8/0x8f0
[  700.011757][T22302]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  700.017193][T22302]  ? __lock_acquire+0x7c50/0x7c50
[  700.022287][T22302]  ? attach_page_private+0x110/0x300
[  700.027656][T22302]  ? create_empty_buffers+0x59e/0x7a0
[  700.033085][T22302]  ? do_raw_spin_unlock+0x11d/0x230
[  700.038345][T22302]  block_truncate_page+0x387/0x680
[  700.043517][T22302]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  700.048964][T22302]  nilfs_truncate+0x256/0x4c0
[  700.053704][T22302]  ? nilfs_write_failed+0x90/0x90
[  700.058784][T22302]  ? preempt_count_add+0x8d/0x190
[  700.063866][T22302]  ? unmap_mapping_range+0x91/0x100
[  700.069139][T22302]  nilfs_setattr+0x20d/0x2a0
[  700.073792][T22302]  ? nilfs_clear_inode+0x280/0x280
[  700.078963][T22302]  ? evm_inode_setattr+0x91/0x790
[  700.084056][T22302]  ? bpf_lsm_inode_setattr+0x5/0x10
[  700.089324][T22302]  ? security_inode_setattr+0xd8/0x140
[  700.094927][T22302]  ? try_break_deleg+0x79/0x120
[  700.099840][T22302]  ? nilfs_clear_inode+0x280/0x280
[  700.105016][T22302]  notify_change+0xc74/0xf40
[  700.109678][T22302]  do_truncate+0x197/0x220
[  700.114165][T22302]  ? put_page_bootmem+0x2c0/0x2c0
[  700.119254][T22302]  ? bpf_lsm_path_truncate+0x5/0x10
[  700.124525][T22302]  vfs_truncate+0x262/0x2f0
[  700.129084][T22302]  do_sys_truncate+0xdc/0x190
[  700.133825][T22302]  ? break_lease+0xd0/0xd0
[  700.138295][T22302]  ? lockdep_hardirqs_on+0x94/0x140
[  700.143563][T22302]  do_syscall_64+0x4c/0xa0
[  700.148036][T22302]  ? clear_bhb_loop+0x60/0xb0
[  700.152780][T22302]  ? clear_bhb_loop+0x60/0xb0
[  700.157511][T22302]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  700.163458][T22302] RIP: 0033:0x7f54de38f6c9
[  700.168028][T22302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.187700][T22302] RSP: 002b:00007f54df172038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  700.196271][T22302] RAX: ffffffffffffffda RBX: 00007f54de5e5fa0 RCX: 00007f54de38f6c9
[  700.204298][T22302] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  700.205115][   T22] r8152-cfgselector 5-1: Unknown version 0x0000
[  700.212301][T22302] RBP: 00007f54de411f91 R08: 0000000000000000 R09: 0000000000000000
[  700.212382][T22302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.234856][T22302] R13: 00007f54de5e6038 R14: 00007f54de5e5fa0 R15: 00007ffcd5749c68
[  700.240939][   T22] r8152-cfgselector 5-1: bad CDC descriptors
[  700.242877][T22302]  </TASK>
[  700.257063][T22302] NILFS (loop7): btree level mismatch (ino=16): 1 != 7
[  700.264495][T22302] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  700.296985][T22302] Remounting filesystem read-only
[  700.323050][T22302] CPU: 0 PID: 22302 Comm: syz.7.7566 Not tainted syzkaller #0
[  700.331552][T22302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  700.335814][   T22] r8152-cfgselector 5-1: Unknown version 0x0000
[  700.341658][T22302] Call Trace:
[  700.351305][T22302]  <TASK>
[  700.354276][T22302]  dump_stack_lvl+0x168/0x22e
[  700.359022][T22302]  ? show_regs_print_info+0x12/0x12
[  700.364279][T22302]  ? kmem_cache_alloc+0x151/0x2f0
[  700.369363][T22302]  ? memset+0x1e/0x40
[  700.373427][T22302]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  700.379049][T22302]  nilfs_btree_last_key+0x485/0x610
[  700.384338][T22302]  nilfs_bmap_last_key+0x70/0x120
[  700.389516][T22302]  nilfs_truncate_bmap+0xfb/0x340
[  700.394616][T22302]  ? put_page+0xea/0x270
[  700.398924][T22302]  ? nilfs_update_inode+0x1d0/0x1d0
[  700.404184][T22302]  ? block_truncate_page+0x599/0x680
[  700.407705][   T22] r8152-cfgselector 5-1: USB disconnect, device number 25
[  700.409517][T22302]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  700.422215][T22302]  nilfs_truncate+0x263/0x4c0
[  700.426965][T22302]  ? nilfs_write_failed+0x90/0x90
[  700.432051][T22302]  ? preempt_count_add+0x8d/0x190
[  700.437131][T22302]  ? unmap_mapping_range+0x91/0x100
[  700.442484][T22302]  nilfs_setattr+0x20d/0x2a0
[  700.447147][T22302]  ? nilfs_clear_inode+0x280/0x280
[  700.452329][T22302]  ? evm_inode_setattr+0x91/0x790
[  700.457419][T22302]  ? bpf_lsm_inode_setattr+0x5/0x10
[  700.462683][T22302]  ? security_inode_setattr+0xd8/0x140
[  700.468197][T22302]  ? try_break_deleg+0x79/0x120
[  700.473112][T22302]  ? nilfs_clear_inode+0x280/0x280
[  700.478291][T22302]  notify_change+0xc74/0xf40
[  700.482954][T22302]  do_truncate+0x197/0x220
[  700.487424][T22302]  ? put_page_bootmem+0x2c0/0x2c0
[  700.492597][T22302]  ? bpf_lsm_path_truncate+0x5/0x10
[  700.497868][T22302]  vfs_truncate+0x262/0x2f0
[  700.502442][T22302]  do_sys_truncate+0xdc/0x190
[  700.507178][T22302]  ? break_lease+0xd0/0xd0
[  700.511660][T22302]  ? lockdep_hardirqs_on+0x94/0x140
[  700.516924][T22302]  do_syscall_64+0x4c/0xa0
[  700.521400][T22302]  ? clear_bhb_loop+0x60/0xb0
[  700.526133][T22302]  ? clear_bhb_loop+0x60/0xb0
[  700.530858][T22302]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  700.536801][T22302] RIP: 0033:0x7f54de38f6c9
[  700.541260][T22302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.561007][T22302] RSP: 002b:00007f54df172038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  700.569474][T22302] RAX: ffffffffffffffda RBX: 00007f54de5e5fa0 RCX: 00007f54de38f6c9
[  700.577493][T22302] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  700.585516][T22302] RBP: 00007f54de411f91 R08: 0000000000000000 R09: 0000000000000000
[  700.593536][T22302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.600495][   T27] audit: type=1326 audit(929.559:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22314 comm="syz.0.7571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  700.601532][T22302] R13: 00007f54de5e6038 R14: 00007f54de5e5fa0 R15: 00007ffcd5749c68
[  700.601571][T22302]  </TASK>
[  700.623312][    C1] vkms_vblank_simulate: vblank timer overrun
[  700.696177][   T27] audit: type=1326 audit(929.619:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22314 comm="syz.0.7571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  700.768877][   T27] audit: type=1326 audit(929.619:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22314 comm="syz.0.7571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79238f6c9 code=0x7ffc0000
[  700.790682][    C1] vkms_vblank_simulate: vblank timer overrun
[  700.840746][T22322] loop2: detected capacity change from 0 to 256
[  700.843343][T22320] loop0: detected capacity change from 0 to 736
[  700.883271][T22322] exfat: Deprecated parameter 'utf8'
[  700.888747][T22322] exfat: Deprecated parameter 'namecase'
[  700.919373][T22302] NILFS (loop7): btree level mismatch (ino=16): 1 != 7
[  700.941146][T22322] exfat: Deprecated parameter 'utf8'
[  700.962775][T22302] NILFS error (device loop7): nilfs_bmap_last_key: broken bmap (inode number=16)
[  701.006270][T22322] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  701.019871][T22302] NILFS (loop7): error -5 truncating bmap (ino=16)
[  701.316042][ T8114] NILFS (loop7): disposed unprocessed dirty file(s) when detaching log writer
[  701.900680][T22354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7590'.
[  702.012801][T22360] libceph: resolve '0' (ret=-3): failed
[  702.070040][T22362] loop0: detected capacity change from 0 to 256
[  702.526342][T22377] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7601'.
[  702.689957][T22383] netlink: 'syz.8.7603': attribute type 8 has an invalid length.
[  703.012537][T22348] loop7: detected capacity change from 0 to 32768
[  703.035713][T22394] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7609'.
[  703.081428][T22348] (syz.7.7588,22348,0):ocfs2_check_set_options:1213 ERROR: Group quotas were requested, but this filesystem does not have the feature enabled.
[  703.151276][T22348] (syz.7.7588,22348,0):ocfs2_fill_super:1176 ERROR: status = -22
[  703.928212][T22414] loop4: detected capacity change from 0 to 8192
[  703.951179][T22414] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  703.965166][T22414] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  703.974783][T22414] REISERFS (device loop4): using ordered data mode
[  703.981871][T22414] reiserfs: using flush barriers
[  704.019057][T22414] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  704.038314][T22432] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  704.043631][T22414] REISERFS (device loop4): checking transaction log (loop4)
[  704.106880][T22414] REISERFS (device loop4): Using r5 hash to sort names
[  704.146014][T22414] REISERFS (device loop4): using 3.5.x disk format
[  704.171117][T22425] loop0: detected capacity change from 0 to 2048
[  704.176875][T22414] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  704.310202][T22425] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  704.419695][T22443] libceph: resolve '0' (ret=-3): failed
[  704.593661][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  704.878928][T22457] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7634'.
[  705.104015][T22462] loop4: detected capacity change from 0 to 736
[  705.707519][T22483] loop8: detected capacity change from 0 to 256
[  705.738643][T22483] exfat: Deprecated parameter 'utf8'
[  705.781579][T22483] exfat: Deprecated parameter 'namecase'
[  705.809384][T22483] exfat: Deprecated parameter 'utf8'
[  705.908666][T22483] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  705.930237][T22488] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7651'.
[  705.939407][T22478] loop2: detected capacity change from 0 to 8192
[  705.951124][T22489] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7650'.
[  705.978029][T22478] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  706.026722][T22478] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  706.041740][T22478] REISERFS (device loop2): using ordered data mode
[  706.053983][T22478] reiserfs: using flush barriers
[  706.119751][T22478] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  706.345165][T22478] REISERFS (device loop2): checking transaction log (loop2)
[  706.430014][T22478] REISERFS (device loop2): Using r5 hash to sort names
[  706.457534][T22478] REISERFS (device loop2): using 3.5.x disk format
[  706.477562][T22478] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  706.570745][T22504] loop8: detected capacity change from 0 to 2048
[  706.625281][T22506] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7661'.
[  706.666703][T22508] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  706.716175][T22504] CPU: 1 PID: 22504 Comm: syz.8.7658 Not tainted syzkaller #0
[  706.723734][T22504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  706.733844][T22504] Call Trace:
[  706.737169][T22504]  <TASK>
[  706.740160][T22504]  dump_stack_lvl+0x168/0x22e
[  706.744897][T22504]  ? show_regs_print_info+0x12/0x12
[  706.750188][T22504]  nilfs_btree_do_lookup+0x96f/0xaf0
[  706.755534][T22504]  ? __kasan_slab_alloc+0x6b/0x80
[  706.760630][T22504]  ? nilfs_btree_alloc_path+0x600/0x600
[  706.766243][T22504]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  706.771854][T22504]  nilfs_btree_lookup_contig+0xfa/0xc00
[  706.777482][T22504]  ? __might_sleep+0xd0/0xd0
[  706.782153][T22504]  ? read_lock_is_recursive+0x10/0x10
[  706.787590][T22504]  ? __might_sleep+0xd0/0xd0
[  706.792247][T22504]  ? nilfs_btree_lookup+0x70/0x70
[  706.797328][T22504]  ? lockdep_init_map_type+0x9d/0x880
[  706.802760][T22504]  ? down_read+0x1a8/0x2d0
[  706.807231][T22504]  nilfs_bmap_lookup_contig+0x87/0x160
[  706.812751][T22504]  nilfs_get_block+0x1f8/0x8f0
[  706.817589][T22504]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  706.823018][T22504]  ? __lock_acquire+0x7c50/0x7c50
[  706.828074][T22504]  ? attach_page_private+0x110/0x300
[  706.833399][T22504]  ? create_empty_buffers+0x59e/0x7a0
[  706.838794][T22504]  ? do_raw_spin_unlock+0x11d/0x230
[  706.844018][T22504]  block_truncate_page+0x387/0x680
[  706.849199][T22504]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  706.854622][T22504]  nilfs_truncate+0x256/0x4c0
[  706.859432][T22504]  ? nilfs_write_failed+0x90/0x90
[  706.864487][T22504]  ? preempt_count_add+0x8d/0x190
[  706.869552][T22504]  ? unmap_mapping_range+0x91/0x100
[  706.874782][T22504]  nilfs_setattr+0x20d/0x2a0
[  706.879406][T22504]  ? nilfs_clear_inode+0x280/0x280
[  706.884565][T22504]  ? evm_inode_setattr+0x91/0x790
[  706.889613][T22504]  ? bpf_lsm_inode_setattr+0x5/0x10
[  706.894835][T22504]  ? security_inode_setattr+0xd8/0x140
[  706.900315][T22504]  ? try_break_deleg+0x79/0x120
[  706.905186][T22504]  ? nilfs_clear_inode+0x280/0x280
[  706.910413][T22504]  notify_change+0xc74/0xf40
[  706.915038][T22504]  do_truncate+0x197/0x220
[  706.919487][T22504]  ? put_page_bootmem+0x2c0/0x2c0
[  706.924558][T22504]  ? bpf_lsm_path_truncate+0x5/0x10
[  706.929779][T22504]  vfs_truncate+0x262/0x2f0
[  706.934307][T22504]  do_sys_truncate+0xdc/0x190
[  706.939005][T22504]  ? break_lease+0xd0/0xd0
[  706.943443][T22504]  ? lockdep_hardirqs_on+0x94/0x140
[  706.948681][T22504]  do_syscall_64+0x4c/0xa0
[  706.953122][T22504]  ? clear_bhb_loop+0x60/0xb0
[  706.957824][T22504]  ? clear_bhb_loop+0x60/0xb0
[  706.962557][T22504]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  706.968477][T22504] RIP: 0033:0x7fc8bd78f6c9
[  706.972913][T22504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  706.992566][T22504] RSP: 002b:00007fc8be683038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  707.001023][T22504] RAX: ffffffffffffffda RBX: 00007fc8bd9e5fa0 RCX: 00007fc8bd78f6c9
[  707.009026][T22504] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  707.017036][T22504] RBP: 00007fc8bd811f91 R08: 0000000000000000 R09: 0000000000000000
[  707.025048][T22504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  707.033038][T22504] R13: 00007fc8bd9e6038 R14: 00007fc8bd9e5fa0 R15: 00007ffcaca8e738
[  707.041051][T22504]  </TASK>
[  707.044189][    C1] vkms_vblank_simulate: vblank timer overrun
[  707.135016][T22504] NILFS (loop8): btree level mismatch (ino=16): 1 != 7
[  707.142278][T22504] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  707.159945][T22504] Remounting filesystem read-only
[  707.194395][T22504] CPU: 0 PID: 22504 Comm: syz.8.7658 Not tainted syzkaller #0
[  707.201957][T22504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  707.212067][T22504] Call Trace:
[  707.215396][T22504]  <TASK>
[  707.218377][T22504]  dump_stack_lvl+0x168/0x22e
[  707.223126][T22504]  ? show_regs_print_info+0x12/0x12
[  707.228384][T22504]  ? kmem_cache_alloc+0x151/0x2f0
[  707.233526][T22504]  ? memset+0x1e/0x40
[  707.237571][T22504]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  707.243314][T22504]  nilfs_btree_last_key+0x485/0x610
[  707.248677][T22504]  nilfs_bmap_last_key+0x70/0x120
[  707.253771][T22504]  nilfs_truncate_bmap+0xfb/0x340
[  707.258860][T22504]  ? put_page+0xea/0x270
[  707.263166][T22504]  ? nilfs_update_inode+0x1d0/0x1d0
[  707.268431][T22504]  ? block_truncate_page+0x599/0x680
[  707.273784][T22504]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  707.279232][T22504]  nilfs_truncate+0x263/0x4c0
[  707.283977][T22504]  ? nilfs_write_failed+0x90/0x90
[  707.289058][T22504]  ? preempt_count_add+0x8d/0x190
[  707.294152][T22504]  ? unmap_mapping_range+0x91/0x100
[  707.299412][T22504]  nilfs_setattr+0x20d/0x2a0
[  707.304065][T22504]  ? nilfs_clear_inode+0x280/0x280
[  707.309241][T22504]  ? evm_inode_setattr+0x91/0x790
[  707.314419][T22504]  ? bpf_lsm_inode_setattr+0x5/0x10
[  707.319676][T22504]  ? security_inode_setattr+0xd8/0x140
[  707.325185][T22504]  ? try_break_deleg+0x79/0x120
[  707.330091][T22504]  ? nilfs_clear_inode+0x280/0x280
[  707.335266][T22504]  notify_change+0xc74/0xf40
[  707.339936][T22504]  do_truncate+0x197/0x220
[  707.344424][T22504]  ? put_page_bootmem+0x2c0/0x2c0
[  707.349514][T22504]  ? bpf_lsm_path_truncate+0x5/0x10
[  707.354772][T22504]  vfs_truncate+0x262/0x2f0
[  707.357089][T22515] x_tables: ip_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT
[  707.359312][T22504]  do_sys_truncate+0xdc/0x190
[  707.374708][T22504]  ? break_lease+0xd0/0xd0
[  707.379187][T22504]  ? lockdep_hardirqs_on+0x94/0x140
[  707.384458][T22504]  do_syscall_64+0x4c/0xa0
[  707.388928][T22504]  ? clear_bhb_loop+0x60/0xb0
[  707.393661][T22504]  ? clear_bhb_loop+0x60/0xb0
[  707.398394][T22504]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  707.404341][T22504] RIP: 0033:0x7fc8bd78f6c9
[  707.408806][T22504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.428557][T22504] RSP: 002b:00007fc8be683038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  707.437055][T22504] RAX: ffffffffffffffda RBX: 00007fc8bd9e5fa0 RCX: 00007fc8bd78f6c9
[  707.445163][T22504] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  707.453188][T22504] RBP: 00007fc8bd811f91 R08: 0000000000000000 R09: 0000000000000000
[  707.461206][T22504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  707.469332][T22504] R13: 00007fc8bd9e6038 R14: 00007fc8bd9e5fa0 R15: 00007ffcaca8e738
[  707.477391][T22504]  </TASK>
[  707.693774][T22527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7665'.
[  707.751411][T22530] netlink: 'syz.7.7668': attribute type 32 has an invalid length.
[  707.906111][T22534] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  708.222724][T22504] NILFS (loop8): btree level mismatch (ino=16): 1 != 7
[  708.300498][T22504] NILFS error (device loop8): nilfs_bmap_last_key: broken bmap (inode number=16)
[  708.327173][T22504] NILFS (loop8): error -5 truncating bmap (ino=16)
[  708.467323][T22558] loop0: detected capacity change from 0 to 512
[  708.490418][T12379] NILFS (loop8): disposed unprocessed dirty file(s) when detaching log writer
[  708.590532][T22558] EXT4-fs: Ignoring removed mblk_io_submit option
[  708.642760][T22558] EXT4-fs: Ignoring removed orlov option
[  708.649179][T22558] ext4: Bad value for 'data'
[  709.207920][T22580] loop4: detected capacity change from 0 to 2048
[  709.324865][T22584] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  709.362302][T22580] CPU: 1 PID: 22580 Comm: syz.4.7695 Not tainted syzkaller #0
[  709.369871][T22580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  709.379973][T22580] Call Trace:
[  709.383301][T22580]  <TASK>
[  709.386266][T22580]  dump_stack_lvl+0x168/0x22e
[  709.390996][T22580]  ? show_regs_print_info+0x12/0x12
[  709.396357][T22580]  nilfs_btree_do_lookup+0x96f/0xaf0
[  709.401700][T22580]  ? __kasan_slab_alloc+0x6b/0x80
[  709.406804][T22580]  ? nilfs_btree_alloc_path+0x600/0x600
[  709.412400][T22580]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  709.418026][T22580]  nilfs_btree_lookup_contig+0xfa/0xc00
[  709.423738][T22580]  ? __might_sleep+0xd0/0xd0
[  709.428366][T22580]  ? read_lock_is_recursive+0x10/0x10
[  709.433775][T22580]  ? __might_sleep+0xd0/0xd0
[  709.438420][T22580]  ? nilfs_btree_lookup+0x70/0x70
[  709.443483][T22580]  ? lockdep_init_map_type+0x9d/0x880
[  709.448892][T22580]  ? down_read+0x1a8/0x2d0
[  709.453344][T22580]  nilfs_bmap_lookup_contig+0x87/0x160
[  709.458838][T22580]  nilfs_get_block+0x1f8/0x8f0
[  709.463640][T22580]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  709.469048][T22580]  ? __lock_acquire+0x7c50/0x7c50
[  709.474098][T22580]  ? attach_page_private+0x110/0x300
[  709.479407][T22580]  ? create_empty_buffers+0x59e/0x7a0
[  709.484826][T22580]  ? do_raw_spin_unlock+0x11d/0x230
[  709.490077][T22580]  block_truncate_page+0x387/0x680
[  709.495238][T22580]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  709.500652][T22580]  nilfs_truncate+0x256/0x4c0
[  709.505366][T22580]  ? nilfs_write_failed+0x90/0x90
[  709.510418][T22580]  ? preempt_count_add+0x8d/0x190
[  709.515475][T22580]  ? unmap_mapping_range+0x91/0x100
[  709.520710][T22580]  nilfs_setattr+0x20d/0x2a0
[  709.525332][T22580]  ? nilfs_clear_inode+0x280/0x280
[  709.530493][T22580]  ? evm_inode_setattr+0x91/0x790
[  709.535570][T22580]  ? bpf_lsm_inode_setattr+0x5/0x10
[  709.540806][T22580]  ? security_inode_setattr+0xd8/0x140
[  709.546288][T22580]  ? try_break_deleg+0x79/0x120
[  709.551166][T22580]  ? nilfs_clear_inode+0x280/0x280
[  709.556311][T22580]  notify_change+0xc74/0xf40
[  709.560937][T22580]  do_truncate+0x197/0x220
[  709.565395][T22580]  ? put_page_bootmem+0x2c0/0x2c0
[  709.570452][T22580]  ? bpf_lsm_path_truncate+0x5/0x10
[  709.575676][T22580]  vfs_truncate+0x262/0x2f0
[  709.580203][T22580]  do_sys_truncate+0xdc/0x190
[  709.584897][T22580]  ? break_lease+0xd0/0xd0
[  709.589439][T22580]  ? lockdep_hardirqs_on+0x94/0x140
[  709.594666][T22580]  do_syscall_64+0x4c/0xa0
[  709.599105][T22580]  ? clear_bhb_loop+0x60/0xb0
[  709.603815][T22580]  ? clear_bhb_loop+0x60/0xb0
[  709.608510][T22580]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  709.614435][T22580] RIP: 0033:0x7fab84d8f6c9
[  709.620176][T22580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  709.640163][T22580] RSP: 002b:00007fab85b42038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  709.648607][T22580] RAX: ffffffffffffffda RBX: 00007fab84fe5fa0 RCX: 00007fab84d8f6c9
[  709.656600][T22580] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  709.664587][T22580] RBP: 00007fab84e11f91 R08: 0000000000000000 R09: 0000000000000000
[  709.672581][T22580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  709.680580][T22580] R13: 00007fab84fe6038 R14: 00007fab84fe5fa0 R15: 00007fff5c3c40f8
[  709.688583][T22580]  </TASK>
[  709.691740][    C1] vkms_vblank_simulate: vblank timer overrun
[  709.752875][T22580] NILFS (loop4): btree level mismatch (ino=16): 1 != 7
[  709.759962][T22580] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  709.792962][T22580] Remounting filesystem read-only
[  709.798202][T22580] CPU: 0 PID: 22580 Comm: syz.4.7695 Not tainted syzkaller #0
[  709.805893][T22580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  709.815997][T22580] Call Trace:
[  709.819323][T22580]  <TASK>
[  709.822300][T22580]  dump_stack_lvl+0x168/0x22e
[  709.827044][T22580]  ? show_regs_print_info+0x12/0x12
[  709.832305][T22580]  ? kmem_cache_alloc+0x151/0x2f0
[  709.837390][T22580]  ? memset+0x1e/0x40
[  709.841440][T22580]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  709.847063][T22580]  nilfs_btree_last_key+0x485/0x610
[  709.852348][T22580]  nilfs_bmap_last_key+0x70/0x120
[  709.857441][T22580]  nilfs_truncate_bmap+0xfb/0x340
[  709.862527][T22580]  ? put_page+0xea/0x270
[  709.866827][T22580]  ? nilfs_update_inode+0x1d0/0x1d0
[  709.872171][T22580]  ? block_truncate_page+0x599/0x680
[  709.877517][T22580]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  709.882957][T22580]  nilfs_truncate+0x263/0x4c0
[  709.887698][T22580]  ? nilfs_write_failed+0x90/0x90
[  709.892790][T22580]  ? preempt_count_add+0x8d/0x190
[  709.897965][T22580]  ? unmap_mapping_range+0x91/0x100
[  709.903228][T22580]  nilfs_setattr+0x20d/0x2a0
[  709.907891][T22580]  ? nilfs_clear_inode+0x280/0x280
[  709.913157][T22580]  ? evm_inode_setattr+0x91/0x790
[  709.918239][T22580]  ? bpf_lsm_inode_setattr+0x5/0x10
[  709.923493][T22580]  ? security_inode_setattr+0xd8/0x140
[  709.928995][T22580]  ? try_break_deleg+0x79/0x120
[  709.933893][T22580]  ? nilfs_clear_inode+0x280/0x280
[  709.939070][T22580]  notify_change+0xc74/0xf40
[  709.943720][T22580]  do_truncate+0x197/0x220
[  709.948182][T22580]  ? put_page_bootmem+0x2c0/0x2c0
[  709.953264][T22580]  ? bpf_lsm_path_truncate+0x5/0x10
[  709.958505][T22580]  vfs_truncate+0x262/0x2f0
[  709.963064][T22580]  do_sys_truncate+0xdc/0x190
[  709.967883][T22580]  ? break_lease+0xd0/0xd0
[  709.972358][T22580]  ? lockdep_hardirqs_on+0x94/0x140
[  709.977609][T22580]  do_syscall_64+0x4c/0xa0
[  709.982155][T22580]  ? clear_bhb_loop+0x60/0xb0
[  709.986874][T22580]  ? clear_bhb_loop+0x60/0xb0
[  709.991597][T22580]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  709.997622][T22580] RIP: 0033:0x7fab84d8f6c9
[  710.002517][T22580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.022178][T22580] RSP: 002b:00007fab85b42038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  710.030653][T22580] RAX: ffffffffffffffda RBX: 00007fab84fe5fa0 RCX: 00007fab84d8f6c9
[  710.038671][T22580] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  710.046692][T22580] RBP: 00007fab84e11f91 R08: 0000000000000000 R09: 0000000000000000
[  710.054745][T22580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.062774][T22580] R13: 00007fab84fe6038 R14: 00007fab84fe5fa0 R15: 00007fff5c3c40f8
[  710.070805][T22580]  </TASK>
[  710.122095][T22564] loop8: detected capacity change from 0 to 32768
[  710.198359][T22564] (syz.8.7685,22564,1):ocfs2_check_set_options:1213 ERROR: Group quotas were requested, but this filesystem does not have the feature enabled.
[  710.220657][T22580] NILFS (loop4): btree level mismatch (ino=16): 1 != 7
[  710.227786][T22580] NILFS error (device loop4): nilfs_bmap_last_key: broken bmap (inode number=16)
[  710.237521][T22580] NILFS (loop4): error -5 truncating bmap (ino=16)
[  710.297207][T22564] (syz.8.7685,22564,0):ocfs2_fill_super:1176 ERROR: status = -22
[  710.331989][T15387] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  710.544431][T22601] loop0: detected capacity change from 0 to 2048
[  710.556480][T22605] netlink: 'syz.4.7704': attribute type 9 has an invalid length.
[  710.656100][T22606] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  710.699569][T22601] CPU: 0 PID: 22601 Comm: syz.0.7715 Not tainted syzkaller #0
[  710.707124][T22601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  710.717225][T22601] Call Trace:
[  710.720549][T22601]  <TASK>
[  710.723525][T22601]  dump_stack_lvl+0x168/0x22e
[  710.728257][T22601]  ? show_regs_print_info+0x12/0x12
[  710.733557][T22601]  nilfs_btree_do_lookup+0x96f/0xaf0
[  710.738925][T22601]  ? __kasan_slab_alloc+0x6b/0x80
[  710.744029][T22601]  ? nilfs_btree_alloc_path+0x600/0x600
[  710.749656][T22601]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  710.755276][T22601]  nilfs_btree_lookup_contig+0xfa/0xc00
[  710.760897][T22601]  ? __might_sleep+0xd0/0xd0
[  710.765549][T22601]  ? read_lock_is_recursive+0x10/0x10
[  710.770961][T22601]  ? __might_sleep+0xd0/0xd0
[  710.775605][T22601]  ? nilfs_btree_lookup+0x70/0x70
[  710.780771][T22601]  ? lockdep_init_map_type+0x9d/0x880
[  710.786192][T22601]  ? down_read+0x1a8/0x2d0
[  710.790648][T22601]  nilfs_bmap_lookup_contig+0x87/0x160
[  710.796135][T22601]  nilfs_get_block+0x1f8/0x8f0
[  710.800940][T22601]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  710.806347][T22601]  ? __lock_acquire+0x7c50/0x7c50
[  710.811417][T22601]  ? attach_page_private+0x110/0x300
[  710.816747][T22601]  ? create_empty_buffers+0x59e/0x7a0
[  710.822142][T22601]  ? do_raw_spin_unlock+0x11d/0x230
[  710.827379][T22601]  block_truncate_page+0x387/0x680
[  710.832520][T22601]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  710.837933][T22601]  nilfs_truncate+0x256/0x4c0
[  710.842637][T22601]  ? nilfs_write_failed+0x90/0x90
[  710.847686][T22601]  ? preempt_count_add+0x8d/0x190
[  710.852738][T22601]  ? unmap_mapping_range+0x91/0x100
[  710.857972][T22601]  nilfs_setattr+0x20d/0x2a0
[  710.862596][T22601]  ? nilfs_clear_inode+0x280/0x280
[  710.867755][T22601]  ? evm_inode_setattr+0x91/0x790
[  710.872826][T22601]  ? bpf_lsm_inode_setattr+0x5/0x10
[  710.878065][T22601]  ? security_inode_setattr+0xd8/0x140
[  710.883564][T22601]  ? try_break_deleg+0x79/0x120
[  710.888454][T22601]  ? nilfs_clear_inode+0x280/0x280
[  710.893613][T22601]  notify_change+0xc74/0xf40
[  710.898270][T22601]  do_truncate+0x197/0x220
[  710.902773][T22601]  ? put_page_bootmem+0x2c0/0x2c0
[  710.907833][T22601]  ? bpf_lsm_path_truncate+0x5/0x10
[  710.913054][T22601]  vfs_truncate+0x262/0x2f0
[  710.917584][T22601]  do_sys_truncate+0xdc/0x190
[  710.922281][T22601]  ? break_lease+0xd0/0xd0
[  710.926719][T22601]  ? lockdep_hardirqs_on+0x94/0x140
[  710.931943][T22601]  do_syscall_64+0x4c/0xa0
[  710.936376][T22601]  ? clear_bhb_loop+0x60/0xb0
[  710.941091][T22601]  ? clear_bhb_loop+0x60/0xb0
[  710.945794][T22601]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  710.951735][T22601] RIP: 0033:0x7fc79238f6c9
[  710.956182][T22601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.975824][T22601] RSP: 002b:00007fc79325e038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  710.984260][T22601] RAX: ffffffffffffffda RBX: 00007fc7925e5fa0 RCX: 00007fc79238f6c9
[  710.992249][T22601] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  711.000237][T22601] RBP: 00007fc792411f91 R08: 0000000000000000 R09: 0000000000000000
[  711.008313][T22601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  711.016318][T22601] R13: 00007fc7925e6038 R14: 00007fc7925e5fa0 R15: 00007ffd8a5f1048
[  711.024325][T22601]  </TASK>
[  711.388276][T22601] NILFS (loop0): btree level mismatch (ino=16): 1 != 7
[  711.402706][T22601] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  711.457513][T22601] Remounting filesystem read-only
[  711.489127][T22601] CPU: 1 PID: 22601 Comm: syz.0.7715 Not tainted syzkaller #0
[  711.496689][T22601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  711.506790][T22601] Call Trace:
[  711.510110][T22601]  <TASK>
[  711.513086][T22601]  dump_stack_lvl+0x168/0x22e
[  711.517915][T22601]  ? show_regs_print_info+0x12/0x12
[  711.523178][T22601]  ? kmem_cache_alloc+0x151/0x2f0
[  711.528257][T22601]  ? memset+0x1e/0x40
[  711.532291][T22601]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  711.537904][T22601]  nilfs_btree_last_key+0x485/0x610
[  711.543175][T22601]  nilfs_bmap_last_key+0x70/0x120
[  711.548262][T22601]  nilfs_truncate_bmap+0xfb/0x340
[  711.553353][T22601]  ? put_page+0xea/0x270
[  711.557655][T22601]  ? nilfs_update_inode+0x1d0/0x1d0
[  711.562913][T22601]  ? block_truncate_page+0x599/0x680
[  711.565360][   T14] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  711.568239][T22601]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  711.568283][T22601]  nilfs_truncate+0x263/0x4c0
[  711.585951][T22601]  ? nilfs_write_failed+0x90/0x90
[  711.591034][T22601]  ? preempt_count_add+0x8d/0x190
[  711.596205][T22601]  ? unmap_mapping_range+0x91/0x100
[  711.601469][T22601]  nilfs_setattr+0x20d/0x2a0
[  711.606128][T22601]  ? nilfs_clear_inode+0x280/0x280
[  711.611319][T22601]  ? evm_inode_setattr+0x91/0x790
[  711.616406][T22601]  ? bpf_lsm_inode_setattr+0x5/0x10
[  711.621659][T22601]  ? security_inode_setattr+0xd8/0x140
[  711.627173][T22601]  ? try_break_deleg+0x79/0x120
[  711.632070][T22601]  ? nilfs_clear_inode+0x280/0x280
[  711.637238][T22601]  notify_change+0xc74/0xf40
[  711.641894][T22601]  do_truncate+0x197/0x220
[  711.646364][T22601]  ? put_page_bootmem+0x2c0/0x2c0
[  711.651449][T22601]  ? bpf_lsm_path_truncate+0x5/0x10
[  711.656707][T22601]  vfs_truncate+0x262/0x2f0
[  711.661259][T22601]  do_sys_truncate+0xdc/0x190
[  711.666065][T22601]  ? break_lease+0xd0/0xd0
[  711.670536][T22601]  ? lockdep_hardirqs_on+0x94/0x140
[  711.675979][T22601]  do_syscall_64+0x4c/0xa0
[  711.680713][T22601]  ? clear_bhb_loop+0x60/0xb0
[  711.685531][T22601]  ? clear_bhb_loop+0x60/0xb0
[  711.690262][T22601]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  711.696207][T22601] RIP: 0033:0x7fc79238f6c9
[  711.700671][T22601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  711.720326][T22601] RSP: 002b:00007fc79325e038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  711.728801][T22601] RAX: ffffffffffffffda RBX: 00007fc7925e5fa0 RCX: 00007fc79238f6c9
[  711.736833][T22601] RDX: 0000000000000000 RSI: 0000000000002002 RDI: 0000200000000000
[  711.744868][T22601] RBP: 00007fc792411f91 R08: 0000000000000000 R09: 0000000000000000
[  711.752887][T22601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  711.760905][T22601] R13: 00007fc7925e6038 R14: 00007fc7925e5fa0 R15: 00007ffd8a5f1048
[  711.764977][   T14] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  711.768945][T22601]  </TASK>
[  711.769023][    C1] vkms_vblank_simulate: vblank timer overrun
[  711.788134][    C1] vkms_vblank_simulate: vblank timer overrun
[  711.827824][   T14] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  711.874034][T22601] NILFS (loop0): btree level mismatch (ino=16): 1 != 7
[  711.881099][T22601] NILFS error (device loop0): nilfs_bmap_last_key: broken bmap (inode number=16)
[  711.881935][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.917694][T22601] NILFS (loop0): error -5 truncating bmap (ino=16)
[  711.940216][   T14] gspca_main: stv0680-2.14.0 probing 041e:4007
[  711.947397][T22633] loop8: detected capacity change from 0 to 1024
[  712.033177][T22633] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  712.063794][ T4268] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  712.095274][T22633] EXT4-fs error (device loop8): ext4_lookup:1858: inode #15: comm syz.8.7717: casefold flag without casefold feature
[  712.208885][T22644] loop0: detected capacity change from 0 to 64
[  712.248310][T22644] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  712.340897][T12379] EXT4-fs (loop8): unmounting filesystem.
[  712.551768][T22654] netlink: 'syz.8.7724': attribute type 9 has an invalid length.
[  713.003474][   T14] stv0680 3-1:4.0: STV(e): camera ping failed!!
[  713.205939][   T14] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  713.225915][   T14] stv0680 3-1:4.0: last error: 85,  command = 0x7f
[  713.256460][   T14] usb 3-1: USB disconnect, device number 30
[  713.400997][T22676] netlink: 'syz.0.7748': attribute type 16 has an invalid length.
[  713.449070][T22676] netlink: 'syz.0.7748': attribute type 17 has an invalid length.
[  713.502332][T22676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  713.538968][T22676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  713.550050][T22676] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  713.569439][T22676] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  713.582995][T22676] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  713.618170][T22656] loop7: detected capacity change from 0 to 32768
[  713.626436][T22676] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  713.715367][T22656] ERROR: (device loop7): dbAllocNext: Corrupt dmap page
[  713.715367][T22656] 
[  713.770241][T22656] ERROR: (device loop7): remounting filesystem as read-only
[  713.789599][T22656] ialloc: diAlloc returned -5!
[  714.048134][T22694] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  714.068409][T22696] loop8: detected capacity change from 0 to 164
[  714.118556][T22696] iso9660: Corrupted directory entry in block 0 of inode 1920
[  714.190982][T22699] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  714.198329][T22699] IPv6: NLM_F_CREATE should be set when creating new route
[  714.205705][T22699] IPv6: NLM_F_CREATE should be set when creating new route
[  714.213017][T22699] IPv6: NLM_F_CREATE should be set when creating new route
[  714.526734][T22708] loop4: detected capacity change from 0 to 512
[  714.618341][T22708] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  714.725546][T15387] EXT4-fs (loop4): unmounting filesystem.
[  714.785849][T22721] loop0: detected capacity change from 0 to 1024
[  714.804099][T22721] EXT4-fs: inline encryption not supported
[  714.809987][T22721] EXT4-fs: Ignoring removed i_version option
[  714.867719][T22721] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.7757: lblock 2 mapped to illegal pblock 2 (length 1)
[  715.022926][T22721] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  715.031251][T22721] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 48: comm syz.0.7757: lblock 0 mapped to illegal pblock 48 (length 1)
[  715.111541][T22736] loop8: detected capacity change from 0 to 128
[  715.121721][T22721] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  715.161345][T22736] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  715.188529][T22721] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.7757: Failed to acquire dquot type 0
[  715.229805][T22736] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  715.243206][T22721] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  715.323474][T22721] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #11: comm syz.0.7757: mark_inode_dirty error
[  715.356731][T22738] binder: 22737:22738 ioctl c00c6211 0 returned -14
[  715.386936][T22721] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  715.442819][T22721] EXT4-fs (loop0): 1 orphan inode deleted
[  715.448651][T22721] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  715.463649][ T4357] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  715.500296][ T4357] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  715.529605][ T4357] EXT4-fs error (device loop0): ext4_release_dquot:6845: comm kworker/u4:6: Failed to release dquot type 0
[  715.547149][T22721] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm syz.0.7757: lblock 1 mapped to illegal pblock 1 (length 1)
[  715.579695][T22721] Quota error (device loop0): find_next_id: Can't read quota tree block 1
[  715.640907][T22746] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  715.650053][ T5883] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  715.677247][T22746] overlayfs: missing 'lowerdir'
[  715.710811][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  715.730830][ T4268] EXT4-fs error (device loop0): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[  715.733902][    T7] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  715.765839][ T4268] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  715.797813][ T4268] EXT4-fs error (device loop0): ext4_quota_off:7115: inode #3: comm syz-executor: mark_inode_dirty error
[  715.814417][T22748] ipt_ECN: cannot use operation on non-tcp rule
[  715.862781][ T5883] usb 3-1: Using ep0 maxpacket: 8
[  715.870300][ T5883] usb 3-1: config 0 has an invalid interface number: 88 but max is 3
[  715.902817][ T5883] usb 3-1: config 0 has an invalid interface number: 250 but max is 3
[  715.941649][ T5883] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  715.955897][    T7] usb 8-1: unable to get BOS descriptor or descriptor too short
[  715.981543][T22752] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode 802.3ad(4)
[  715.983181][    T7] usb 8-1: config 66 has an invalid descriptor of length 0, skipping remainder of the config
[  716.005009][ T5883] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 4
[  716.017443][ T5883] usb 3-1: config 0 has no interface number 0
[  716.024049][ T5883] usb 3-1: config 0 has no interface number 1
[  716.030235][    T7] usb 8-1: config 66 has 1 interface, different from the descriptor's value: 2
[  716.040090][ T5883] usb 3-1: config 0 interface 88 has no altsetting 0
[  716.047349][    T7] usb 8-1: config 66 has no interface number 0
[  716.053841][ T5883] usb 3-1: config 0 interface 250 has no altsetting 0
[  716.061195][ T5883] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=12.b3
[  716.074987][    T7] usb 8-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[  716.091344][T22756] erofs: (device loop17): erofs_read_superblock: cannot find valid erofs superblock
[  716.101010][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  716.109588][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.132683][    T7] usb 8-1: Product: syz
[  716.136964][    T7] usb 8-1: Manufacturer: syz
[  716.141636][    T7] usb 8-1: SerialNumber: syz
[  716.149617][ T5883] usb 3-1: config 0 descriptor??
[  716.358102][T22763] netlink: 'syz.4.7777': attribute type 16 has an invalid length.
[  716.369802][ T5883] usb 3-1: string descriptor 0 read error: -71
[  716.390279][    T7] usb 8-1: USB disconnect, device number 21
[  716.396381][T22763] netlink: 'syz.4.7777': attribute type 17 has an invalid length.
[  716.396479][T22763] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  716.417952][T22763] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  716.427794][ T5883] usb 3-1: selecting invalid altsetting 0
[  716.434886][ T5883] usb 3-1: Could not set interface, error -22
[  716.467646][ T5883] usb 3-1: USB disconnect, device number 31
[  716.519986][T22763] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  716.550328][T22763] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  716.573929][T22763] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  716.623375][T22763] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  716.810459][T22773] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  716.858186][T22773] overlayfs: missing 'lowerdir'
[  717.732418][T22802] loop7: detected capacity change from 0 to 4096
[  717.791637][T22802] ntfs3: loop7: Different NTFS' sector size (4096) and media sector size (512)
[  717.895537][T22802] ntfs3: loop7: Mark volume as dirty due to NTFS errors
[  717.981673][T22814] xt_hashlimit: size too large, truncated to 1048576
[  718.009773][T22814] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  718.149403][T22812] loop8: detected capacity change from 0 to 4096
[  718.209418][T22812] ntfs3: loop8: Different NTFS' sector size (2048) and media sector size (512)
[  718.430368][T22822] xt_TPROXY: Can be used only with -p tcp or -p udp
[  718.565666][T22828] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  718.849570][T22834] loop8: detected capacity change from 0 to 128
[  719.040620][T22804] loop4: detected capacity change from 0 to 32768
[  719.137864][T22804] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  719.170779][T22804] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  719.257947][T22804] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  719.304320][ T5883] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  719.311169][ T5883] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  719.509648][ T5883] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 198ms
[  719.520606][T22851] loop7: detected capacity change from 0 to 128
[  719.529848][ T5883] gfs2: fsid=syz:syz.0: jid=0: Done
[  719.551116][T22804] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  719.572982][T22851] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  719.629171][T22851] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  719.768809][T22852] ALSA: mixer_oss: invalid OSS volume 'u'
[  719.824569][T22825] loop0: detected capacity change from 0 to 32768
[  719.867859][T22825] (syz.0.7807,22825,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  719.940826][T22825] (syz.0.7807,22825,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  720.045115][T22825] JBD2: Ignoring recovery information on journal
[  720.191082][T22825] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  720.235560][T22825] ocfs2: Unmounting device (7,0) on (node local)
[  720.474572][T22874] 9pnet: Found fid 0 not clunked
[  720.622964][T22877] xt_CT: You must specify a L4 protocol and not use inversions on it
[  720.907193][T22887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7837'.
[  721.260923][T22894] loop4: detected capacity change from 0 to 2048
[  721.315809][T22894] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  722.236751][T22933] binder: 22931:22933 ioctl c018620c 0 returned -14
[  722.803878][T22957] netlink: 'syz.7.7871': attribute type 2 has an invalid length.
[  722.811831][T22957] netlink: 'syz.7.7871': attribute type 2 has an invalid length.
[  723.084198][T22970] netlink: 'syz.7.7878': attribute type 11 has an invalid length.
[  723.256108][ T5941] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  723.413912][T22979] loop8: detected capacity change from 0 to 1024
[  723.462668][ T5941] usb 5-1: Using ep0 maxpacket: 16
[  723.469732][ T5941] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  723.531295][ T5941] usb 5-1: config 0 has no interface number 0
[  723.558546][ T5941] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  723.583684][ T4357] hfsplus: b-tree write err: -5, ino 4
[  723.602696][ T5941] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  723.663099][ T5941] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  723.692800][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  723.700956][ T5941] usb 5-1: Product: syz
[  723.723173][ T5941] usb 5-1: SerialNumber: syz
[  723.739889][ T5941] usb 5-1: config 0 descriptor??
[  723.759366][ T5941] cm109 5-1:0.8: invalid payload size 0, expected 4
[  723.788241][ T5941] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input35
[  723.976763][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  724.188314][ T4668] usb 5-1: USB disconnect, device number 26
[  724.213804][ T4668] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  724.239798][T23000] loop2: detected capacity change from 0 to 16
[  724.262325][T23000] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  724.271703][T23000] erofs: (device loop2): mounted with root inode @ nid 36.
[  724.493196][T22988] orangefs_mount: mount request failed with -4
[  724.515493][T22994] loop8: detected capacity change from 0 to 32768
[  724.733381][T22994] XFS (loop8): Mounting V5 Filesystem
[  724.857152][T23017] xt_CT: No such helper "pptp"
[  724.990592][T22994] XFS (loop8): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  725.044741][T22994] XFS (loop8): Starting recovery (logdev: internal)
[  725.100833][T22994] XFS (loop8): Ending recovery (logdev: internal)
[  725.118780][T23026] loop0: detected capacity change from 0 to 512
[  725.181358][T23026] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  725.221637][ T4668] XFS (loop8): Metadata corruption detected at xfs_inobt_verify+0xc1/0x220, xfs_finobt block 0x8 
[  725.227144][T23026] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  725.283128][ T4668] XFS (loop8): Unmount and run xfs_repair
[  725.288982][ T4668] XFS (loop8): First 128 bytes of corrupted metadata buffer:
[  725.304938][T23026] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  725.332346][T23026] System zones: 0-2, 18-18, 34-34
[  725.384480][ T4668] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  725.415849][T23026] EXT4-fs (loop0): 1 truncate cleaned up
[  725.431035][T23026] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  725.482656][ T4668] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  725.491742][ T4668] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  725.524089][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  725.541136][ T4668] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  725.590730][ T4668] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  725.621103][ T4668] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  725.656606][ T4668] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  725.696380][ T4668] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  725.749058][T22994] XFS (loop8): metadata I/O error in "xfs_btree_read_buf_block+0x1d3/0x2c0" at daddr 0x8 len 8 error 117
[  725.870250][T23051] netlink: 'syz.2.7914': attribute type 8 has an invalid length.
[  725.901006][T12379] XFS (loop8): Unmounting Filesystem
[  726.286618][T23065] xt_CT: You must specify a L4 protocol and not use inversions on it
[  726.353273][T23069] ipt_REJECT: ECHOREPLY no longer supported.
[  726.722761][ T5941] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  726.799993][T23083] netlink: 32 bytes leftover after parsing attributes in process `syz.8.7918'.
[  726.830670][T23085] loop0: detected capacity change from 0 to 256
[  726.919975][ T5941] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  726.934038][T23085] exfat: Deprecated parameter 'namecase'
[  726.939758][T23085] exfat: Deprecated parameter 'utf8'
[  726.971549][ T5941] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  727.018222][ T5941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.040419][T23085] exfat: Deprecated parameter 'namecase'
[  727.045775][ T5941] gspca_main: stv0680-2.14.0 probing 041e:4007
[  727.064979][T23085] exfat: Deprecated parameter 'utf8'
[  727.139324][T23085] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  727.266416][T23095] loop4: detected capacity change from 0 to 4096
[  727.676520][T23108] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7943'.
[  728.123304][ T5941] stv0680 3-1:4.0: STV(e): camera ping failed!!
[  728.214196][T23126] netlink: 'syz.8.7951': attribute type 8 has an invalid length.
[  728.255912][T23126] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7951'.
[  728.312466][T23131] sctp: [Deprecated]: syz.7.7954 (pid 23131) Use of int in maxseg socket option.
[  728.312466][T23131] Use struct sctp_assoc_value instead
[  728.332654][ T5941] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  728.340881][ T5941] stv0680 3-1:4.0: last error: 0,  command = 0x0
[  728.361228][ T5941] usb 3-1: USB disconnect, device number 32
[  728.613912][T23137] loop7: detected capacity change from 0 to 512
[  728.848082][T23147] loop7: detected capacity change from 0 to 65
[  728.892752][T23147] BFS-fs: bfs_fill_super(): NOTE: filesystem loop7 was created with 512 inodes, the real maximum is 511, mounting anyway
[  729.344475][T23161] netlink: 'syz.8.7969': attribute type 10 has an invalid length.
[  729.639917][T23171] loop2: detected capacity change from 0 to 2048
[  729.706133][T23171] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  729.950054][T23183] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7981'.
[  730.632024][T23214] loop2: detected capacity change from 0 to 512
[  730.749885][T23219] loop4: detected capacity change from 0 to 512
[  730.796830][T23214] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  730.855408][T23219] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  730.980410][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  731.096128][T15387] EXT4-fs (loop4): unmounting filesystem.
[  731.709951][T23251] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8011'.
[  731.742048][T23249] loop4: detected capacity change from 0 to 2048
[  731.763318][T23247] loop0: detected capacity change from 0 to 4096
[  731.802239][T23247] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  731.901951][T23247] ntfs3: loop0: failed to convert "c46c" to cp857
[  732.020335][T23231] loop7: detected capacity change from 0 to 32768
[  732.062745][ T5883] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  732.102244][T23231] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  732.125464][T23231] (syz.7.8001,23231,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=3298534883393, rec_len=0, name_len=1
[  732.222887][T23231] (syz.7.8001,23231,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  732.246291][T23231] (syz.7.8001,23231,0):ocfs2_mknod:298 ERROR: status = -2
[  732.262840][ T5883] usb 5-1: Using ep0 maxpacket: 16
[  732.270567][ T5883] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  732.284126][T23231] (syz.7.8001,23231,0):ocfs2_mknod:502 ERROR: status = -2
[  732.294704][ T5883] usb 5-1: config 0 has no interface number 0
[  732.300854][ T5883] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xC has invalid maxpacket 37835, setting to 1024
[  732.333910][T23231] (syz.7.8001,23231,0):ocfs2_create:676 ERROR: status = -2
[  732.364353][T23267] loop2: detected capacity change from 0 to 256
[  732.376493][ T5883] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024
[  732.432432][ T5883] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  732.462368][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  732.476552][T23267] FAT-fs (loop2): Directory bread(block 64) failed
[  732.504033][T23267] FAT-fs (loop2): Directory bread(block 65) failed
[  732.510733][T23267] FAT-fs (loop2): Directory bread(block 66) failed
[  732.522687][ T5883] usb 5-1: Product: syz
[  732.526919][ T5883] usb 5-1: SerialNumber: syz
[  732.563709][T23267] FAT-fs (loop2): Directory bread(block 67) failed
[  732.572112][ T8114] ocfs2: Unmounting device (7,7) on (node local)
[  732.573891][T23267] FAT-fs (loop2): Directory bread(block 68) failed
[  732.611110][ T5883] usb 5-1: config 0 descriptor??
[  732.638281][T23267] FAT-fs (loop2): Directory bread(block 69) failed
[  732.638695][T23249] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  732.684146][T23267] FAT-fs (loop2): Directory bread(block 70) failed
[  732.724511][T23267] FAT-fs (loop2): Directory bread(block 71) failed
[  732.731205][T23267] FAT-fs (loop2): Directory bread(block 72) failed
[  732.763237][T23267] FAT-fs (loop2): Directory bread(block 73) failed
[  732.866623][T23275] netlink: 12296 bytes leftover after parsing attributes in process `syz.8.8023'.
[  732.894875][ T5883] usb 5-1: invalid MIDI in EP 0
[  732.935538][T23275] netlink: 164 bytes leftover after parsing attributes in process `syz.8.8023'.
[  732.982736][ T5883] snd-usb-audio: probe of 5-1:0.2 failed with error -22
[  733.033528][ T5883] usb 5-1: USB disconnect, device number 27
[  733.035878][ T4411] udevd[4411]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  733.192722][   T14] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  733.394955][   T14] usb 8-1: Using ep0 maxpacket: 16
[  733.402042][   T14] usb 8-1: config 4 has an invalid interface number: 51 but max is 0
[  733.424451][   T14] usb 8-1: config 4 has no interface number 0
[  733.430634][   T14] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  733.462745][   T14] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  733.473780][T23285] loop0: detected capacity change from 0 to 4096
[  733.481427][   T14] usb 8-1: config 4 interface 51 has no altsetting 0
[  733.491741][   T14] usb 8-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  733.505194][   T14] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.535782][   T14] usb 8-1: Product: syz
[  733.540034][   T14] usb 8-1: Manufacturer: syz
[  733.556563][   T14] usb 8-1: SerialNumber: syz
[  733.583339][T23277] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  733.590769][T23277] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  733.832816][ T5883] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  733.846224][T23277] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  733.869943][T23277] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  733.949160][   T14] cdc_eem 8-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.7-1, CDC EEM Device, 6e:e6:d9:a9:a9:16
[  734.056869][ T5883] usb 3-1: unable to get BOS descriptor or descriptor too short
[  734.074314][ T5883] usb 3-1: config 66 has an invalid descriptor of length 0, skipping remainder of the config
[  734.109801][ T5883] usb 3-1: config 66 has 1 interface, different from the descriptor's value: 2
[  734.139559][ T5883] usb 3-1: config 66 has no interface number 0
[  734.160853][   T14] usb 8-1: USB disconnect, device number 22
[  734.177924][ T5883] usb 3-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[  734.188069][   T14] cdc_eem 8-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.7-1, CDC EEM Device
[  734.202167][T23309] loop4: detected capacity change from 0 to 1024
[  734.216463][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  734.238270][ T5883] usb 3-1: Product: syz
[  734.245795][ T5883] usb 3-1: Manufacturer: syz
[  734.250453][ T5883] usb 3-1: SerialNumber: syz
[  734.280316][T23309] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  734.453626][T15387] EXT4-fs (loop4): unmounting filesystem.
[  734.501325][T23314] loop8: detected capacity change from 0 to 4096
[  734.511458][T23314] ntfs3: loop8: Different NTFS' sector size (4096) and media sector size (512)
[  734.533726][ T5883] usb 3-1: USB disconnect, device number 33
[  734.692531][T23314] ntfs3: loop8: failed to convert "c46c" to cp852
[  734.951677][T23324] loop7: detected capacity change from 0 to 2048
[  734.991365][T23324] UDF-fs: error (device loop7): udf_load_logicalvol: error loading logical volume descriptor: Too many partition maps (4 > 0)
[  735.051453][T23324] UDF-fs: Scanning with blocksize 512 failed
[  735.087998][T23324] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  735.108759][T23324] UDF-fs: Scanning with blocksize 1024 failed
[  735.158153][T23324] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  735.192781][ T5883] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  735.225721][T23324] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  735.240082][T23324] UDF-fs: Scanning with blocksize 2048 failed
[  735.261283][T23324] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  735.295577][T23324] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  735.318944][T23324] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  735.344959][T23324] UDF-fs: Scanning with blocksize 4096 failed
[  735.351107][T23324] UDF-fs: warning (device loop7): udf_fill_super: No partition found (1)
[  735.395823][ T5883] usb 5-1: unable to get BOS descriptor or descriptor too short
[  735.423424][ T5883] usb 5-1: not running at top speed; connect to a high speed hub
[  735.449061][T23324] exFAT-fs (loop7): invalid boot record signature
[  735.462807][T23324] exFAT-fs (loop7): failed to read boot sector
[  735.470877][ T5883] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  735.499710][T23324] exFAT-fs (loop7): failed to recognize exfat type
[  735.510413][ T5883] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  735.530961][ T5883] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  735.569641][ T5883] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  735.649398][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.667931][ T5883] usb 5-1: Product: syz
[  735.672165][ T5883] usb 5-1: Manufacturer: syz
[  735.687375][ T5883] usb 5-1: SerialNumber: syz
[  735.902901][ T5941] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  736.092639][ T5941] usb 3-1: Using ep0 maxpacket: 32
[  736.100553][ T5941] usb 3-1: unable to get BOS descriptor or descriptor too short
[  736.126877][ T5883] usb 5-1: 0:2 : does not exist
[  736.145960][ T5941] usb 3-1: config 7 has an invalid interface number: 187 but max is 0
[  736.166164][ T5883] usb 5-1: USB disconnect, device number 28
[  736.193354][ T5941] usb 3-1: config 7 has no interface number 0
[  736.219902][ T5941] usb 3-1: config 7 interface 187 has no altsetting 0
[  736.253167][ T5941] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  736.277753][ T5941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.319024][ T5941] usb 3-1: Product: syz
[  736.331755][ T5941] usb 3-1: Manufacturer: syz
[  736.345567][ T5941] usb 3-1: SerialNumber: syz
[  736.405791][ T4780] udevd[4780]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  736.563270][ T5941] usb 3-1: Limiting number of CPorts to U8_MAX
[  736.576304][ T5941] usb 3-1: Unknown endpoint type found, address 0x07
[  736.619193][ T5941] usb 3-1: Not enough endpoints found in device, aborting!
[  736.793694][ T4668] usb 3-1: USB disconnect, device number 34
[  736.821228][T23379] loop0: detected capacity change from 0 to 512
[  736.860633][T23379] EXT4-fs: Ignoring removed mblk_io_submit option
[  736.906089][T23379] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  736.924484][T23379] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.8066: attempt to clear invalid blocks 2 len 1
[  736.938272][T23379] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  736.953877][T23379] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.8066: invalid indirect mapped block 1819239214 (level 0)
[  736.972717][T23379] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.8066: invalid indirect mapped block 1819239214 (level 1)
[  736.988478][T23379] EXT4-fs (loop0): 1 truncate cleaned up
[  736.997301][T23379] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  737.009990][T23389] loop8: detected capacity change from 0 to 1024
[  737.155459][T23389] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  737.181908][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  737.504699][T12379] EXT4-fs (loop8): unmounting filesystem.
[  737.558693][T23409] netlink: 'syz.2.8074': attribute type 1 has an invalid length.
[  737.633444][T23409] netlink: 228 bytes leftover after parsing attributes in process `syz.2.8074'.
[  737.908746][T23419] program syz.2.8078 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  737.926510][T23418] vivid-004: =================  START STATUS  =================
[  737.997608][T23418] vivid-004: Radio HW Seek Mode: Bounded
[  738.042683][T23418] vivid-004: Radio Programmable HW Seek: false
[  738.052188][T23418] vivid-004: RDS Rx I/O Mode: Block I/O
[  738.109278][T23418] vivid-004: Generate RBDS Instead of RDS: false
[  738.126586][T23418] vivid-004: RDS Reception: true
[  738.136729][T23418] vivid-004: RDS Program Type: 0 inactive
[  738.193067][T23418] vivid-004: RDS PS Name:  inactive
[  738.218485][T23418] vivid-004: RDS Radio Text:  inactive
[  738.250425][T23418] vivid-004: RDS Traffic Announcement: false inactive
[  738.289611][T23418] vivid-004: RDS Traffic Program: false inactive
[  738.294615][T23430] kAFS: unable to lookup cell ''
[  738.322722][T23418] vivid-004: RDS Music: false inactive
[  738.342728][T23418] vivid-004: ==================  END STATUS  ==================
[  738.371661][T23433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8083'.
[  738.548394][T23436] loop0: detected capacity change from 0 to 764
[  738.669077][T23436] Symlink component flag not implemented
[  738.710146][T23436] Symlink component flag not implemented
[  738.742757][T23436] Symlink component flag not implemented (129)
[  738.749001][T23436] Symlink component flag not implemented (6)
[  739.111549][T23405] loop7: detected capacity change from 0 to 40427
[  739.161237][T23405] F2FS-fs (loop7): Invalid log_blocksize (64), supports only 12
[  739.191270][T23405] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  739.280627][T23405] F2FS-fs (loop7): invalid crc value
[  739.314097][T23405] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  739.509129][T23465] loop8: detected capacity change from 0 to 256
[  739.545790][T23405] F2FS-fs (loop7): Cannot turn on quotas: -2 on 1
[  739.577713][T23452] syz.0.8090 (23452): drop_caches: 2
[  739.591565][T23405] F2FS-fs (loop7): Start checkpoint disabled!
[  739.645242][T23405] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  739.662796][T23405] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  739.672319][T23465] FAT-fs (loop8): Directory bread(block 64) failed
[  739.719390][T23465] FAT-fs (loop8): Directory bread(block 65) failed
[  739.739748][T23465] FAT-fs (loop8): Directory bread(block 66) failed
[  739.785195][T23465] FAT-fs (loop8): Directory bread(block 67) failed
[  739.812321][T23465] FAT-fs (loop8): Directory bread(block 68) failed
[  739.842824][T23465] FAT-fs (loop8): Directory bread(block 69) failed
[  739.878953][T23465] FAT-fs (loop8): Directory bread(block 70) failed
[  739.951066][T23465] FAT-fs (loop8): Directory bread(block 71) failed
[  739.989550][T23465] FAT-fs (loop8): Directory bread(block 72) failed
[  740.022644][T23465] FAT-fs (loop8): Directory bread(block 73) failed
[  740.686593][T23466] loop2: detected capacity change from 0 to 32768
[  740.701109][T23466] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.8095 (23466)
[  740.785314][T23466] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  740.813899][T23466] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  740.842386][T23466] BTRFS info (device loop2): using free space tree
[  740.911978][T23498] netlink: 180 bytes leftover after parsing attributes in process `syz.7.8110'.
[  741.110492][T23514] loop8: detected capacity change from 0 to 512
[  741.195980][T23514] EXT4-fs: Ignoring removed mblk_io_submit option
[  741.283597][T23524] loop7: detected capacity change from 0 to 128
[  741.288556][T23514] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  741.313210][T23514] EXT4-fs error (device loop8): ext4_clear_blocks:883: inode #13: comm syz.8.8114: attempt to clear invalid blocks 2 len 1
[  741.326721][T23466] BTRFS info (device loop2): enabling ssd optimizations
[  741.355429][T23524] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  741.373445][T23524] hpfs: filesystem error: improperly stopped
[  741.379671][T23524] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  741.413465][T23514] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  741.438777][T23514] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.8114: invalid indirect mapped block 1819239214 (level 0)
[  741.459854][T23524] hpfs: You really don't want any checks? You are crazy...
[  741.471969][T23514] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.8114: invalid indirect mapped block 1819239214 (level 1)
[  741.481951][T23530] loop4: detected capacity change from 0 to 2048
[  741.497055][T23524] hpfs: hpfs_map_sector(): read error
[  741.502524][T23524] hpfs: code page support is disabled
[  741.516878][T23514] EXT4-fs (loop8): 1 truncate cleaned up
[  741.535809][T23524] hpfs: hpfs_map_4sectors(): unaligned read
[  741.542002][T23514] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  741.560771][T23524] hpfs: hpfs_map_4sectors(): unaligned read
[  741.578883][ T4278] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  741.599956][T23524] hpfs: filesystem error: unable to find root dir
[  741.640045][T23530] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  741.689184][T23530] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  742.084337][T12379] EXT4-fs (loop8): unmounting filesystem.
[  742.510680][T23520] loop0: detected capacity change from 0 to 32768
[  742.572869][T23520] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  742.583645][T23520] XFS (loop0): Mounting V5 Filesystem
[  742.663860][T23542] xt_CT: No such helper "syz1"
[  742.745350][T23520] XFS (loop0): Ending clean mount
[  742.913466][ T4268] XFS (loop0): Unmounting Filesystem
[  743.083486][ T4587] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  743.097192][T23563] program syz.7.8130 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  743.239715][T23565] loop4: detected capacity change from 0 to 512
[  743.259852][T23565] EXT4-fs: Ignoring removed mblk_io_submit option
[  743.307371][ T4587] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  743.326026][ T4587] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.337909][T23565] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  743.344635][ T4587] usb 3-1: Product: syz
[  743.350239][ T4587] usb 3-1: Manufacturer: syz
[  743.360587][ T4587] usb 3-1: SerialNumber: syz
[  743.388283][T23565] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.8131: attempt to clear invalid blocks 2 len 1
[  743.410319][ T4587] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  743.419994][T23565] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  743.440504][ T4587] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  743.552918][T23565] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.8131: invalid indirect mapped block 1819239214 (level 0)
[  743.583073][T23565] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.8131: invalid indirect mapped block 1819239214 (level 1)
[  743.613954][T23565] EXT4-fs (loop4): 1 truncate cleaned up
[  743.630101][T23565] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  743.701784][    C0] usb 3-1: ath9k_htc: invalid pkt_len (fd10)
[  743.845229][T15387] EXT4-fs (loop4): unmounting filesystem.
[  743.905069][   T22] usb 3-1: USB disconnect, device number 35
[  743.974038][T23555] loop8: detected capacity change from 0 to 40427
[  744.013163][T23555] F2FS-fs (loop8): Invalid log_blocksize (64), supports only 12
[  744.032773][T23555] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  744.068918][T23555] F2FS-fs (loop8): invalid crc value
[  744.125650][T23555] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  744.327915][T23555] F2FS-fs (loop8): Cannot turn on quotas: -2 on 1
[  744.376667][T23555] F2FS-fs (loop8): Start checkpoint disabled!
[  744.443087][T23555] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  744.477456][T23555] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  744.522692][ T4587] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  744.532801][ T4587] ath9k_htc: Failed to initialize the device
[  744.539421][   T22] usb 3-1: ath9k_htc: USB layer deinitialized
[  744.623107][T23593] UBIFS error (pid: 23593): cannot open "(null)", error -22
[  744.647182][T23595] loop2: detected capacity change from 0 to 256
[  744.831405][T23595] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  745.350005][T23615] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8154'.
[  745.368241][T23615] netlink: 'syz.0.8154': attribute type 1 has an invalid length.
[  745.410398][T23615] netlink: 'syz.0.8154': attribute type 2 has an invalid length.
[  745.418807][T23615] netlink: 112 bytes leftover after parsing attributes in process `syz.0.8154'.
[  745.490139][T23617] x_tables: ip_tables: osf match: only valid for protocol 6
[  745.622076][T23619] loop2: detected capacity change from 0 to 2048
[  745.754736][ T4780] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  745.816189][T23622] loop0: detected capacity change from 0 to 4096
[  745.850038][T23622] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  746.032688][   T22] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  746.219865][T23606] loop7: detected capacity change from 0 to 32768
[  746.242833][   T22] usb 3-1: Using ep0 maxpacket: 16
[  746.250347][   T22] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  746.270270][T23606] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop7 scanned by syz.7.8152 (23606)
[  746.294929][   T22] usb 3-1: config 0 has no interface number 0
[  746.302292][   T22] usb 3-1: config 0 interface 2 altsetting 0 endpoint 0xC has invalid maxpacket 37835, setting to 1024
[  746.342395][   T22] usb 3-1: config 0 interface 2 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024
[  746.392693][T23606] BTRFS info (device loop7): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  746.409392][   T22] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  746.434599][T23606] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[  746.446778][   T22] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  746.461804][T23606] BTRFS info (device loop7): disabling free space tree
[  746.472422][   T22] usb 3-1: Product: syz
[  746.478298][   T22] usb 3-1: SerialNumber: syz
[  746.484506][T23606] BTRFS info (device loop7): turning on flush-on-commit
[  746.507745][T23606] BTRFS info (device loop7): enabling auto defrag
[  746.525218][   T22] usb 3-1: config 0 descriptor??
[  746.531203][T23619] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  746.542826][T23606] BTRFS info (device loop7): force clearing of disk cache
[  746.550035][T23606] BTRFS info (device loop7): setting nodatacow, compression disabled
[  746.572773][T23606] BTRFS info (device loop7): turning on async discard
[  746.755047][   T22] usb 3-1: invalid MIDI in EP 0
[  746.805935][T23606] BTRFS info (device loop7): enabling ssd optimizations
[  746.893792][   T22] snd-usb-audio: probe of 3-1:0.2 failed with error -22
[  746.969355][ T4411] udevd[4411]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  746.987761][   T22] usb 3-1: USB disconnect, device number 36
[  747.007583][ T8114] BTRFS info (device loop7): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  747.246479][T23663] netlink: 'syz.8.8167': attribute type 16 has an invalid length.
[  747.288907][T23663] netlink: 'syz.8.8167': attribute type 17 has an invalid length.
[  747.324973][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  747.357379][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  747.409126][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  747.525200][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  747.557702][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  747.575087][T23663] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  747.832740][   T22] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  747.910616][T23663] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  747.950929][T23657] loop4: detected capacity change from 0 to 32768
[  748.019715][T23657] ERROR: (device loop4): dbAlloc: the hint is outside the map
[  748.019715][T23657] 
[  748.040938][   T22] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  748.062906][   T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.083376][T23657] ialloc: diAlloc returned -5!
[  748.120742][   T22] usb 3-1: Product: syz
[  748.126232][   T22] usb 3-1: Manufacturer: syz
[  748.130889][   T22] usb 3-1: SerialNumber: syz
[  748.189093][   T22] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  748.274859][   T22] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  748.523481][    C1] usb 3-1: ath: unknown panic pattern!
[  748.767052][ T5941] usb 3-1: USB disconnect, device number 37
[  749.004317][T23690] binder: 23689:23690 ioctl c00c6211 0 returned -14
[  749.402790][   T22] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  749.416717][   T22] ath9k_htc: Failed to initialize the device
[  749.443159][ T5941] usb 3-1: ath9k_htc: USB layer deinitialized
[  749.544694][T23678] loop7: detected capacity change from 0 to 32768
[  749.592031][   T27] audit: type=1800 audit(978.559:208): pid=23678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8172" name="file1" dev="loop7" ino=4 res=0 errno=0
[  749.718157][T23706] loop8: detected capacity change from 0 to 1024
[  749.746523][T23706] EXT4-fs: inline encryption not supported
[  749.801119][T23706] EXT4-fs: Ignoring removed i_version option
[  749.840248][T23710] netlink: 'syz.4.8191': attribute type 29 has an invalid length.
[  749.873188][T23710] netlink: 'syz.4.8191': attribute type 29 has an invalid length.
[  749.929247][T23706] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 2: comm syz.8.8189: lblock 2 mapped to illegal pblock 2 (length 1)
[  750.005378][T23719] netlink: 'syz.4.8196': attribute type 27 has an invalid length.
[  750.071995][T23706] Quota error (device loop8): qtree_write_dquot: dquota write failed
[  750.120897][T23706] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 48: comm syz.8.8189: lblock 0 mapped to illegal pblock 48 (length 1)
[  750.132112][T23724] Timeout policy `syz1' can only be used by L3 protocol number 0
[  750.220223][T23706] Quota error (device loop8): v2_write_file_info: Can't write info structure
[  750.248014][T23706] EXT4-fs error (device loop8): ext4_acquire_dquot:6809: comm syz.8.8189: Failed to acquire dquot type 0
[  750.301700][T23706] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  750.365707][T23706] EXT4-fs error (device loop8): ext4_evict_inode:279: inode #11: comm syz.8.8189: mark_inode_dirty error
[  750.415616][T23706] EXT4-fs warning (device loop8): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  750.436523][T23706] EXT4-fs (loop8): 1 orphan inode deleted
[  750.442349][T23706] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  750.462845][    T9] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  750.498214][    T9] Quota error (device loop8): remove_tree: Can't read quota data block 1
[  750.523355][    T9] EXT4-fs error (device loop8): ext4_release_dquot:6845: comm kworker/u4:0: Failed to release dquot type 0
[  750.540835][T23730] netlink: 'syz.0.8200': attribute type 16 has an invalid length.
[  750.556033][T23706] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 1: comm syz.8.8189: lblock 1 mapped to illegal pblock 1 (length 1)
[  750.572734][T23730] netlink: 'syz.0.8200': attribute type 17 has an invalid length.
[  750.632151][T23706] Quota error (device loop8): find_next_id: Can't read quota tree block 1
[  750.649132][T23730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  750.673082][T23730] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  750.709624][T23730] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  750.960478][T23738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8205'.
[  751.156058][T23746] loop2: detected capacity change from 0 to 256
[  751.276652][T23722] syz.4.8197 (23722): drop_caches: 2
[  751.279044][T23741] overlayfs: conflicting options: userxattr,redirect_dir=on
[  751.293627][T12379] EXT4-fs (loop8): unmounting filesystem.
[  751.304488][T12379] EXT4-fs error (device loop8): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0
[  751.323503][T12379] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  751.333727][T23746] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  751.343215][T12379] EXT4-fs error (device loop8): ext4_quota_off:7115: inode #3: comm syz-executor: mark_inode_dirty error
[  751.609434][T23752] loop0: detected capacity change from 0 to 1024
[  751.873298][   T41] hfsplus: b-tree write err: -5, ino 4
[  752.693163][T23782] loop7: detected capacity change from 0 to 4096
[  752.947439][T23788] loop0: detected capacity change from 0 to 128
[  753.007019][T23758] loop8: detected capacity change from 0 to 32768
[  753.035373][T23758] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop8 scanned by syz.8.8214 (23758)
[  753.055334][T23788] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  753.116772][T23788] hpfs: filesystem error: improperly stopped
[  753.180882][T23788] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  753.208608][T23788] hpfs: You really don't want any checks? You are crazy...
[  753.209806][T23758] BTRFS info (device loop8): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  753.246797][T23788] hpfs: hpfs_map_sector(): read error
[  753.252260][T23788] hpfs: code page support is disabled
[  753.277990][T23758] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  753.308697][T23788] hpfs: hpfs_map_4sectors(): unaligned read
[  753.318341][T23790] loop2: detected capacity change from 0 to 4096
[  753.332753][T23788] hpfs: hpfs_map_4sectors(): unaligned read
[  753.338823][T23788] hpfs: filesystem error: unable to find root dir
[  753.346192][T23758] BTRFS info (device loop8): turning on flush-on-commit
[  753.356789][T23770] loop4: detected capacity change from 0 to 32768
[  753.372723][T23758] BTRFS info (device loop8): turning off barriers
[  753.380074][T23758] BTRFS info (device loop8): turning on sync discard
[  753.430791][T23770] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.8220 (23770)
[  753.458988][T23758] BTRFS info (device loop8): using free space tree
[  753.981776][T23792] syz.7.8231 (23792): drop_caches: 2
[  753.991500][T12379] BTRFS info (device loop8): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  754.016275][T23770] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  754.054060][T23770] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  754.106787][T23770] BTRFS info (device loop4): using free space tree
[  754.125322][T23812] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  754.142117][T23790] NILFS error (device loop2): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1
[  754.472732][T23790] Remounting filesystem read-only
[  754.611618][T23770] BTRFS info (device loop4): enabling ssd optimizations
[  754.622162][T23834] loop7: detected capacity change from 0 to 128
[  754.783200][T23834] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  754.834513][T23834] FAT-fs (loop7): Filesystem has been set read-only
[  754.906016][T23770] BTRFS info (device loop4): balance: start -susage=6,limit=3330..0
[  754.991004][T23770] BTRFS info (device loop4): balance: ended with status: 0
[  755.246824][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  755.253243][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  755.297484][T15387] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  755.341667][T23849] loop0: detected capacity change from 0 to 1764
[  755.567238][T23853] netlink: 'syz.2.8242': attribute type 9 has an invalid length.
[  755.849340][T23857] netlink: 'syz.2.8244': attribute type 29 has an invalid length.
[  755.874994][T23857] netlink: 'syz.2.8244': attribute type 29 has an invalid length.
[  755.927584][ T4780] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  755.973826][T23849] gfs2: Unexpected value for 'discard'
[  756.280744][T23865] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8248'.
[  756.582906][T23846] loop7: detected capacity change from 0 to 32768
[  756.818448][T23846] (syz.7.8237,23846,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  756.877782][T23846] (syz.7.8237,23846,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  757.064101][T23846] JBD2: Ignoring recovery information on journal
[  757.098745][T23860] syz.2.8245 (23860): drop_caches: 2
[  757.115839][T23846] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  757.144628][T23846] ocfs2: Unmounting device (7,7) on (node local)
[  757.314252][T23892] loop2: detected capacity change from 0 to 8
[  758.105303][T23916] loop0: detected capacity change from 0 to 2048
[  758.162641][T23916] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  758.220489][T23918] syz.8.8272 (23918): drop_caches: 2
[  758.711889][T23934] netlink: 'syz.2.8280': attribute type 7 has an invalid length.
[  758.770469][T23934] netlink: 'syz.2.8280': attribute type 8 has an invalid length.
[  759.118143][T23950] syz.0.8289 (23950): drop_caches: 2
[  759.275727][T23920] loop4: detected capacity change from 0 to 32768
[  759.333620][T23920] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.8273 (23920)
[  759.425713][T23920] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  759.452865][T23920] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  759.480256][T23920] BTRFS info (device loop4): disabling free space tree
[  759.492725][T23920] BTRFS info (device loop4): turning on flush-on-commit
[  759.552664][T23920] BTRFS info (device loop4): enabling auto defrag
[  759.576437][T23920] BTRFS info (device loop4): force clearing of disk cache
[  759.603343][T23920] BTRFS info (device loop4): setting nodatacow, compression disabled
[  759.653928][T23920] BTRFS info (device loop4): turning on async discard
[  759.852691][T23668] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  759.923855][T23986] loop0: detected capacity change from 0 to 256
[  759.931503][T23920] BTRFS info (device loop4): enabling ssd optimizations
[  760.052727][T23668] usb 3-1: Using ep0 maxpacket: 8
[  760.090022][T23668] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[  760.120452][T23941] loop8: detected capacity change from 0 to 32768
[  760.128766][T23668] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  760.181312][T23668] usb 3-1: config 0 has no interface number 0
[  760.201307][T23668] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0xA has an invalid bInterval 0, changing to 7
[  760.219637][T23668] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0
[  760.239968][T23668] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  760.249801][T23941] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  760.262798][T23668] usb 3-1: config 0 interface 52 has no altsetting 0
[  760.281161][T23668] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  760.290810][T23668] usb 3-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  760.299765][T23668] usb 3-1: Product: syz
[  760.304344][T23668] usb 3-1: Manufacturer: syz
[  760.309000][T23668] usb 3-1: SerialNumber: syz
[  760.329439][T23941] (syz.8.8284,23941,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=65, rec_len=16, name_len=1
[  760.345275][T23941] (syz.8.8284,23941,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  760.345323][T15387] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  760.354751][T23941] (syz.8.8284,23941,0):ocfs2_mknod:298 ERROR: status = -2
[  760.374408][T23668] usb 3-1: config 0 descriptor??
[  760.398903][T23994] syz.0.8301 (23994): drop_caches: 2
[  760.425340][T23941] (syz.8.8284,23941,0):ocfs2_mknod:502 ERROR: status = -2
[  760.479224][T23941] (syz.8.8284,23941,0):ocfs2_create:676 ERROR: status = -2
[  760.841038][   T22] usb 3-1: USB disconnect, device number 38
[  761.050919][T12379] ocfs2: Unmounting device (7,8) on (node local)
[  761.317761][T24012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8310'.
[  761.412865][   T22] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  761.529529][   T27] audit: type=1326 audit(990.499:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.7.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54de38f6c9 code=0x7ffc0000
[  761.606830][   T22] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  761.619456][T24022] loop0: detected capacity change from 0 to 128
[  761.625489][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  761.636188][   T27] audit: type=1326 audit(990.499:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.7.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54de38f6c9 code=0x7ffc0000
[  761.642899][   T22] usb 5-1: Product: syz
[  761.673611][T24022] EXT4-fs: Ignoring removed nomblk_io_submit option
[  761.680286][T24022] EXT4-fs: Ignoring removed nomblk_io_submit option
[  761.710796][   T27] audit: type=1326 audit(990.559:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.7.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f54de38f6c9 code=0x7ffc0000
[  761.724028][   T22] usb 5-1: Manufacturer: syz
[  761.749962][T24022] EXT4-fs (loop0): Test dummy encryption mode enabled
[  761.752981][   T22] usb 5-1: SerialNumber: syz
[  761.794923][   T22] usb 5-1: config 0 descriptor??
[  761.796737][T24022] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  761.816731][   T22] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  761.924329][   T27] audit: type=1326 audit(990.559:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.7.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54de38f6c9 code=0x7ffc0000
[  762.070704][   T27] audit: type=1326 audit(990.559:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.7.8312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54de38f6c9 code=0x7ffc0000
[  762.118524][T24038] loop8: detected capacity change from 0 to 1024
[  762.171549][   T27] audit: type=1326 audit(990.639:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24023 comm="syz.2.8315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  762.208122][   T22] gspca_sunplus: reg_w_riv err -71
[  762.213793][   T22] sunplus: probe of 5-1:0.0 failed with error -71
[  762.246722][   T22] usb 5-1: USB disconnect, device number 29
[  762.289570][   T27] audit: type=1326 audit(990.669:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24023 comm="syz.2.8315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  762.298207][T24042] netlink: 'syz.2.8322': attribute type 10 has an invalid length.
[  762.349871][   T11] hfsplus: b-tree write err: -5, ino 4
[  762.355872][   T27] audit: type=1326 audit(990.669:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24023 comm="syz.2.8315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  762.355917][   T27] audit: type=1326 audit(990.669:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24023 comm="syz.2.8315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ab8b8f6c9 code=0x7ffc0000
[  762.627590][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  763.226344][   T52] block nbd2: Attempted send on invalid socket
[  763.232822][   T52] I/O error, dev nbd2, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  763.332354][T24077] loop0: detected capacity change from 0 to 16
[  763.340980][T24077] erofs: (device loop0): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 142735)
[  763.440129][T24082] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  763.463453][ T4780] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  763.733847][T24090] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  763.769942][T24094] loop4: detected capacity change from 0 to 256
[  763.774538][T24092] vivid-000: disconnect
[  763.806785][T24091] vivid-000: reconnect
[  763.919320][T24094] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  764.546031][T24116] loop2: detected capacity change from 0 to 1024
[  764.556916][T24113] device wireguard0 entered promiscuous mode
[  764.557219][T24119] loop4: detected capacity change from 0 to 256
[  764.840066][ T7558] hfsplus: b-tree write err: -5, ino 4
[  764.979981][T24123] loop4: detected capacity change from 0 to 1024
[  765.134688][ T4357] hfsplus: b-tree write err: -5, ino 4
[  765.200938][T24096] loop7: detected capacity change from 0 to 32768
[  765.273901][T24096] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop7 scanned by syz.7.8347 (24096)
[  765.363857][T24096] BTRFS info (device loop7): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  765.387006][T24117] loop8: detected capacity change from 0 to 32768
[  765.400683][T24096] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[  765.460567][T24117] ocfs2: Slot 0 on device (7,8) was already allocated to this node!
[  765.469071][T24096] BTRFS info (device loop7): turning on flush-on-commit
[  765.553370][T24096] BTRFS info (device loop7): turning off barriers
[  765.559972][T24096] BTRFS info (device loop7): turning on sync discard
[  765.572775][T24138] netlink: 'syz.4.8366': attribute type 1 has an invalid length.
[  765.623725][T24117] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  765.632817][T24096] BTRFS info (device loop7): using free space tree
[  765.677333][T24138] netlink: 56 bytes leftover after parsing attributes in process `syz.4.8366'.
[  765.718227][T24117] (syz.8.8354,24117,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=9
[  765.735110][T24117] (syz.8.8354,24117,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  765.743958][T24117] (syz.8.8354,24117,1):ocfs2_mknod:298 ERROR: status = -2
[  765.752165][T24117] (syz.8.8354,24117,1):ocfs2_mknod:502 ERROR: status = -2
[  765.795463][T24153] loop2: detected capacity change from 0 to 128
[  765.839779][T24153] EXT4-fs: Ignoring removed nomblk_io_submit option
[  765.888914][T12379] ocfs2: Unmounting device (7,8) on (node local)
[  765.901737][T24153] EXT4-fs: Ignoring removed nomblk_io_submit option
[  765.992003][T24153] EXT4-fs (loop2): Test dummy encryption mode enabled
[  766.041239][T24153] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  766.352903][ T8114] BTRFS info (device loop7): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  766.731820][ T4780] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop7 scanned by udevd (4780)
[  767.197937][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  767.994457][T24224] netlink: 192 bytes leftover after parsing attributes in process `syz.0.8394'.
[  768.064632][T24228] netlink: 1 bytes leftover after parsing attributes in process `syz.2.8396'.
[  768.250988][T24235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8399'.
[  768.731900][T24256] loop7: detected capacity change from 0 to 1024
[  770.326995][T24273] loop4: detected capacity change from 0 to 32768
[  770.378163][T24314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8437'.
[  770.395261][T24273] JFS: metapage_get_blocks failed
[  770.400402][T24273] ERROR: (device loop4): release_metapage: write_one_page() failed
[  770.400402][T24273] 
[  770.412772][T24314] netlink: 'syz.0.8437': attribute type 2 has an invalid length.
[  770.489112][T24273] ERROR: (device loop4): remounting filesystem as read-only
[  770.560108][T24316] netlink: 'syz.7.8438': attribute type 2 has an invalid length.
[  770.672667][T24320] netlink: 'syz.0.8440': attribute type 1 has an invalid length.
[  770.695520][  T106] blkno = 8ed2c, nblocks = 1
[  770.700184][  T106] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map
[  770.700184][  T106] 
[  770.717641][T24320] netlink: 'syz.0.8440': attribute type 2 has an invalid length.
[  770.999655][T24304] loop8: detected capacity change from 0 to 32768
[  771.032289][T24304] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 scanned by syz.8.8432 (24304)
[  771.074327][T24304] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  771.091452][T24304] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  771.124494][T24304] BTRFS info (device loop8): using free space tree
[  771.532776][T24304] BTRFS info (device loop8): enabling ssd optimizations
[  771.630128][T24363] xt_TCPMSS: Only works on TCP SYN packets
[  771.704711][T24365] loop4: detected capacity change from 0 to 512
[  771.721240][T12379] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  771.775178][T24365] EXT4-fs (loop4): Test dummy encryption mode enabled
[  771.903739][T24365] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002]
[  771.911850][T24365] System zones: 1-12
[  772.003963][T24365] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.8442: Directory hole found for htree index block 0
[  772.036556][    C0] vkms_vblank_simulate: vblank timer overrun
[  772.081084][T24365] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[  772.150635][T24365] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.8442: Directory hole found for htree index block 0
[  772.233648][T24365] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  772.283176][T24365] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  772.352761][T24365] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  772.417420][   T27] audit: type=1400 audit(1001.389:218): apparmor="DENIED" operation="stack" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=24384 comm="syz.0.8463"
[  772.542052][T15387] EXT4-fs (loop4): unmounting filesystem.
[  772.653480][T24389] device ip6erspan0 entered promiscuous mode
[  772.906472][T24399] netlink: 256 bytes leftover after parsing attributes in process `syz.2.8469'.
[  773.125623][T24401] loop7: detected capacity change from 0 to 4096
[  773.236453][T24409] loop8: detected capacity change from 0 to 2048
[  773.311222][T24409] Alternate GPT is invalid, using primary GPT.
[  773.334062][T24409]  loop8: p1 p2 p3
[  773.856035][ T4780] udevd[4780]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  773.871667][ T4393] udevd[4393]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  773.874016][T24432] comedi comedi4: bad chanlist[0]=0x04400007 chan=7 range length=2
[  773.923372][ T4383] udevd[4383]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  773.926163][T24434] loop7: detected capacity change from 0 to 512
[  774.023461][T24434] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.8486: couldn't read orphan inode 26 (err -116)
[  774.123656][T24434] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  774.244719][ T8114] EXT4-fs (loop7): unmounting filesystem.
[  774.280171][T24446] loop0: detected capacity change from 0 to 128
[  774.350653][T24446] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  774.421755][T24446] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  774.453018][T24453] kAFS: No cell specified
[  774.499295][T24446] overlayfs: bad mount option "redirect_dir=follow:/"
[  775.334407][T24471] loop8: detected capacity change from 0 to 8192
[  775.367167][   T27] audit: type=1326 audit(1004.339:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24479 comm="syz.4.8508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  775.395214][T24471] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  775.409115][T24471] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal
[  775.419696][   T27] audit: type=1326 audit(1004.339:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24479 comm="syz.4.8508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab84d8f6c9 code=0x7ffc0000
[  775.448435][T24471] REISERFS (device loop8): using ordered data mode
[  775.455241][T24471] reiserfs: using flush barriers
[  775.469458][T24471] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  775.495776][T24471] REISERFS (device loop8): checking transaction log (loop8)
[  775.544607][T24471] REISERFS (device loop8): Using r5 hash to sort names
[  775.552110][T24471] REISERFS warning (device loop8): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  775.662618][T24471] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  775.795697][T24471] 
[  775.798109][T24471] ======================================================
[  775.805190][T24471] WARNING: possible circular locking dependency detected
[  775.812256][T24471] syzkaller #0 Not tainted
[  775.816690][T24471] ------------------------------------------------------
[  775.823896][T24471] syz.8.8503/24471 is trying to acquire lock:
[  775.829969][T24471] ffff8880553c5900 (&type->i_mutex_dir_key#24/3){+.+.}-{3:3}, at: open_xa_dir+0x11e/0x6f0
[  775.840056][T24471] 
[  775.840056][T24471] but task is already holding lock:
[  775.847478][T24471] ffff88807d787090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock_nested+0x5c/0xd0
[  775.857220][T24471] 
[  775.857220][T24471] which lock already depends on the new lock.
[  775.857220][T24471] 
[  775.867639][T24471] 
[  775.867639][T24471] the existing dependency chain (in reverse order) is:
[  775.876675][T24471] 
[  775.876675][T24471] -> #1 (&sbi->lock){+.+.}-{3:3}:
[  775.883914][T24471]        __mutex_lock+0x120/0xaf0
[  775.888966][T24471]        reiserfs_write_lock+0x75/0xd0
[  775.894446][T24471]        reiserfs_mkdir+0x30c/0x970
[  775.899676][T24471]        open_xa_dir+0x316/0x6f0
[  775.904644][T24471]        xattr_lookup+0x22/0x2a0
[  775.909627][T24471]        reiserfs_xattr_set_handle+0xf3/0xca0
[  775.915755][T24471]        reiserfs_xattr_set+0x435/0x550
[  775.921322][T24471]        __vfs_setxattr+0x3e0/0x420
[  775.926553][T24471]        __vfs_setxattr_noperm+0x129/0x5e0
[  775.932374][T24471]        vfs_setxattr+0x168/0x2f0
[  775.937422][T24471]        setxattr+0x2b2/0x2d0
[  775.942117][T24471]        path_setxattr+0x142/0x280
[  775.947249][T24471]        __x64_sys_lsetxattr+0xb4/0xd0
[  775.952730][T24471]        do_syscall_64+0x4c/0xa0
[  775.957951][T24471]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  775.964386][T24471] 
[  775.964386][T24471] -> #0 (&type->i_mutex_dir_key#24/3){+.+.}-{3:3}:
[  775.973102][T24471]        __lock_acquire+0x2cf8/0x7c50
[  775.978519][T24471]        lock_acquire+0x1b4/0x490
[  775.983618][T24471]        down_write_nested+0x39/0x60
[  775.988953][T24471]        open_xa_dir+0x11e/0x6f0
[  775.993912][T24471]        reiserfs_for_each_xattr+0x174/0x7b0
[  776.000036][T24471]        reiserfs_delete_xattrs+0x1c/0x80
[  776.005778][T24471]        reiserfs_evict_inode+0x22e/0x490
[  776.011519][T24471]        evict+0x485/0x870
[  776.015951][T24471]        reiserfs_new_inode+0x5c8/0x1860
[  776.021603][T24471]        reiserfs_symlink+0x4cf/0x770
[  776.027003][T24471]        vfs_symlink+0x247/0x3d0
[  776.031970][T24471]        do_symlinkat+0x1ae/0x3f0
[  776.037010][T24471]        __x64_sys_symlink+0x7a/0x90
[  776.042309][T24471]        do_syscall_64+0x4c/0xa0
[  776.047290][T24471]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  776.053746][T24471] 
[  776.053746][T24471] other info that might help us debug this:
[  776.053746][T24471] 
[  776.064004][T24471]  Possible unsafe locking scenario:
[  776.064004][T24471] 
[  776.071466][T24471]        CPU0                    CPU1
[  776.076837][T24471]        ----                    ----
[  776.082206][T24471]   lock(&sbi->lock);
[  776.086200][T24471]                                lock(&type->i_mutex_dir_key#24/3);
[  776.094203][T24471]                                lock(&sbi->lock);
[  776.100715][T24471]   lock(&type->i_mutex_dir_key#24/3);
[  776.106200][T24471] 
[  776.106200][T24471]  *** DEADLOCK ***
[  776.106200][T24471] 
[  776.114448][T24471] 3 locks held by syz.8.8503/24471:
[  776.119651][T24471]  #0: ffff888079616460 (sb_writers#32){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  776.128917][T24471]  #1: ffff8880553c5fa0 (&type->i_mutex_dir_key#24/1){+.+.}-{3:3}, at: filename_create+0x1f2/0x450
[  776.139669][T24471]  #2: ffff88807d787090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock_nested+0x5c/0xd0
[  776.149722][T24471] 
[  776.149722][T24471] stack backtrace:
[  776.155642][T24471] CPU: 1 PID: 24471 Comm: syz.8.8503 Not tainted syzkaller #0
[  776.163206][T24471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  776.173406][T24471] Call Trace:
[  776.176793][T24471]  <TASK>
[  776.180011][T24471]  dump_stack_lvl+0x168/0x22e
[  776.184728][T24471]  ? load_image+0x3b0/0x3b0
[  776.189292][T24471]  ? show_regs_print_info+0x12/0x12
[  776.194530][T24471]  ? print_circular_bug+0x12b/0x1a0
[  776.199760][T24471]  check_noncircular+0x274/0x310
[  776.204743][T24471]  ? add_chain_block+0x940/0x940
[  776.209723][T24471]  ? lockdep_lock+0xdc/0x1e0
[  776.214357][T24471]  ? __lock_acquire+0x28b5/0x7c50
[  776.219422][T24471]  ? _find_first_zero_bit+0xcf/0x100
[  776.224786][T24471]  __lock_acquire+0x2cf8/0x7c50
[  776.229709][T24471]  ? verify_lock_unused+0x140/0x140
[  776.236089][T24471]  ? hlock_conflict+0x59/0x1f0
[  776.241162][T24471]  lock_acquire+0x1b4/0x490
[  776.245703][T24471]  ? open_xa_dir+0x11e/0x6f0
[  776.250418][T24471]  ? __might_sleep+0xd0/0xd0
[  776.255064][T24471]  ? read_lock_is_recursive+0x10/0x10
[  776.260476][T24471]  down_write_nested+0x39/0x60
[  776.265434][T24471]  ? open_xa_dir+0x11e/0x6f0
[  776.270057][T24471]  open_xa_dir+0x11e/0x6f0
[  776.274502][T24471]  ? verify_lock_unused+0x140/0x140
[  776.279743][T24471]  ? listxattr_filler+0x3f0/0x3f0
[  776.284901][T24471]  ? truncate_inode_pages_range+0x34d/0xff0
[  776.290849][T24471]  reiserfs_for_each_xattr+0x174/0x7b0
[  776.296343][T24471]  ? mapping_evict_folio+0x520/0x520
[  776.301660][T24471]  ? reiserfs_for_each_xattr+0x7b0/0x7b0
[  776.307336][T24471]  ? reiserfs_delete_xattrs+0x80/0x80
[  776.312737][T24471]  ? reiserfs_xattr_init+0x720/0x720
[  776.318170][T24471]  ? dquot_initialize+0x20/0x20
[  776.323032][T24471]  ? __rwlock_init+0x140/0x140
[  776.327840][T24471]  reiserfs_delete_xattrs+0x1c/0x80
[  776.333086][T24471]  reiserfs_evict_inode+0x22e/0x490
[  776.338421][T24471]  ? entry_points_to_object+0x7d0/0x7d0
[  776.344051][T24471]  ? do_raw_spin_lock+0x11d/0x280
[  776.349210][T24471]  ? do_raw_spin_unlock+0x11d/0x230
[  776.354448][T24471]  ? entry_points_to_object+0x7d0/0x7d0
[  776.360907][T24471]  evict+0x485/0x870
[  776.365032][T24471]  ? __lock_acquire+0x7c50/0x7c50
[  776.370208][T24471]  ? proc_nr_inodes+0x2f0/0x2f0
[  776.375151][T24471]  ? do_raw_spin_unlock+0x11d/0x230
[  776.380490][T24471]  ? _raw_spin_unlock+0x24/0x40
[  776.385383][T24471]  ? iput+0x768/0x980
[  776.389393][T24471]  reiserfs_new_inode+0x5c8/0x1860
[  776.394601][T24471]  ? reiserfs_write_inode+0x2a0/0x2a0
[  776.400002][T24471]  ? do_journal_begin_r+0xdec/0x1040
[  776.405342][T24471]  ? journal_begin+0x1f1/0x350
[  776.410150][T24471]  reiserfs_symlink+0x4cf/0x770
[  776.415042][T24471]  ? reiserfs_unlink+0x6d0/0x6d0
[  776.420114][T24471]  ? generic_permission+0x292/0x510
[  776.425334][T24471]  ? open_xa_dir+0x6f0/0x6f0
[  776.429939][T24471]  ? inode_permission+0xef/0x480
[  776.434899][T24471]  ? bpf_lsm_inode_symlink+0x5/0x10
[  776.440112][T24471]  ? security_inode_symlink+0xb2/0x100
[  776.445590][T24471]  vfs_symlink+0x247/0x3d0
[  776.450026][T24471]  do_symlinkat+0x1ae/0x3f0
[  776.454550][T24471]  ? vfs_symlink+0x3d0/0x3d0
[  776.459158][T24471]  ? getname_flags+0x206/0x500
[  776.463946][T24471]  __x64_sys_symlink+0x7a/0x90
[  776.468740][T24471]  do_syscall_64+0x4c/0xa0
[  776.473211][T24471]  ? clear_bhb_loop+0x60/0xb0
[  776.477911][T24471]  ? clear_bhb_loop+0x60/0xb0
[  776.482607][T24471]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  776.488603][T24471] RIP: 0033:0x7fc8bd78f6c9
[  776.493126][T24471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.512755][T24471] RSP: 002b:00007fc8be683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  776.521185][T24471] RAX: ffffffffffffffda RBX: 00007fc8bd9e5fa0 RCX: 00007fc8bd78f6c9
[  776.529286][T24471] RDX: 0000000000000000 RSI: 0000200000000cc0 RDI: 000020000000a900
[  776.537278][T24471] RBP: 00007fc8bd811f91 R08: 0000000000000000 R09: 0000000000000000
[  776.545267][T24471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  776.553252][T24471] R13: 00007fc8bd9e6038 R14: 00007fc8bd9e5fa0 R15: 00007ffcaca8e738
[  776.561266][T24471]  </TASK>